The same things a national security letter could, and almost certainly did, demand from Groklaw.
(A) All emails
(B) All account information for every account
(C) IP-addresses and any other data on hand that can be used to track ever Slashdot user
(D) to install a surveillance box on the network to scan and log every packet of everyone who views Slashdot (regardless of whether they post)
The would probably also demand (E) to copy the entire database of all posts by every user and all other publicly available information. Category E is stuff anyone can get merely by scanning the site over the internet, but doubtless they'd take it because they can and because it saves them a lot of work trying to crawl the entire website themselves.
And based on what happened with TOR recently, and based on the available information on the Lavabit situation, it seems very possible the government has moved beyond "passive listening" and has moved into the realm of forcing active code onto websites to attack/subvert visitors' machines. As I understand it, Lavabit was set up in such a way that the Lavabit servers literally didn't have access to the information the government would need to access the mails... that the only way the government could obtain useful information would be to hijack the Lavasoft servers and use them to actively extract the required information from visitors.
Note that the government has already beenhacking into cellphones and car ONSTAR type systems to turn on the microphones an use them as "roving wiretaps". Those aren't even National Security Letter level stuff, those are court cases of regular law enforcement doing it.
So yeah, no big shocker if they're demanding websites host attack code to trace people who's true IP address is hidden behind TOR or a proxy or otherwise hard to trace.
-