If a company develops a new service, the government can use a "New Capability Order" exception to force the company to delay its reporting of orders for two years.
The second option lets companies report the total number of national security requests they received, including NSLs and FISA orders, within ranges of 250. That limit also applies to the total number of customer selectors targeted in FISA orders and NSLs, the letter said.
As a result of the agreement, Apple said it was re-reporting all the national security letters it has received, including FISA orders and NSLs, under the second option. For the first half of 2013, Apple received fewer than 250 national security orders.
Kevin Bankston, policy director of the New America Foundation's Open Technology Institute, an open-source software advocate, criticized the number ranges under which companies are allowed to disclose requests.
"Fuzzing the numbers into ranges of a thousand -- and even worse, lumping all of the different types of surveillance orders into a single number -- serves no national security purpose while making it impossible to effectively evaluate how those powers are being used," he said in a statement.