Facebook, LinkedIn, Yahoo, Google, and Microsoft have all released new data about the national security requests they’ve received. Under new rules from the US government, each company is now allowed to provide how many requests for member data it’s received, the number of accounts impacted, and the percentage that they respond to.
With regards to Facebook, it says that within the last six months of 2012, only a “small fraction” of one percent of its users were the target of any government data requests, national security-related or otherwise. In the first half of 2013, the company again said that the total volume of requests was a small fraction of one percent.
In LinkedIn’s case, it has updated its transparency report to indicate that for the first six months of 2013, the professional social network company received “between 0 and 249” national security-related requests.
Microsoft says that during the same time period, it received “fewer than 1,000” FISA orders that sought the disclosure of customer content, which related to between 15,000 and 15,999 accounts. It stresses that this doesn’t necessarily mean more than 15,000 accounts were covered by the government requests though. Additionally, the company received fewer than 1,000 FISA orders for non-content data only, requesting information relating to fewer than 1,000 accounts. Lastly, Microsoft states it has received fewer than 1,000 National Security Letters covering fewer than 1,000 accounts.
Yahoo has also updated the global transparency report it launched back in 2013, showing that the number of accounts requested by governments amounted to less than “one one-hundredth of one percent” of its worldwide user base for the reporting period.
Not to be outdone, Google has also released its own data that shows that it has received less than 1,000 requests for national security or content from governments from January 2009 to June 2013. It has published the complete table below showing a breakdown of requests and the number of users and accounts affected.
Brad Smith, Microsoft’s general counsel and executive vice president for legal and corporate affairs, says that the US government has agreed to allow companies to share this information, but only that it can be reported “in bands of a thousand”. What’s more, while the aggregate FISA data covers a six month period, it can only be published six months after the reporting period.
Last year, after former NSA contractor Edward Snowden published details about the US agency’s surveillance program “Prism”, tech companies immediately went on the defensive to deny accusations that they had provided server access to the government. Some went to court to get the government’s permission to help release some data to help them become more transparent, but were denied.
However, last week, President Obama’s administration decided to relax some rules as it seeks to reform the way it conducts surveillance around the world. Naturally, because of this action, lawsuits from Google, Microsoft, Yahoo, and Facebook have been dropped, but comes with a stipulation: tech companies are prohibited from revealing information about government requests for two years.
US Attorney General Eric Holder and Director of National Intelligence James Clapper said at the time: “Permitting disclosure of this aggregate data addresses an important area of concern to communications providers and the public.” However, not everyone shares in the sentiment — the New York Times says privacy advocates fear this new rule will prevent the public from knowing if their government is spying on an email platform or chat service.
All of the companies have said they will be updating their transparency reports every six months so the public is aware of any government activity on its servers, but that it will also comply with the NSA rules that restrict when specific data can be revealed.
Photo credit: NSA via Getty Images