WebProNews

Tag: data requests

  • US Agencies Request the Most User Data From Big Tech, Apple Complies the Most

    US Agencies Request the Most User Data From Big Tech, Apple Complies the Most

    Americans concerned about their user data falling into the hands of foreign governments may want to look closer to home.

    According to new research by VPN provider SurfShark, the US government makes the most requests for user data from Big Tech companies than any other jurisdiction in the world. The company analyzed data requests to Apple, Google, Meta, and Microsoft by “government agencies of 177 countries between 2013 and 2021.”

    The US came in first with 2,451,077 account requests, more than four times the number of Germany, the number two country on the list. In fact, the US made more requests than all of Europe, including the UK, which collectively came in under 2 million.

    While the US and EU were responsible for a combined total of 60% of all data requests, the US “made 8 times more requests than the global average (87.9/100k).”

    The number of accounts being accessed is also growing, with a five-times increase in requests from 2013 to 2021. The US alone saw a 348% increase during the time frame, and the scope and purpose of the requests are expanding.

    “Besides requesting data from technology companies, authorities are now exploring more ways to monitor and tackle crime through online services. For instance, the EU is considering a regulation that would require internet service providers to detect, report, and remove abuse-related content,” says Gabriele Kaveckyte, Privacy Counsel at Surfshark. “On one hand, introducing such new measures could help solve serious criminal cases, but civil society organizations expressed their concerns of encouraging surveillance techniques which may later be used, for example, to track down political rivals.”

    The report also sheds light on which companies comply the most versus which ones push back against requests. For all of its privacy-oriented marketing — “what happens on your iPhone stays on your iPhone” — Apple complies with data requests more than any other company, handing it over 82% of the time.

    In contrast, Meta complies 72% of the time, and Google does 71% of the time. Microsoft, on the other hand, pushes back the most among Big Tech companies, only handing data over 68% of the time.

    The findings may also put a dent in US efforts to ban TikTok and other foreign apps under the guise of protecting user privacy and data.

  • Facebook Says Government Data Requests Up 24%

    It’s Election Day in the US, and Facebook is reminding everyone to vote with a giant banner at the top of the news feed which asks people to share the vote with friends. By the looks of my news feed, it’s working.

    The company has also chosen today to release its third-ever transparency report – which provides info on how many data and content removal requests it receives, as well as national security requests initiated through FISA. By law, Facebook can’t really say a lot about the latter – but as far as the former goes, things are up in a pretty big way.

    During the first half of 2014, government requests for data and content removal were up 24 percent and 19 percent, respectively, from the latter half of 2013.

    Facebook makes a point to say how they fight “overly broad requests”:

    “As we’ve said before, we scrutinize every government request we receive for legal sufficiency under our terms and the strict letter of the law, and push back hard when we find deficiencies or are served with overly broad requests.”

    The company also reminds people that it’s been busy fighting an unprecedented data grab – a set of “sweeping search warrants” issued by a New York court.

    Finally, Facebook talks legislation:

    “As such, we support recent efforts in the U.S. Senate to pass the USA FREEDOM Act, and we’re hopeful that Congress will update the Electronic Communications Privacy Act to codify our requirement of a warrant to compel disclosure of the stored contents of an account. We will continue to work on our own and with partners, such as the Reform Government Surveillance coalition, to protect the information of the people who use our services.”

    You can check out the full report here. And remember – go vote. It could have an impact on whether or not Facebook is required to give up more and more of your data.

    Image via Facebook

  • Facebook Fights ‘Unprecedented’ Data Grab

    Facebook says that they are currently fighting a “set of sweeping search warrants” in an effort to protect their users’ information – and so far it’s a fight that they’ve been losing.

    “Since last summer, we’ve been fighting hard against a set of sweeping search warrants issued by a court in New York that demanded we turn over nearly all data from the accounts of 381 people who use our service, including photos, private messages and other information. This unprecedented request is by far the largest we’ve ever received—by a magnitude of more than ten—and we have argued that it was unconstitutional from the start,” says Facebook Deputy General Counsel Chris Sonderby.

    “Of the 381 people whose accounts were the subject of these warrants, 62 were later charged in a disability fraud case. This means that no charges will be brought against more than 300 people whose data was sought by the government without prior notice to the people affected. The government also obtained gag orders that prohibited us from discussing this case and notifying any of the affected people until now.”

    According to the New York Times, the “sweeping warrants” came during the investigation into a fraud case involving retired police officers, firefighters, and other civil servants who’ve been charged with filing fake disability claims. The information obtained from Facebook was crucial to the investigation, as photos taken from the site showed “disabled” people, well, not acting very disabled.

    The Manhattan DA’s office says that multiple courts have already found Facebook’s protestations without merit.

    “This was a massive scheme involving as many as 1,000 people who defrauded the federal government of more than $400 million in benefits,” said a spokeswoman for the Manhattan DA Cyrus R. Vance Jr. “The defendants in this case repeatedly lied to the government about their mental, physical and social capabilities. Their Facebook accounts told a different story. A judge found there was probable cause to execute search warrants, and two courts have already found Facebook’s claims without merit.”

    That’s true, and Facebook said that they eventually complied with the data request only after they were denied in appeals court.

    But now, they’ve filed another in their “continuing efforts to invalidate these sweeping warrants and to force the government to return the data it has seized and retained.”

    This isn’t the first time that Facebook has pushed back against overbroad data requests. But this is the first time we’ve seen Facebook challenge the notion that they must comply with a warrant they deem in violation of their users’ Fourth Amendment rights.

    Facebook has always had a decent relationship with law enforcement – one that is cooperative enough to have been accused of being a bit too chummy. But in their latest fight, Facebook’s pretty clear that this sort of “overreaching legal request” goes way too far.

    “We believe search warrants for digital information should be specific and narrow in scope, just like warrants for physical evidence. These restrictions are critical to preventing overreaching legal requests and protecting people’s information,” says Sonderby.

  • Google Can Finally Publish FISA Request Numbers

    For a few years now, Google has been publishing a bi-annual transparency report to let us know how many times governments around the world have petitioned the company for user data. The reports were always missing a few things though – specifically National Security Letters and FISA request numbers. NSL numbers were finally published last year, and now Google can do the same with FISA requests.

    Google announced that it finally has permission to publish FISA request numbers from 2009 onwards. Unfortunately, the government has imposed a six month delay so we don’t have access to the numbers from July to December for last year. January to June and back, however, is a somewhat detailed look at the number of FISA requests Google receives from the government every six months.

    As you will see below, Google is forced to report numbers on a scale of 1,000. That means it can only let us know that it receives between 0 and 999 FISA requests every six months. We do get to see numbers for content and non-content requests which are arguably more interesting as the number of content requests skyrocketed to over 10,000 in the latter half of 2012.

    Google Can Finally Publish FISA Request Numbers

    Google reminds us that FISA requires them to hand over a users’ personal information and the content of their communications whenever the government comes knocking with a court order. That’s why the company feels it’s incredibly important to keep fighting for the right to publish precise numbers so it can let its users know exactly how many user data requests are made every six months. After all, there’s a pretty big difference between 0 and 999.

    To that end, Google is championing legislation in both the House and Senate – H.R. 3035 and S. 1621. Both would allow private entities to report the exact number of information requests they receive from the government. Unfortunately, both bills have only been referred to a committee thus far and it doesn’t look like either will be picked up anytime soon.

    Despite the above bills not having much chance, reform may come in the form of Sen. Patrick Leahy’s USA FREEDOM Act. It seeks to end the dragnet surveillance of Americans’ communications, reform the FISA court and more. Google may want to throw some weight behind Leahy’s bill as it’s the only surveillance-related bill currently floating around Congress that has any chance of passing.

    Image via Google

  • Facebook Releases Transparency Report, U.S. Government Made 12,000 Requests For Data

    When PRISM was leaked in early June, Facebook was one of the first companies citied in the report to deny any involvement with the program. The revelation did, however, push Facebook into asking the U.S. government for permission to publish government data request numbers. That wish was granted in mid-June, and now Facebook has published its very first transparency report.

    Facebook today published what it calls the “Global Government Requests Report.” In short, it’s a report detailing government requests for user data from all over the world. It lists the total requests for data by country as well as how many user accounts were requested in said country. It also reveals the percentage of requests where Facebook was required by law to hand over data.

    Before we get to the actual numbers, Facebook’s General Counsel, Colin Stretch, reiterates once again that the social network does not provide a back door into its network for the NSA or any other governmental body. Instead, it makes any government requesting jump through as many hoops as possible:

    As we have made clear in recent weeks, we have stringent processes in place to handle all government data requests. We believe this process protects the data of the people who use our service, and requires governments to meet a very high legal bar with each individual request in order to receive any information about any of our users. We scrutinize each request for legal sufficiency under our terms and the strict letter of the law, and require a detailed description of the legal and factual bases for each request. We fight many of these requests, pushing back when we find legal deficiencies and narrowing the scope of overly broad or vague requests. When we are required to comply with a particular request, we frequently share only basic user information, such as name.

    So, let’s check out the numbers, shall we? They cover the first six months of 2013, and cover pretty much every nation that Facebook operates in. As expected, the United States is number one with 11,000 to 12,000 data requests that impact 20,000 to 21,000 user accounts. Additionally, 79 percent of these requests end up with Facebook handing over some user data.

    What may be surprising to some, however, is that India came in second place with 3,245 requests for data impacting 4,144 user accounts. Only 50 percent of those requests ended up with Facebook handing over data though.

    Rounding out the top five is the United Kingdom in third place, Germany in fourth and Italy in fifth. Only other one country, France, sent over 1,000 data requests in the first six months of this year. The rest of the countries in the report, mostly eastern Europe and Southeast Asia, sent less than 100 requests.

    One thing you may have noticed is that only the United States data requests are published in aggregate form without a hard number to accompany it. Unfortunately, that’s the only way Facebook can publish the numbers for U.S. data requests as the government makes Facebook combine federal and local data requests in an aggregate number so that the public can’t see how many federal requests for data are actually being sent.

    You may recall that this aggregate requirement rubbed Google the wrong way in late June when it filed a complaint with the FISA court regarding its inability to publish more accurate data request numbers. In its filing, Google argued that it should be able to publish an aggregate figure of federal requests without having to lump in local law enforcement requests. Publishing aggregate figures of just federal requests wouldn’t have any impact on national security, but Google hasn’t made any progress with its complaint even after Microsoft filed its own complaint as well.

    Regardless, Facebook feels that publishing these numbers, even if they’re disingenuous, play an important role in the public debate concerning the NSA:

    We hope this report will be useful to our users in the ongoing debate about the proper standards for government requests for user information in official investigations. And while we view this compilation as an important first report – it will not be our last. In coming reports, we hope to be able to provide even more information about the requests we receive from law enforcement authorities.

    As we have said many times, we believe that while governments have an important responsibility to keep people safe, it is possible to do so while also being transparent. Government transparency and public safety are not mutually exclusive ideals. Each can exist simultaneously in free and open societies, and they help make us stronger. We strongly encourage all governments to provide greater transparency about their efforts aimed at keeping the public safe, and we will continue to be aggressive advocates for greater disclosure.

    That last paragraph is the most important point Stretch makes, and it’s something that we can only hope the U.S. government takes to heart in the coming months. Obama’s proposed NSA reforms promised transparency, but almost everything out of his administration thus far looks to sustain the status quo under a facade of transparency.

    [Image: Wikimedia Commons]

  • Google, Microsoft Find More Allies In Fight To Release Surveillance Data

    Google, Microsoft and other major tech companies work with the NSA whenever the agency wants details on a target. That much is known. What’s not known is the scope of these requests for data as any information related to them is placed under a gag order.

    While the government says that we can’t know the scope of these data requests, Google and Microsoft have started to fight back. Late last month, both companies filed arguments before the secret FISA court saying that they have a First Amendment right to publish the information. Now they have numerous new allies arguing in their favor.

    In an amicus brief filed on Monday, a coalition of civil liberties groups argue that Google and Microsoft do indeed have a First Amendment right to release information related to the number of data requests they receive from the NSA. The coalition, which includes the First Amendment Coalition, the ACLU, the Center for Democracy & Technology, the EFF and TechFreedom, says that these companies can release surveillance data without impacting national security:

    Google asserts that “no applicable law or regulation” bars it from making the disclosures it seeks to make. Amici also are not aware of any such bar but recognize that they have more limited information as to the procedures and rules applicable to the applications of the government and the rules of this Court and so do not address that issue as such. Instead, we aim(1) to highlight the fundamental First Amendment interests implicated by any rule, whatever its origin, that prohibits the disclosures that Google and Microsoft seek to make here; and (2) to emphasize the very heavy burden that the proponent of any such rule would have to sustain in light of the First Amendment’s requirements.Any rule precluding disclosure as to what a party itself is asked to do bears an extremely high burden of justification under broad principles protecting free expression even where the non-disclosure might be sought in service of national security. And those principles have, in fact, been applied in the closely related “National Security Letter” context to determine that even an explicit statutory prohibition on far more specific disclosures than those at issue here was un-constitutional. We write to put both these general principles and their specific application in this context before this Court. Amici believe that these First Amendment principles, when applied to the limited proposed disclosures—disclosures central to an ongoing national debate—argue strongly for the grant of the declaratory relief being sought.

    In making this argument, we are not insensitive to concerns for national security. But even those important concerns do not easily, let alone routinely, trump the First Amendment. See, e.g., United States v. Morison, 844 F.2d 1057, 1081 (4th Cir. 1988) (Wilkinson, J., concur-ring) (“The First Amendment interest in informed popular debate does not simply vanish at the invocation of the words ‘national security’”). As Judge Gurfein recognized many years ago in his ruling in the Pentagon Papers case, “[t]he security of the Nation is not at the ramparts alone[but] also lies in the value of our free institutions.” United States v. New York Times Co., 328 F.Supp. 324, 331 (S.D.N.Y. 1971).

    The “free institution” at risk here is nothing less than the guarantee of free expression contained in the First Amendment. The expression at issue on the present motions—speech by Google and Microsoft about their own conduct in responding to any government requests—is central to a significant political debate at the heart of self-government. It implicates the most fundamental First Amendment values and should yield only to a government interest of the highest order subjected to the most searching judicial inquiry. The government’s burden is a heavy one, as both broad principles of First Amendment law and narrower decisions issued in strikingly similar national security contexts make clear.

    In short, these civil liberty groups are pointing to previous cases in which the courts said that concerns over national security didn’t trump First Amendment rights to publish information that could have been viewed as detrimental to said national security. They also point out how ridiculous it is that the government won’t let these companies publish what amounts to a rough estimate of data requests instead of the hard numbers. The courts have already ruled in favor of publishing far more detailed reports regarding government activities (i.e. Pentagon Papers), so it shouldn’t be a problem to publish numbers that don’t really tell us anything.

    The most ridiculous part about all of this is that this shouldn’t even be a First Amendment issue, but rather a common sense issue. Google and Microsoft are only wanting to protect their reputation from accusations that they work hand-in-hand with the NSA to hand over data on all Americans. These companies can say they don’t until their PR folks are blue in the face, but it doesn’t change the fact that we have leaked, but ambiguous, documents that say they do. By publishing more accurate numbers, these companies can restore some of the trust it lost upon publication of the leaked documents.

    It’s not like the government doesn’t have anything to lose in this either though. By allowing these companies to publish aggregate data, the NSA can fight back against the public opinion that says it’s an agency lacking in oversight. You would think the government would want to reassure its people that its spy agencies aren’t running wild, but every action taken so far by the Obama administration have suggested the opposite.

    [h/t: The Hill]

  • AOL Is The Latest To Publish Data Request Numbers

    Earlier this week, Facebook, Yahoo and others came forward some ballpark figures on the amount of data requests it receives from the government. Now one more of the tech companies listed in the leaked PRISM documents has come forward with its own numbers.

    AOL, via its blog, published the following information regarding the amount of data requests it receives from the government:

    Over the six-month period from December 1, 2012, through May 31, 2013, AOL fielded in the range of 2000 to 3000 demands for user information from U.S. law enforcement at all levels, affecting in the range of 5000 to 6000 accounts. These demands for user information related to both criminal and national security matters and only impacted a tiny fraction of our users.

    As we have previously stated, AOL does not provide any government agency with access to our servers. Also, AOL has not received the types of untargeted requests for business records that others reportedly have received.

    AOL has only responded to lawful process relating to specific accounts. AOL scrutinizes each government inquiry to ensure strict compliance with legal obligations and rigorous protection of our users’ privacy. We guard against overreaching by law enforcement and against overproduction of information. We produce the narrowest amount of data that allows us to comply with our legal obligations.

    Like the companies before it, AOL is only allowed to publish a very broad number without getting into specifics. Even worse, federal government requests for data are lumped together with state and local law enforcements’ data requests. It’s not exactly transparent, but these companies are obviously going to take whatever they can get to restore at least a little bit of the trust that was lost in the wake of the NSA spy program revelations.

    In comparison, Google is taking the higher road by directly challenging the secret FISA courts that make it impossible for these companies to publish exact numbers. In a filing from yesterday, the search giant argued that it has a first amendment right to publish the information. It also said that it would not publish these broad data request numbers because “lumping national security requests together with criminal requests … would be a backward step for our users.”

    Unfortunately, Google will probably not win the right to publish exact data request numbers. It’s the inherent flaw in a system that keeps everything secret – including the court orders and opinions. The American people will not be able to know why such data requests numbers must be kept secret. Instead, our elected representatives will just continue to say it must be kept secret for a secret reason.

  • Yahoo Joins Others, Reports Data Request Numbers

    Like Facebook, Apple, Microsoft, and more, Yahoo is the latest tech company to release a transparency report in light of the recent allegations that they were involved in the NSA’s secret surveillance & data-mining initiative, PRISM.

    Yahoo reports between 12,000 and 13,000 individual requests in the past 6 months – those figures include national security requests as well as requests from law enforcement for Yahoo to aid in kidnappings, homicides, and other types of investigations.

    Here’s the short statement of “commitment to users’ privacy” that Marissa Mayer and General Counsel Ron Bell just issued:

    We’ve worked hard over the years to earn our users’ trust and we fight hard to preserve it.

    To that end, we are disclosing the total number of requests for user data that law enforcement agencies in the U.S. made to us between December 1, 2012 and May 31, 2013. During that time period, we received between 12,000 and 13,000 requests, inclusive of criminal, Foreign Intelligence Surveillance Act (FISA), and other requests. The most common of these requests concerned fraud, homicides, kidnappings, and other criminal investigations.

    Like all companies, Yahoo! cannot lawfully break out FISA request numbers at this time because those numbers are classified; however, we strongly urge the federal government to reconsider its stance on this issue.

    Democracy demands accountability. Recognizing the important role that Yahoo! can play in ensuring accountability, we will issue later this summer our first global law enforcement transparency report, which will cover the first half of the year. We will refresh this report with current statistics twice a year.

    As always, we will continually evaluate whether further actions can be taken to protect the privacy of our users and our ability to defend it. We appreciate – and do not take for granted—the trust you place in us.

    Like Facebook and Apple, Yahoo is simply letting us know the total number of governmental requests for user data it received – not the specific amount of national security-related requests. Those FISA requests are still classified. Of course, Yahoo joins Facebook and other is demanding that the federal government allows tech companies to reports specific figures on national security requests.

    Last week we learned that back in 2008, Yahoo fought the good fight but failed against PRISM. Redacted FISA documents reveal that Yahoo challenged the surveillance program, calling it a violation of users Fourth Amendment rights.

  • Apple Also Reveals How Often the Government Asks for User Data

    Apple has joined Facebook and Microsoft in revealing non-specific figures on governmental requests for user data following the PRISM leaks that have forced many tech companies to defend themselves against claims of playing fast and loose with user data.

    Apple’s statement, called a “Commitment to Customer Privacy,” once again denies any knowledgable participation in the NSA’s secret surveillance program and also shoots us the raw numbers for government requests:

    In the six-month period beginning December 1st, 2012 and ending on May 31st, 2013 Apple says that they received between 4,000 and 5,000 requests from U.S. law enforcement to access user data. This affected somewhere between 9,000 and 10,000 individual accounts. This includes both national security-related requests, as well as other types of law enforcement queries.

    For instance…

    “The most common form of request comes from police investigating robberies and other crimes, searching for missing children, trying to locate a patient with Alzheimer’s disease, or hoping to prevent a suicide,” says Apple.

    Inside the statement, Apple also revealed that they simply cannot decrypt data sent via iMessage or FaceTime:

    Apple has always placed a priority on protecting our customers’ personal data, and we don’t collect or maintain a mountain of personal details about our customers in the first place. There are certain categories of information which we do not provide to law enforcement or any other group because we choose not to retain it.

    For example, conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them. Apple cannot decrypt that data. Similarly, we do not store data related to customers’ location, Map searches or Siri requests in any identifiable form.

    We already knew that federal agencies were having a problem with Apple’s messaging products. Back in April a leaked document from the bowels of the DEA revealed just how hard of a time they were having in decrypting Apple’s iMessage data.

    Facebook also demanded the U.S. government to allow them more freedom in disclosing national security-related data requests, and they also got their wish. Facebook reported between 9,000 and 10,000 specific requests in the past 6 months. Microsoft also revealed their numbers – between 6,000 and 7,000 requests in the same period.

  • Facebook Get Its Transparency Wish, Reports on National Security-Related Data Requests

    On the heels of the leaked documents detailing the National Security Agency’s secret internet surveillance initiative, PRISM, companies like Facebook, Google, Microsoft, and Apple were quick to deny any voluntary involvement in providing troves of user data to the U.S. government.

    Facebook and Google, most notably, went on the offensive – demanding the U.S. government that they be allowed more freedom to disclose the frequency and nature of the thousands of national security-related data requests that they receive every year.

    Less than a week ago, Facebook General Counsel Ted Ullyot had this to say in a statement:

    “We would welcome the opportunity to provide a transparency report that allows us to share with those who use Facebook around the world a complete picture of the government requests we receive, and how we respond. We urge the United States government to help make that possible by allowing companies to include information about the size and scope of national security requests we receive, and look forward to publishing a report that includes that information.”

    And now it appears that Facebook is getting their wish – sort of.

    Facebook has announced that, as a result of their discussions with federal agencies, they can now include aggregate numbers of national security-related requests in a transparency report (this includes National Security Letters and FISA). Aggregate – not specific. It’s the same deal that Google got when they began to publish info on National Security Letters back in March.

    So, here it is. Facebook’s first NSL/FISA request transparency report:

    For the six months ending December 31, 2012, the total number of user-data requests Facebook received from any and all government entities in the U.S. (including local, state, and federal, and including criminal and national security-related requests) – was between 9,000 and 10,000. These requests run the gamut – from things like a local sheriff trying to find a missing child, to a federal marshal tracking a fugitive, to a police department investigating an assault, to a national security official investigating a terrorist threat. The total number of Facebook user accounts for which data was requested pursuant to the entirety of those 9-10 thousand requests was between 18,000 and 19,000 accounts.

    That means that less than 0.002% of all monthly active Facebook users have had their accounts targeted by the government. As Facebook is happy to point out, this is a very, very small fraction.

    “We hope this helps put into perspective the numbers involved, and lays to rest some of the hyperbolic and false assertions in some recent press accounts about the frequency and scope of the data requests that we receive,” says Facebook General Counsel Ted Ullyot.

    Facebook didn’t say whether or not this transparency report will be a regular thing – possibly every 6 months (that’s the period of time they just revealed). But you can expect Facebook to at least continue to report the unspecific numbers on national security-related requests – which it’s hard to argue is anything other than a plus.

  • Facebook, Like Google, Urges Transparency for National Security Data Requests

    Like Google, Facebook was quick to deny any involvement in the so-called “PRISM” program, which leaks indicated involved high-profile tech companies providing the National Security Agency a “backdoor” to all of their user data. And like Google, Facebook is now calling for more freedom to publish national security data requests they receive from the U.S. government.

    In a statement from Facebook General Counsel Ted Ullyot, the company urges the United States government to “allow companies to include information about the size and scope of national security requests.”

    Facebook says if such allowances were granted, they’d be happy to publish a transparency report.

    Here’s Ullyot’s full statement:

    As Mark said last week, we strongly encourage all governments to be much more transparent about all programs aimed at keeping the public safe. In the past, we have questioned the value of releasing a transparency report that, because of exactly these types of government restrictions on disclosure, is necessarily incomplete and therefore potentially misleading to users. We would welcome the opportunity to provide a transparency report that allows us to share with those who use Facebook around the world a complete picture of the government requests we receive, and how we respond. We urge the United States government to help make that possible by allowing companies to include information about the size and scope of national security requests we receive, and look forward to publishing a report that includes that information.

    As for what Mark said last week – the Facebook CEO was quick to deny any involvement in PRISM and called for all governments to be more transparent:

    I want to respond personally to the outrageous press reports about PRISM:

    Facebook is not and has never been part of any program to give the US or any other government direct access to our servers. We have never received a blanket request or court order from any government agency asking for information or metadata in bulk, like the one Verizon reportedly received. And if we did, we would fight it aggressively. We hadn’t even heard of PRISM before yesterday.

    When governments ask Facebook for data, we review each request carefully to make sure they always follow the correct processes and all applicable laws, and then only provide the information if is required by law. We will continue fighting aggressively to keep your information safe and secure.

    We strongly encourage all governments to be much more transparent about all programs aimed at keeping the public safe. It’s the only way to protect everyone’s civil liberties and create the safe and free society we all want over the long term.

    Yesterday, Google made public a letter they sent to Attorney General Eric Holder asking the U.S. government to let Google publish the aggregate numbers of national security requests (including FISA disclosures) in their Transparency Report.

    What we have here is both companies going on the offensive. It’s not enough to simply defend against allegations of playing fast and loose with user data – both Google and Facebook are demanding that the U.S. government let them tell users more about data requests.

  • Google Reports Rise in Government Removal Requests

    Google has released the data from July to December of last year inside their Transparency Report, and they’ve been busier than ever. Google says that they have received more governmental requests for content removal than ever before.

    “From July to December 2012, we received 2,285 government requests to remove 24,179 pieces of content—an increase from the 1,811 requests to remove 18,070 pieces of content that we received during the first half of 2012,” says Google Legal Director Susan Infantino.

    In the United States specifically, Google saw the highest level of content removal requests ever with 262 court orders and 59 from the government/police. Most of these requests had to do with defamation, mirroring global trends.

    User data requests in the U.S. were also on the rise in the time of July to December of last year, with a total of 8,438 individual requests covering 14,791 users. This is up nearly 500 from the last reporting period. Google says that they complied with 88% of these requests, which is actually lower than it has been in the past.

    Here’s Google’s breakdown of the last reporting period:

    • We received inquiries from 20 countries regarding YouTube videos that contain clips of the movie, “Innocence of Muslims”: Australia, Bangladesh, Brazil, Brunei, Djibouti, Egypt, India, Indonesia, Iran, Jordan, Lebanon, Maldives, Malaysia, Pakistan, Russia, Saudi Arabia, Singapore, Turkey, United Arab Emirates, and the United States. Australia, Egypt, and the United States requested that we review the videos to determine if they violated our Community Guidelines, which they did not. The other 17 countries requested that we remove the videos. We restricted videos from view in Indonesia, India, Jordan, Malaysia, Russia, Saudi Arabia, Singapore and Turkey. Due to difficult circumstances, we temporarily restricted videos from view in Egypt and Libya.
    • We received a request from a local government agency to remove a YouTube video that allegedly defamed a school administrator. We did not remove the video.
    • We received three separate requests from local law enforcement agencies to remove three YouTube videos that allegedly defamed police officers, public prosecutors or contained information about police investigations. We did not remove the videos.
    • In response to three court orders, we removed 771 items from Google Groups relating to a case of continuous defamation against a man and his family.
    • We received three different court orders from different individuals that were addressed to third parties, along with a request to remove 690 items from Google Groups, that allegedly contained defamatory statements. We asked for clarification but never received a reply.
    • We received three court orders from different individuals that were addressed to third parties, along with requests to remove 452 search results that linked to websites that allegedly contain defamatory content. We removed 70 search results that we determined to fall within the scope of the orders.
    • In response to a court order, we removed 119 search results that linked to websites allegedly hosting trademark infringing material.

    In March, Google began including National Security Letter requests in the Transparency Report. Today, Google says that they will start breaking down YouTube removal requests to specify whether Google removed the video due to violation of YouTube guidelines or violation of local laws.

    You can view the full Transparency Report here.

  • Google Now Includes National Security Requests in Its Transparency Report, But It’s Really Unspecific

    Google has added another metric to its Transparency Report so users can identify one more manner in which the government is requesting their information.

    Starting today, Google is now including data about National Security Letters on its U.S. Transparency Report.

    National Security Letters (NSL) are a form of a demand letter that are used by the U.S. Government (mostly the FBI) to extract information from an organization in the name of national security. The kind of info requested in NSLs includes stuff like transactions, phone numbers, and email addresses.

    In the period following 9/11, the FBI’s use of National Security Letters dramatically increased with the implementation of the Patriot Act.

    The thing about NSLs is that they also come complete with a gag order (most of the time), so the companies who received the letter can’t discuss it with the users whose information has been requested. For the Transparency Report, Google has worked with the FBI to loosen this secrecy – ever so slightly.

    The first thing that you’ll notice when looking at the new NSL stats is that they are unspecific – to a ridiculous degree. For instance, Google is only reporting the number of NSLs received in batches of 1,000. That means that every year on record (2009-present) has logged between 0 and 999 NSLs.

    “You’ll notice that we’re reporting numerical ranges rather than exact numbers. This is to address concerns raised by the FBI, Justice Department and other agencies that releasing exact numbers might reveal information about investigations. We plan to update these figures annually,” says Google.

    I guess something is better than nothing. Still, it’s a good step forward for the Google Transparency Report.

  • SLAYER, BASSHOLE, LOLWTF, and Other Banned Vanity Plates

    Well this is just hilarious.

    Government Attic has been hard at work open-records-requesting states across our great country to divulge their lists of banned license plates.

    And it’s just as much fun as you would imagine.

    Many states have caught on to you kids and your internetting. In Arizona, you can’t get a vanity plate that reads “LOLWTF.” Also prohibited – ROFLMAO.

    If you look deeper into the data request for Arizona, let’s say, you find their general rules and regulation regarding what’s prohibited. Terms that connote breast, genitalia, buttocks, sexual functions, and eliminatory functions are banned – to nobody’s surprise. But banning a term for “superiority” is kind of strange. I guess that’s why you can’t register the plate “ALEXFU,” even if Alex deserved it.

    You also can’t call yourself a “BADBICH” or a “BAMF.” You can’t even call yourself the “BESTLAY.”

    Some of the banned plate tags are perplexing, others are just damn funny.

    We’re looking at you, “BLZDEEP.”

    You can check out each state here or download a huge PDF with all the banned plates for about 20 states here.

    [via BoingBoing]
    [Photo via Miss Shari, Flickr]

  • Government Requests for User Data Increase in the U.S., Around the World According to Google

    Every six months Google unveils a new Transparency Report, which contains the figures on government requests for user data. It also gives us a look into just how often Google is giving up the goods.

    Google has just released the new data.

    Since Google began the Transparency Report in 2009, government requests for user data have increased, without fail, for every single reporting period. Today, we officially learn that the period ending December 31st, 2012 is no different.

    Google reports 21,389 individual user data requests worldwide from July through December of last year. That’s up from 20,938 during the period of January through June of last year. As it stands, the last period’s requests are up 70% from when Google first began their Transparency Report.

    Worldwide, Google is producing at least some data per request in 66% of these cases. That’s down from 67% six months ago and down from 76% in December of 2010.

    When we look at the United States specifically, we see a similar trend. User data requests have increased for the sixth straight time, hitting 8,438 in the period ending December 31st, 2012. In the period ending June 2012, 7,969 requests were logged. Those 8,438 specific data requests covered 14,791 different user accounts.

    When Google made their first Transparency Report, 3,580 user data requests were reported.

    One number that is falling is the percentage of requests in which Google complies either fully or partially – but barely. Google report compliance in 88% of government data requests in the U.S., down from 90% during the last reporting session.

    With this Transparency Report, Google has implemented a mew metric. Now, you can break down the data requests based on the type of legal process that the government initiated – ECPA subpoenas, ECPA search warrants, and other.

    This time, 68% of user data requests came in the form of ECPA (Electronic Communications Privacy Act) subpoenas. Google says that these are easier to get because they don’t involve judges, and therefore are the most common. 22% of requests came in the form of ECPA search warrants, which are usually court-ordered. 10% fall into that “other” category,which Google describes as “mostly court orders issued under ECPA by judges or other processes that are difficult to categorize.”

    You may notice that this latest Transparency Report doesn’t include new data on content removals, although all previous reports have. “One last thing: You may have noticed that the latest Transparency Report doesn’t include new data on content removals. That’s because we’ve decided to release those numbers separately going forward. Stay tuned for that data,” says Google.