May 2, 2014
Tech Firms Stand Against NSA, Call For Transparency In Data Requests
Enid Burns for redOrbit.com - Your Universe Online
Apple, Facebook, Microsoft and other tech firms are taking a stand against data requests from government agencies. The companies are hoping to provide more transparency by disclosing such requests from law enforcement and other government entities, the Washington Post reports."Major U.S. technology companies have largely ended the practice of quietly complying with investigators’ demands for e-mail records and other online data, saying that users have a right to know in advance when their information is targeted for government seizure," wrote Craig Timberg of the Washington Post.
Microsoft, among other firms, began a call to action on this practice last year in the midst of leaks containing information that the National Security Agency was conducting large-scale surveillance of online activities. The revelations came from documents revealed by government contractor Edward Snowden.
"The issue for the companies is that the NSA disclosures Snowden made drove customers, particularly those overseas away from the companies that were named. They want to be able to show that the NSA information requests aren't as massive as people believe. I'm not sure this will work though because there have been so many instances where comments like this from the US Government flatly stating hard limitations were later proven to be untrue. In short, this may now be too little and too late because the folks these firms want to convince won't now believe that the requests were more limited," Rob Enderle, principal analyst with Enderle Group told RedOrbit.
Tech firms continue to face requests for information of different degrees. For a number of requests by the US and other governments, Google already releases such information on a quarterly basis in its Google Transparency Report. The company reveals information requests from law enforcement and other agencies, as well as requests to take down information to conform to the policies of individual countries.
Other tech firms are looking to follow Google in some format, in their efforts to provide information to their users. Google notifications, within the Transparency Report, are often after the fact, but many companies are hoping to reveal such requests as they happen. Some argue that the policy, while it may protect some innocent people who are being targeted unjustly, will hamper ongoing investigations.
"This increasingly defiant industry stand is giving some of the tens of thousands of Americans whose Internet data gets swept into criminal investigations each year the opportunity to fight in court to prevent disclosures. Prosecutors, however, warn that tech companies may undermine cases by tipping off criminals, giving them time to destroy vital electronic evidence before it can be gathered," wrote Timberg.
The Justice Department issued a statement suggesting that disclosure would threaten investigations and put potential crime victims in greater peril, the Washington Post reports.
“These risks of endangering life, risking destruction of evidence, or allowing suspects to flee or intimidate witnesses are not merely hypothetical, but unfortunately routine,” department spokesman Peter Carr said in a statement to the Washington Post. The statement cites a case where early disclosure unduly put a cooperative witness at risk.
The stand against providing information to government agencies without disclosure might be an effort for some firms to gain recognition for their efforts.
According to CNET, a digital-rights organization is due to release a privacy scorecard that will harm reputations of companies that comply with government agencies without providing disclosure.
"The news comes as a digital-rights organization gets set to release an influential privacy scorecard, and as bad publicity still hangs in the air regarding potential cooperation between tech firms and the US National Security Agency," CNET reports.
While firms might regain credibility with the public, all data requests would not fall under disclosure if the companies get their way. "The customer notifications apparently wouldn't apply to requests made by the NSA, or requests involving national security letters -- administrative subpoenas -- issued by the FBI," wrote CNET staff, citing information from the Washington Post.
"The changing tech company policies do not affect data requests approved by the Foreign Intelligence Surveillance Court, which are automatically kept secret by law. National security letters, which are administrative subpoenas issued by the FBI for national security investigations, also carry binding gag orders," the Washington Posts' Timberg reports.
"Any request for personal information should fall under privacy laws and require a Warrant, that hasn't been the case with these electronic requests and typically a Warrant requires specific cause you aren't allowed as a law enforcement agency to just go fishing. All of this showcases that the US laws, and likely those in most other countries, are way behind in dealing with these electronic repositories," Enderle said. "The right way would be to step back from the problem, reset on the balance between privacy and security, and then update the law to reflect the new world we live in. I'm 100 percent certain that won't be the process that is followed."