The Washington Post has an article about the USA PATRIOT Act case from Connecticut, now with details and a long discussion about National Security Letters. Please note the software angle in this article.
[The FBI] gave George Christian the letter, which warned him to tell no one, ever, what it said.
Under the shield and stars of the FBI crest, the letter directed Christian to surrender “all subscriber information, billing information and access logs of any person” who used a specific computer at a library branch some distance away. Christian, who manages digital records for three dozen Connecticut libraries, said in an affidavit that he configures his system for privacy. But the vendors of the software he operates said their databases can reveal the Web sites that visitors browse, the e-mail accounts they open and the books they borrow. [emphasis mine]
So you can configure a system to be as private as you can make it, but it may not be private enough.