A federal judge ruled unconstitutional on Friday a national security law that allows the federal government to seize customer information from companies without a warrant.

Judge Susan Illston ruled that National Security Letters (NSLs) violate the First Amendment and “suffer from significant constitutional infirmities.” The government has used NSLs to collect consumer information for decades, but the 2001 passage of the USA Patriot Act significantly increased their scope.

The letters allow government agencies, namely the Federal Bureau of Investigation (FBI) to collect customer information from companies that provide communications services—including Internet service providers, phone companies and financial institutions. The letters also come with gag letters that prevent the companies from telling users that their information has been disclosed.

The case before Judge Illston involved an unnamed telecommunications company represented by the Electronic Frontier Foundation. Her ruling focused largely on the gag orders, which she said run afoul of the First Amendment. Illston also held that NSL provisions violate separation of powers because they limit judicial review by “dictating an impermissibly restrictive standard of review for courts adjudicating challenges to nondisclosure orders.”

“The government has a strong argument that allowing the government to prohibit recipients of NSL’s from disclosing the specific information sought in NSL’s to either the targets or the public is generally necessary to serve national security in ongoing investigations,” Illston wrote. “However, the government has not shown that it is generally necessary to prohibit recipients from disclosing the mere fact of their receipt of NSLs.”

The ruling orders the FBI to stop issuing NSLs and to stop enforcing previously issued gag orders, although Illston did stay enforcement of her decision for 90 days to allow the government to appeal.

Read more at Thomson Reuters.

For more InsideCounsel coverage of consumer privacy issues, see:

EU regulators warn of mobile app privacy concerns

Prepare for the coming of the privacy police

Google under fire for app store privacy policy

Obama signs executive order on cybersecurity

Technology: 4 practical tips for improving critical infrastructure cybersecurity