WebProNews

Tag: Transparency Report

  • Microsoft Releases Results of Independent Transparency Report

    Microsoft Releases Results of Independent Transparency Report

    Microsoft has released the results of an independent transparency report on the company’s handling of harassment and discrimination policies.

    Following a successful shareholder resolution, Microsoft’s board ordered an independent review of its harassment and discrimination policies, including how it handled allegations against Bill Gates. The firm that handled the review, ArentFox Schiff LLP, has completed its work, and Microsoft has released the results.

    The report shows that Microsoft does a good job overall in terms of its policies and procedures:

    Microsoft has robust policies, trainings, and complaint and investigation procedures addressing the issues of gender discrimination and sexual harassment, and has made meaningful efforts to make improvements in these areas during the period covered by this Project. Our review revealed that the Company strives to follow best practices in these areas, and espouses a dedication to continual improvement.

    Nonetheless, the firm did find areas where the company could improve, especially in handling cases sooner. The firm references the company’s so-called “golden boys,” a group of executives that seemingly were given a free pass on inappropriate behavior because they are viewed as some of the company’s most valuable executives.

    First, that there is and has been a perception among some employees that the Company tolerates and to some degree protects high performing senior executives who may be engaging in inappropriate conduct. Second, due to the volume of complaints against these Corporate Vice Presidents, there was at least a perception and a degree of evidence that they were engaging in inappropriate conduct toward female employees that could have been addressed earlier than it was. Third, although multiple people from HR, GER, ERIT, and WIT had knowledge of various allegations against these executives, it did not seem that any one of them had all of the knowledge of all of the allegations, which may have been useful in addressing the situation earlier. We have made some recommendations to address these observations below.

    Interestingly, the report did not shed any new light on the allegations against Gates, nor did it add anything to Microsoft’s own internal investigation. This would seem to support the findings and results of Microsoft’s original investigation.

    For its part, Microsoft has promised to implement the suggestions in the report in an effort to shore up the areas where it has fallen short:

    ArentFox has completed its work and has provided the Board with a report detailing its findings and recommendations. In addition, the Microsoft management team has prepared an implementation plan that addresses all the recommendations in the ArentFox report. In many cases, the recommendations build on and extend work already in progress. The Board has thoroughly reviewed the ArentFox report, and it has approved the specific actions in the implementation plan.

    “Cultivating a culture where everyone is empowered to do meaningful work and can thrive is our greatest responsibility at Microsoft,” said Satya Nadella, Chairman and CEO, Microsoft. “The Board of Directors has taken this investigation seriously and the resulting comprehensive report outlines important areas where we can continue to improve, as well as progress we’ve made. The Board of Directors and our senior leaders are fully committed to this implementation plan as we continually work to close the gap between our espoused culture and the lived experience of our employees.”

  • Yes, Your Google Hangouts Can Be Wiretapped

    Google encrypts your Hangouts conversations, but it doesn’t use end-to-end encryption. This means that Google can wiretap your Hangouts at the government’s request.

    That’s one big revelation from a recent reddit AMA with Richard Salgado, Google’s director for law enforcement and information security, and David Lieber, Google’s senior privacy policy counsel.

    The American Civil Liberties Union’s chief technologist Christopher Soghoian asked the Google reps why they’ve made a habit of dodging questions about Hangouts’ encryption, saying,

    “Hi. Google has repeatedly refused to acknowledge whether or not it is capable of wiretapping Hangouts for government agencies. In contrast, Apple’s FaceTime product uses end-to-end encryption and the company says it is not able to wiretap this service. Why has Google refused to be transparent about its ability to provide wiretaps for Hangouts? Given Google’s rather impressive track record regarding surveillance transparency, the total secrecy regarding the company’s surveillance capabilities for this product is quite unusual.”

    Google’s response (bolding ours)?

    “There are legal authorities that allow the government to wiretap communications. Google was the first company to disclose the number of wiretap orders it receives issued in criminal investigations. (There were a total of 7 wiretap orders in the first half of 2014, covering 9 accounts, for example). We also report requests made under national security authorities to the extent we are allowed by law. We want to be able to be much more granular about the number and nature of these demands, and think that’s important for people who use Google, policymakers and the public. Hangouts are encrypted in transit, and we’re continuing to extend and strengthen encryption across more services.”

    As reddit user reddit_poly put it, “this means that Hangouts are only encrypted on their way between your computer and Google’s servers. Once they arrive at Google’s end, Google has full access. In short, this is confirmation Google can wiretap Hangouts.”

    Google confirmed all of this to Vice:

    We asked Google to clarify, or elaborate, on Monday, and a spokesperson confirmed that Hangouts doesn’t use end-to-end encryption. That makes it technically possible for Google to wiretap conversations at the request of law enforcement agents, even when you turn on the “off the record” feature, which actually only prevents the chat conversations from appearing in your history—it doesn’t provide extra encryption or security.

    According to Google’s latest Transparency Report, the company received 25 wiretap requests from January 2013 to June 2014. Whether or not those had to do specifically with hangouts was not disclosed.

  • Twitter: Government Info Requests on the Rise, Up 40% Worldwide

    Twitter’s latest transparency report is out, and the numbers of governmental requests – both for user info and for content removal – are way up.

    According to Twitter, the company has seen a 40% increase in government requests for user info in the past six months, worldwide. The biggest increase comes in Russia, where Twitter say over 100 separate requests for user info after never having any. Requests from the Turkish government also surged – up 150%. In the US, requests spiked 29%.

    In terms of how often Twitter complied with said requests, it really depends on where they came from. Twitter didn’t comply once with a Russian or Turkish request, but complied 80% of the time when the request came from the US government – the highest compliance rate across the world, by far.

    Content removal request also rose, but in terms of compliance Twitter did not remove any of the content requested in the US – but did in countries like Russia, Turkey, and Brazil.

    “Providing this level of transparency is not without its complications and sometimes means we get tough questions and criticism about our decisions. However, this candid feedback helps us to be evermore thoughtful about our policies and decisions regarding content and compliance as we navigate complex, diverse legal regimes around the world. As more companies consider publishing or expanding their own reports, we strongly encourage them to join us and our peers at Google, Vimeo, WordPress and Wikimedia in publishing government removal demands. The global community deserves this level of transparency from its governments and its service providers,” says Twitter Senior Manager of Global Legal Policy Jeremy Kessel.

    You can check out the full report here.

    Image via Twitter, Transparency Report

  • Is The Right To Be Forgotten Dangerous?

    Google has released its latest Transparency Report, which as of earlier this year, now looks at URL removal requests from the highly-publicized Right to be Forgotten ruling in Europe. The inventor of the World Wide Web recently spoke out against the ruling, calling it dangerous. Meanwhile, the requests continue to roll in, and other parts of the world may start being affected.

    Do you agree that the Right to be Forgotten is a dangerous thing, or do you think it’s the right way for the Internet to work? Share your thoughts in the comments.

    Back in October, when Google first revealed its Right to be Forgotten removal request data in the Transparency report, it said it had evaluated 497,695 URLs for removal and received a total of 144,954 requests.

    The latest data has the numbers at 684,419 URLs evaluated and a total of 189,238 requests.

    On the Transparency Report site, Google also gives examples of requests it encounters. One involves a woman that requested Google remove a decades-old article about her husband’s murder, which included her name. The page has been removed for search results for her name.

    In another example, a financial professional in Switzerland asked Google to remove over 10 links to pages reporting on his arrest and conviction for financial crimes. Google did not remove pages from search results in those cases.

    A rape victim in Germany asked Google to remove a link to a newspaper article about the crime, which Google did in search results for the person’s name.

    According to the company, the sites that are most impacted by the URL removals are Facebook, ProfileEngine, YouTube, Badoo, Google Groups, Yasni.de, Wherevent.com, 192.com, yasni.fr, and yatedo.fr.

    One of the latest to speak out against the situation was none other than Tim Berners-Lee, the guy responsible for the World Wide Web. Via CNET:

    “This right to be forgotten — at the moment, it seems to be dangerous,” Berners-Lee said Wednesday, speaking here at the LeWeb conference. “The right to access history is important.”

    In a wide-ranging discussion at the conference, Berners-Lee said it’s appropriate that false information should be deleted. Information that’s true, though, is important for reasons of free speech and history, he said. A better approach to the challenge would be rules that protect people from inappropriate use of older information. An employer could be prohibited from taking into account a person’s juvenile crimes or minor crimes more than 10 years old, for example.

    The EU recently put forth some guidelines for the Right to be Forgotten, for search engines to work with, though they don’t go very far in terms of quelling the biggest concerns many have with the ruling, such as Berners-Lee’s.

    The Right to be Forgotten appears to be creeping out of Europe, and into other parts of the world. Consider this from earlier this month from Japan Times:

    Yes. In a possible first in Japan, the Tokyo District Court in October issued an injunction ordering Google to remove the titles and snippets to websites revealing the name of a man who claimed his privacy rights were violated due to articles hinting at past criminal activity.

    Tomohiro Kanda, who represented the man, said the judges clearly had the European court’s ruling in mind when they ordered Google to take down the site titles and snippets. Google has since deleted search results deemed by the court as infringing on the man’s privacy, Kanda said.

    But generally speaking, Japanese judges have yet to reach a consensus on how to balance the right to privacy and the freedom of expression and of information.

    Regulators in Europe have also been calling to have URLs removed from Google’s search engines worldwide rather than just from the European versions of Google.

    Are you concerned with the Right to be Forgotten? Let us know in the comments.

  • Google Gives New ‘Right To Be Forgotten’ Stats

    Google shared some new numbers related to the “right to be forgotten,” ruling, which has led to individuals requesting URL removals from search results. For all the background on that, peruse our coverage here.

    The stats appear on Google’s Transparency Report, where Google explains:

    In a May 2014 ruling, Google Spain v AEPD and Mario Costeja González, the Court of Justice of the European Union found that individuals have the right to ask search engines like Google to remove certain results about them. The court decided that search engines must assess each individual’s request for removal and that a search engine can only continue to display certain results where there is a public interest in doing so. For more information about our process and the data we’re providing here, please visit our FAQ.

    The company reveals it has evaluated 497,695 URLs for removal. It has received a total of 144,954 requests.

    Google also gives examples of requests it encounters. One involves a woman that requested Google remove a decades-old article about her husband’s murder, which included her name. The page has been removed for search results for her name.

    In another example, a financial professional in Switzerland asked Google to remove over 10 links to pages reporting on his arrest and conviction for financial crimes. Google did not remove pages from search results in those cases.

    A rape victim in Germany asked Google to remove a link to a newspaper article about the crime, which Google did in search results for the person’s name.

    According to the company, the sites that are most impacted by the URL removals are Facebook, ProfileEngine, YouTube, Badoo, Google Groups, Yasni.de, Wherevent.com, 192.com, yasni.fr, and yatedo.fr.

    Image via Google

  • Google: Government Demands For User Data Up 150% Over Past Five Years

    Google released its updated Transparency Report today. This is the tenth update, and shows the number of government demands the tech giant has received for user data in criminal investigations for the first half of the year.

    It also shows how such demands are growing in frequency.

    “Worldwide, the numbers continue to rise: excluding FISA and NSL demands, we’ve seen a 15% increase since the second half of last year, and a 150% jump since we first began publishing this data in 2009. In the U.S., those increases are 19% and 250%, respectively,” says Richard Salgado, Legal Director, Law Enforcement and Information Security for Google.

    “This increase in government demands comes against a backdrop of ongoing revelations about government surveillance programs,” he adds. “Despite these revelations, we have seen some countries expand their surveillance authorities in an attempt to reach service providers outside their borders. Others are considering similar measures. The efforts of the U.S. Department of Justice and other countries to improve diplomatic cooperation will help reduce the perceived need for these laws, but much more remains to be done.”

    Google also took the opportunity to urge Congress to pass legislation that would prevent the bulk collection of Internet metadata under various legal authorities. It would also let companies like Google be more transparent about volume and scope of the requests they receive. The company also urges them to update the Electronic Communications Privacy Act to make it clear that the government has to get a search warrant before seeking user data from service providers.

    You can see the Transparency Report here.

    Image via Google

  • Twitter Would Like to Be More Transparent, If They Could

    Twitter has just released their fifth-ever transparency report, and it shows that requests for user data, content removal, and copyright takedowns are all on the rise.

    But the main focus of Twitter’s announcement isn’t really the report itself – instead, Twitter takes a lot of care to express their unhappiness with the US government, specifically the Department of Justice and their rules on how and how much information about national security requests can be revealed to users.

    “As we alluded to in our last post, earlier this year we met with officials from the United States Department of Justice (DOJ) and the Federal Bureau of Investigation (FBI) in Washington to push for our ability to provide greater transparency concerning national security requests. Specifically, if the government will not allow us to publish the actual number of requests, we want the freedom to provide that information in much smaller ranges that will be more meaningful to Twitter’s users, and more in line with the relatively small number of non-national security information requests we receive,” says Twitter.

    Twitter references DOJ guidelines that limit how specific service providers can be when discussing national security requests with users. For instance, when reporting on the number of National Security Letters received, companies can only report in “bands of 1,000.” It’s the same for FISA requests. That’s why you’ll see some companies report these numbers as “we’ve received (0 – 999) requests of this nature.”

    Like Google, who began including the incredibly unspecific volume of national security requests in its Transparency Reports back in March of last year.

    Twitter, on the other hand, would rather not include this information at all if they are going to be handcuffed to such an extreme.

    “Unfortunately, we were not able to make any progress at this meeting, and we were not satisfied with the restrictions set forth by the DOJ. So in early April, we sent a draft midyear Transparency Report to DOJ that presented relevant information about national security requests, and asked the Department to return it to us, indicating which information (if any) is classified or otherwise cannot lawfully be published. At this point, over 90 days have passed, and we still have not received a reply.”

    And so, Twitter’s transparency report has no info on national security requests.

    What is does show is that worldwide, there has been a 46 percent increase in governmental user data requests, a 14 percent increase in content removal requests, and a 38 percent increase in copyright takedown requests.

    You can read the whole report here.

    Image via Thinkstock

  • Google To Include ‘Right To Be Forgotten’ Requests In Transparency Report

    The Court of Justice of the European Union recently ruled that Google and other search engines must take requests for search results to be deleted in what has become known as the “right to be forgotten”. Google then made a request tool available, and immediately started averaging about 10,000 requests per day.

    That number may dwindle a bit once the tool has been around for a while, but it’s clear that a lot of people aren’t happy with the search results that are out there about them, and intend to see these results removed from public view. Google and other search engines may ultimately not comply with such requests – they’ll be evaluated on a case-by-case basis – but we’ll at least get a good idea of what the numbers look like from time to time.

    The Guardian is reporting that Google intends to include the “right to be forgotten” requests in its bi-annual transparency reports, which have historically shown takedown request numbers related to government and copyright requests, as well as requests for information about users.

    The company describes its report as “data that sheds light on how laws and policies affect Internet users and the flow of information online.”

    The Guardian also reiterates that Google will likely alert users on search results pages when content has been removed. Josh Halliday reports:

    The search engine is considering placing an alert at the bottom of each page where it has removed links in the wake of the landmark “right to be forgotten” ruling last month.

    It is understood Google is planning to flag censored search results in a similar way to how it alerts users to takedown requests over copyright infringing material. For example, a Google search for “Adele MP3” shows that it has removed a number of results from that page after receiving complaints under the US Digital Millennium Copyright Act.

    Search reporter Danny Sullivan spoke to Google about its plans recently, and also said that Google would show users when content has been removed.

    Ironically, by doing so, Google will show users that the subject of their search has something to hide – something so bad that they’ve gone to great lengths to have that it removed from Google search results. In some cases, this could be just as damaging to the subject’s reputation as if the results were even there in the first place. At least if the results were there, the searcher would know what they were dealing with.

    More on how Google’s new tool works here.

    Image via Google

  • Google Adds Data on Unsafe Websites to Transparency Report

    Google is adding a new section to its online Transparency Report, which currently documents data requests from the government, content removal requests, and just recently, National Security Letter information.

    Starting now, Google will show information on malware and phishing attacks around the web. Google says that this info comes from their Safe Browsing program, which has been finding and flagging unsafe websites since 2006.

    Google’s new page in the Transparency Report on Safe Browsing displays a bunch of new graphs related to the volume of alerts, malware sites, phishing sites, and more. Specifically, users can now see how many users see browser warnings in a given week, how many unsafe websites (in the form of both malware and phishing) are detected by Google each week, how many sites hosting malware Google detects each week, and webmaster response time averages once they are informed of problems with their sites.

    “[I]n 2006 we started a Safe Browsing program to find and flag suspect websites. This means that when you are surfing the web, we can now warn you when a site is unsafe. We’re currently flagging up to 10,000 sites a day—and because we share this technology with other browsers there are about 1 billion users we can help keep safe,” says Google software engineer Lucas Ballard. “Sharing this information also aligns well with our Transparency Report, which already gives information about government requests for user data, government requests to remove content, and current disruptions to our services.”

  • Facebook Get Its Transparency Wish, Reports on National Security-Related Data Requests

    On the heels of the leaked documents detailing the National Security Agency’s secret internet surveillance initiative, PRISM, companies like Facebook, Google, Microsoft, and Apple were quick to deny any voluntary involvement in providing troves of user data to the U.S. government.

    Facebook and Google, most notably, went on the offensive – demanding the U.S. government that they be allowed more freedom to disclose the frequency and nature of the thousands of national security-related data requests that they receive every year.

    Less than a week ago, Facebook General Counsel Ted Ullyot had this to say in a statement:

    “We would welcome the opportunity to provide a transparency report that allows us to share with those who use Facebook around the world a complete picture of the government requests we receive, and how we respond. We urge the United States government to help make that possible by allowing companies to include information about the size and scope of national security requests we receive, and look forward to publishing a report that includes that information.”

    And now it appears that Facebook is getting their wish – sort of.

    Facebook has announced that, as a result of their discussions with federal agencies, they can now include aggregate numbers of national security-related requests in a transparency report (this includes National Security Letters and FISA). Aggregate – not specific. It’s the same deal that Google got when they began to publish info on National Security Letters back in March.

    So, here it is. Facebook’s first NSL/FISA request transparency report:

    For the six months ending December 31, 2012, the total number of user-data requests Facebook received from any and all government entities in the U.S. (including local, state, and federal, and including criminal and national security-related requests) – was between 9,000 and 10,000. These requests run the gamut – from things like a local sheriff trying to find a missing child, to a federal marshal tracking a fugitive, to a police department investigating an assault, to a national security official investigating a terrorist threat. The total number of Facebook user accounts for which data was requested pursuant to the entirety of those 9-10 thousand requests was between 18,000 and 19,000 accounts.

    That means that less than 0.002% of all monthly active Facebook users have had their accounts targeted by the government. As Facebook is happy to point out, this is a very, very small fraction.

    “We hope this helps put into perspective the numbers involved, and lays to rest some of the hyperbolic and false assertions in some recent press accounts about the frequency and scope of the data requests that we receive,” says Facebook General Counsel Ted Ullyot.

    Facebook didn’t say whether or not this transparency report will be a regular thing – possibly every 6 months (that’s the period of time they just revealed). But you can expect Facebook to at least continue to report the unspecific numbers on national security-related requests – which it’s hard to argue is anything other than a plus.

  • Google Asks the U.S. Government to Let Them Be More Transparent About National Security-Fueled Data Requests

    Google has sent a letter to Attorney General Eric Holder and FBI Director Mueller – one that they’ve just made public on their public policy blog. The letter asks the U.S. government to let Google publish the aggregate numbers of national security requests (including FISA disclosures) in the company’s Transparency Report – that’s the purpose of the letter. The purpose of making it public, on the other hand, is to further distance themselves from the controversy surrounding PRISM and the large-scale NSA surveillance initiative that was first unearthed earlier this week.

    Google, along with other high-profile tech companies like Apple, Facebook, and Microsoft, were associated with the recently-leaked PRISM documents, which appears to show some worrisome handholding between the companies and the U.S. government. Data-mining, surveillance – it’s all there. And the leaks indicate that Google et. all provided a backdoor into their data for the National Security Agency to walk right through.

    Google was quick to deny any involvement.

    “First, we have not joined any program that would give the U.S. government – or any other government – direct access to our servers. Indeed, the U.S. government does not have direct access or a ‘back door’ to the information stored in our data centers. We had not heard of a program called PRISM until yesterday,” said Google CEO Larry Page in a statement.

    Nice statement, and it mirrors one made by Facebook CEO Mark Zuckerberg. Basically, “we are learning about this at the same time you are.” Page’s blog post addressing the so-called PRISM program was notably titled “What the…?” But to its veracity? Well, only time will tell on that front.

    Anyway, Google is now going on the offensive in the fight to rid their name from the PRISM connection.

    “Assertions in the press that our compliance with these requests gives the U.S. government unfettered access to our users’ data are simply untrue. However, government nondisclosure obligations regarding the number of FISA national security requests that Google receives, as well as the number of accounts covered by those requests, fuel that speculation,” says Google’s Chief Legal Officer David Drummond in the new letter.

    To this end, Google wants to be able to give just a little bit more information in their Transparency Report – just a number pertaining to how FISA-backed requests they receive. Not the content or any specifics, just the aggregate totals.

    Here’s the letter to Holder and Mueller, in its entirety:

    Dear Attorney General Holder and Director Mueller

    Google has worked tremendously hard over the past fifteen years to earn our users’ trust. For example, we offer encryption across our services; we have hired some of the best security engineers in the world; and we have consistently pushed back on overly broad government requests for our users’ data.

    We have always made clear that we comply with valid legal requests. And last week, the Director of National Intelligence acknowledged that service providers have received Foreign Intelligence Surveillance Act (FISA) requests.

    Assertions in the press that our compliance with these requests gives the U.S. government unfettered access to our users’ data are simply untrue. However, government nondisclosure obligations regarding the number of FISA national security requests that Google receives, as well as the number of accounts covered by those requests, fuel that speculation.

    We therefore ask you to help make it possible for Google to publish in our Transparency Report aggregate numbers of national security requests, including FISA disclosures—in terms of both the number we receive and their scope. Google’s numbers would clearly show that our compliance with these requests falls far short of the claims being made. Google has nothing to hide.

    Google appreciates that you authorized the recent disclosure of general numbers for national security letters. There have been no adverse consequences arising from their publication, and in fact more companies are receiving your approval to do so as a result of Google’s initiative. Transparency here will likewise serve the public interest without harming national security.

    We will be making this letter public and await your response.

    David Drummond
    Chief Legal Officer

    This is Google going on the offensive. And it’s a big deal. It would force (at least in theory) the U.S. government to give up a bit of the secrecy associated with its data requests. Up until now, of course, that secrecy has been nearly absolute.

  • Twitter Launches New Transparency Report Home, Releases Second Report

    Twitter announced today that it is launching a new Transparency Report home page at transparency.twitter.com. The announcement comes on Data Privacy Day, and the week following the latest release of Google’s Transparency Report.

    Twitter first released a Transparency Report of its own last July, publishing six months of data. We should be seeing these regularly from here on out, but you can go to the new destination anytime.

    Twitter Launches Transparency Report site

    “In addition to publishing the second report, we’re also introducing more granular details regarding information requests from the United States, expanding the scope of the removal requests and copyright notices sections, and adding Twitter site accessibility data from our partners at Herdict,” says Twitter Legal Policy Manager Jeremy Kessel.

    “We believe the open exchange of information can have a positive global impact,” he adds. “To that end, it is vital for us (and other Internet services) to be transparent about government requests for user information and government requests to withhold content from the Internet; these growing inquiries can have a serious chilling effect on free expression – and real privacy implications.”

    Google, in addition to putting out its latest data last week, also addressed data privacy today, highlighting three initiatives that it is focusing on. More on all of that here. Meanwhile, the company is facing new legal action in the UK related to its privacy conduct.

    Additionally, Facebook has launched its “Ask Our CPO” (Chief Privacy Officer) initiative.

  • Google Outlines What It’s Doing To Protect Your Data From The Government

    With today being Data Privacy Day, Google took to several of its blogs to outline three initiatives it says it is focused on, related to privacy as it pertains to protection of consumers’ information and government requests. The company will continue to advocate for the updating of privacy laws, it will continue its curent process for handling government rquests, and it will continue to provide consumers with the info about government requests as it has been doing, but expanding upon what is actually available.

    “First, for several years we have advocated for updating laws like the U.S. Electronic Communications Privacy Act, so the same protections that apply to your personal documents that you keep in your home also apply to your email and online documents. We’ll continue this effort strongly in 2013 through our membership in the Digital Due Process coalition and other initiatives,” says Google SVP and Chief Legal Officer, David Drummond. “Second, we’ll continue our long-standing strict process for handling these kinds of requests. When government agencies ask for our users’ personal information—like what you provide when you sign up for a Google Account, or the contents of an email—our team does several things.”

    These include: scrutinizing requests to make sure they satisfy the law and Google’s policies, evaluating the scope of the request, notifying users about legal demands “when appropriate,” and requiring government agencies conducting criminal investigations to use a search warrant before Google will provide a user’s search query info and private content from Google accounts.

    Drummond elaborates on each of these things here.

    As part of the third initiative, Google has added a new section to its transparency report which answers a variety of questions users might have about the legal process.

    Last week, Google released the latest update to its Transparency Report, as it does every six months. More on what was included in that here. Hint: government requests for user data have been increasing in the U.S. and around the world.

  • Advocacy Groups Ask Skype To Release Transparency Report

    Skype was embroiled in a mini-controversy last year when reports came out claiming that Skype was spying on its users. The Microsoft-owned company hit back at the reports saying that it only hands over information when law enforcement “follows appropriate procedures.” That explanation, given in July of last year, was apparently not good enough for some advocacy groups.

    Reporters without Borders, The EFF, The Action Network and others have sent an open letter to Skype asking the company to clarify its position on the privacy of its users’ communications. The letter states that the service’s users “work in the face of persistently unclear and confusing statements about the confidentiality of Skype conversations, and in particular the access that governments and other third parties have to Skype user data and communications.”

    The advocacy groups pushing for more information are concerned that Skype launching on multiple platforms could have worrisome implications for more than just desktop users’ privacy. In fact, Skype will be replacing Windows Live Messenger soon, and it’s rumored to replace Xbox Live chat on the Xbox 360.

    The letter calls on Skype to release a transparency report that includes the following information:

    Quantitative data regarding the release of Skype user information to third parties, disaggregated by the country of origin of the request, including the number of requests made by governments, the type of data requested, the proportion of requests with which it complied — and the basis for rejecting those requests it does not comply with.

    Specific details of all user data Microsoft and Skype currently collects, and retention policies.

    Skype’s best understanding of what user data third-parties, including network providers or potential malicious attackers, may be able to intercept or retain.

    Documentation regarding the current operational relationship between Skype with TOM Online in China and other third-party licensed users of Skype technology, including Skype’s understanding of the surveillance and censorship capabilities that users may be subject to as a result of using these alternatives.

    Skype’s interpretation of its responsibilities under the Communications Assistance for Law Enforcement Act (CALEA), its policies related to the disclosure of call metadata in response to subpoenas and National Security Letters (NSLs), and more generally, the policies and guidelines for employees followed when Skype receives and responds to requests for user data from law enforcement and intelligence agencies in the United States and elsewhere.

    The letter’s demands aren’t that absurd. Google, Twitter and others already release frequent transparency reports that detail how much user information is requested from them by governments around the world. In fact, Google just released its latest transparency report that revealed government requests for data have increased yet again.

    It’s likely that government requests to Skype for user data have increased in the last year as well. It’s not unreasonable to ask for government requests for user data be made known. We should at least know how many requests are being made every six months. If anything, it will endear Skype to the public even more, and make Microsoft look like it cares about its users.

  • Government Requests for User Data Increase in the U.S., Around the World According to Google

    Every six months Google unveils a new Transparency Report, which contains the figures on government requests for user data. It also gives us a look into just how often Google is giving up the goods.

    Google has just released the new data.

    Since Google began the Transparency Report in 2009, government requests for user data have increased, without fail, for every single reporting period. Today, we officially learn that the period ending December 31st, 2012 is no different.

    Google reports 21,389 individual user data requests worldwide from July through December of last year. That’s up from 20,938 during the period of January through June of last year. As it stands, the last period’s requests are up 70% from when Google first began their Transparency Report.

    Worldwide, Google is producing at least some data per request in 66% of these cases. That’s down from 67% six months ago and down from 76% in December of 2010.

    When we look at the United States specifically, we see a similar trend. User data requests have increased for the sixth straight time, hitting 8,438 in the period ending December 31st, 2012. In the period ending June 2012, 7,969 requests were logged. Those 8,438 specific data requests covered 14,791 different user accounts.

    When Google made their first Transparency Report, 3,580 user data requests were reported.

    One number that is falling is the percentage of requests in which Google complies either fully or partially – but barely. Google report compliance in 88% of government data requests in the U.S., down from 90% during the last reporting session.

    With this Transparency Report, Google has implemented a mew metric. Now, you can break down the data requests based on the type of legal process that the government initiated – ECPA subpoenas, ECPA search warrants, and other.

    This time, 68% of user data requests came in the form of ECPA (Electronic Communications Privacy Act) subpoenas. Google says that these are easier to get because they don’t involve judges, and therefore are the most common. 22% of requests came in the form of ECPA search warrants, which are usually court-ordered. 10% fall into that “other” category,which Google describes as “mostly court orders issued under ECPA by judges or other processes that are difficult to categorize.”

    You may notice that this latest Transparency Report doesn’t include new data on content removals, although all previous reports have. “One last thing: You may have noticed that the latest Transparency Report doesn’t include new data on content removals. That’s because we’ve decided to release those numbers separately going forward. Stay tuned for that data,” says Google.

  • Google: Government Requests Continue To Increase Around The World

    Google just updated its transparency report, showing that government requests are on the rise. The new report looks at data about government requests from January to June.

    “This is the sixth time we’ve released this data, and one trend has become clear: Government surveillance is on the rise,” says Dorothy Chou, Senior Policy Analyst at Google. “Government demands for user data have increased steadily since we first launched the Transparency Report. In the first half of 2012, there were 20,938 inquiries from government entities around the world. Those requests were for information about 34,614 accounts.”

    Google Government requests increase

    “The number of government requests to remove content from our services was largely flat from 2009 to 2011,” she adds. “But it’s spiked in this reporting period. In the first half of 2012, there were 1,791 requests from government officials around the world to remove 17,746 pieces of content.”

    You can peruse all the specifics here. Requests are going up around the world.

    The report has new bar graphs in addition to the tables it had before. It has also been translated into 40 languages, and includes an expanded FAQ.

  • In Twitter’s First Transparency Report – Surprise! – U.S. Made Most User Info Requests

    Following Google’s habit to provide semi-annual transparency reports about government requests for user information and DMCA takedown requests, Twitter has released its first Transparency Report today that shows the statistics of all of the requests the micro-blogging company receives from copyright holders and governments, as well as whether or not Twitter complied with the requests.

    Just as Twitter is following Google’s lead in providing these transparency reports, another similar trend appearing in the two companies’ reports is that the United States government leads the way in number of requests submitted, filing nearly 80% of all requests that Twitter received. Twitter does one better than Google – for now, at least – in that it fulfilled fewer of those government requests than Google. Still, given that Google fulfilled 93% of user data requests from the U.S. government, it’d be difficult for Twitter to do worse. In the first six months of 2012, Twitter fulfilled nearly 75% of requests from the U.S., which is still frighteningly high amount of compliance.

    Twitter does make a note to point out that it received more government requests in the first half of 2012 than it received throughout the entire year of 2011.

    Twitter Transparency Report 2011

    Regardless Twitter’s compliance with every 3 out of 4 government requests, the fact that another major social media company is submitting these reports helps create accountability among all companies because it becomes easier to see which of them are selling out users and which of them actually care enough to protect its users. More, hopefully Twitter adding itself to the list of companies that provide transparency reports will add pressure to those that currently do not, like Apple, Microsoft, and Facebook.

    Anyways. Below are the statistics for court-ordered removal requests.

    Twitter Transparency Report 2012

    Finally, here is the breakdown of DMCA takedown requests Twitter received for the first six months of 2012 along with the site’s percentage of compliance for each month.

    Twitter Transparency Report 2012

    Twitter has already been providing details via Chilling Effects about DMCA requests the site receives to remove content on the grounds of copyright violations, but the new data from the Transparency Report helps create a clearer picture of how Twitter handles these requests.

    In addition to publishing its inaugural Transparency Report, Twitter also announced that it will be working with Herdict to keep tabs on internet filtering, denial of service attacks and other blockages throughout the world. The partnership will allow Twitter users to report to Herdict any instances of Twitter users being denied access to the site from anywhere around the world.

    In a recent analysis conducted by the Electronic Frontier Foundation that took a look at which companies were more likely to defend users against government requests for user information. Twitter claimed the second-highest score when it came to protecting user information, losing only half a star out of a possible four because it does not publish a transparency report. Given that Twitter has remedied that one short-coming, I presume that Twitter would now earn that missing half star and complete a perfect score. The only other company to score four full stars, Sonic.net, is an internet service provider, thus making Twitter perhaps the most pro-user privacy social media platform in the world.

  • Google Still Granting 93% of User Data Requests to U.S. Gov’t

    Google Still Granting 93% of User Data Requests to U.S. Gov’t

    Google released it’s semi-annual Transparency Report for July to December 2011 over the weekend and, as always, there are some revealing insights into how the company handles requests for both user data and content removal from different governments around the world.

    For starters, there were four new first-timers for content removal requests: Bolivia, Czech Republic, Jordan, and Ukraine. As Google continues its sprawl across the world, it’s becoming more accessible to larger populations and, as things go, this is about the average number of first-time requests from countries in each report. Beyond Google just becoming more available in other parts of the world, the internet itself is constantly growing in size, so the amount of removal requests and user data requests should be expected to increase commensurately, but within expectations. As you can see in the table compiled for the Transparency Report, the amount of URL removal requests that Google receives has increased steadily over the past year and a half but with a particularly high spike since March 2012.

    URL Removal Requests

    While more requests are expected as the company continues to grow, Google Senior Policy Analyst Dorothy Chou said in a blog post that the growing amount of government requests to remove political content has become a “troubling” trend. “It’s alarming not only because free expression is at risk, but because some of these requests come from countries you might not suspect—Western democracies not typically associated with censorship,” she said.

    Some of the countries Chou listed as examples, such as Spain and Poland, respectively submitted removal requests that linked to blogs and articles referencing public figures and links that were critical of a public institution. Google, she said, did not comply with either country’s requests.

    Merely perusing the interactive map that Google created to more easily see summaries of different countries included in the report, it’s not hard to identify some of additional Western governments that Chou may have been referring to.

    Google Transparency Report - UK

    Google Transparency Report - US

    Google Transparency Report - Germany

    Google Transparency Report - Brazil

    The report details some of the instances of removal requests from Western governments, some of which Google complied with and some it didn’t:

  • U.K.: We received a request from the UK’s Association of Police Officers to remove five user accounts that allegedly promoted terrorism. We terminated these accounts because they violated YouTube’s Community Guidelines, and as a result approximately 640 videos were removed.
  • U.S.: We received a request from a local law enforcement agency to remove 1,400 YouTube videos for alleged harassment. We did not comply with this request. Separately, we received a request from a different local law enforcement agency to remove five user accounts that allegedly contained threatening and/or harassing content. We terminated four of the accounts, which resulted in the removal of approximately 300 videos, but did not remove the remaining account with 54 videos.
  • Canada: We received a request from the Passport Canada office to remove a YouTube video of a Canadian citizen urinating on his passport and flushing it down the toilet. We did not comply with this request.

    • Hah. Really, Canada?

    The most startling figure in this report is the number of requests from the United States government for user data. 6,321 requests were submitted and, more troubling, Google complied with 93% of them. No other country was granted as much compliance and only one other country, Brazil, had a rate of compliance in the 90-100% range. While the percent with which Google has complied with requests from the U.S. government has remained consistent over the past three Transparency Reports, the number of requests filed by the government has increased significantly each time.

    Although Google continues to grant virtually every request for user data by the U.S. government, one stat that is more encouraging is the company’s compliance with content removal requests. This is one category in which Google appears to be holding its ground against undue attempts to limit the openness of the net. Over the past three years, which includes six different Transparency Reports, Google has gradually received more and more removal requests yet has complied with less of them. I could be wrong, but this would indicate that while the amount of requests has risen, Google’s maintained its same rubric for what content deserves to be removed and what content is permitted to stay. The increase of removal requests over just the last six months of 2011 is particularly stunning.

  • 1,421 requests to be removed July – Dec 2010, 87% compliance
  • 757 requests to be removed Jan – June 2011, 63% compliance
  • 6,192 requests to be removed July – Dec 2011, 42% compliance

    • From the first half of 2011 to the last half, Google received over an 800% increase in content removal requests from the U.S. government. Unreal. The bulk of these requests pertained to the nondescript “Other” with Google AdWords, “Privacy and Security” with YouTube content, and “Defamation” with Google Groups and Web Search.

    Google should be commended for even supplying the public with this Transparency Report, as its a practice that is not widely practiced among the upper echelon of tech companies. It’s also encouraging that Google appears to remain committed to fighting censorship on the web. However, Google doesn’t appear to be so resilient when it comes to user privacy as the company is almost guaranteed to comply with the government whenever the feds come knocking.

    The thing is, according to a recent report from the Electronic Frontier Foundation, Google is actually one of the better companies when it comes to supporting users’ data privacy in the face of government requests. For example, Apple, Microsoft, Verizon, and AT&T were rated much worse than Google in terms of defending your data privacy to the government. So if Google’s complying with this government this much and you think that’s bad, just imagine how much other companies are betraying you to government interests.

  • Does Microsoft Ignore Bing’s Results?

    Earlier this week, Google released their annual Transparency Report, which, among other things, focuses on the multitude of search engine result takedown requests they receive. Among the information contained within, there’s a list of the entities issuing these requests. The far and away leader of this group is a company called Marketly, and if you look at their list of requests, you’ll see that Microsoft is an important client of theirs.

    Considering Microsoft’s massive size, it makes sense for them to outsource this kind of work. Going after infringement via search engine results is surely a tedious job, the kind such delegation was made for. That’s all fine and good. The rub, however, comes when a takedown request is issued to Google, but the same result remains in the Bing search index.

    Mind you, Google heeded the request and removed the search result in question.

    With that in mind, when the company issuing the takedown request still has the result in its own search index, it comes off as negligent, incompetent, or hypocritical. The question is, which one applies to Microsoft Bing? The reason this question comes up is due to a discovery made by TechDirt, which finds the following takedown request for an Xbox game called DiRT 2 from a site called TorrentRoom.com. The URL in question is as follows:

    http://www.torrentroom.com/torrent/3664273-DiRT-2-XBOX-360-RF.html

    When a search is conducted in each engine, you’ll find the link has been removed from Google–the Chilling Effects report indicating as much–but, as of this post, it still remains in Bing:

    Google Result

    Bing Result

    As TechDirt points out, Google has taken criticism for how quickly it responds to takedown requests. Whether that’s valid or not, at least Google responds to such obvious copyright infringement in their search results. Perhaps Microsoft should turn Marketly loose on Bing’s search results as well.

    Or maybe Marketly could point this out to their clients, allowing Microsoft to remove the very result it’s asking Google to remove. Whatever the case, if you’re going to ask other search engines to get rid of content that infringes on your brand, perhaps you should check to make sure your search results are up to par, as well.

  • Google Gets Over a Million Takedown Requests Each Month

    Google’s yearly transparency report is available, and right away, they make one thing perfectly clear: They get and respond to over 1 million takedown requests on a monthly basis.

    Not only do they respond, but they apparently act. According to one of their many FAQs, Google removed “97% of search results specified in requests that we received between July and December 2011.” That means if your search result takedown request is legitimate–which, according to Google’s response rate, most are–Google will work in favor of the copyright that the takedown is trying to protect.

    While the takedown request data itself is interesting, a deeper look at what companies are responsible for them and what areas they come from on a global basis is even more so. First, the general request information screenshot:

    Takedown Requests

    As you can see, takedown requests are an active part of a Google Engineer’s life. A tweet from Matt Cutts confirms as much:

    Matt Cutts
    @mattcutts     New transparency about copyright removal requests: http://t.co/KNUtsyqN Google gets >250K requests each week.
    33 minutes ago via Tweet Button · powered by @socialditto
     Reply  · Retweet  · Favorite

    As for the agencies that use takedown requests the most, it reads like a who’s who of copyright protection organizations:

    Requests

    The following screenshot is for the top reporting organizations for the past month, and as you can see, the leader in terms of takedown requests is an agency called Marketly llc. According to their profile page, Marketly issues over 30,000 URL takedown requests a week, most, if not all of them for the Microsoft Corporation. It’s hard not to wonder how many “free” copies of Microsoft Office they’ve come across. Google also has a map of where these takedown requests initiate from, and let’s just say, our British friends–mainly BPI, aka, the British Recorded Music Industry–have been incredibly busy:

    Request Map

    So what does all this data mean? That search engines are not the best tool to use when looking to fileshare? Well, there’s definitely that, but it also means there are some diligent companies out there working hard to prevent this kind of web use. Of course, considering just how widespread piracy is, it seems as if their efforts are akin to using a peashooter to try and stop a herd of rampaging elephants.

    That being said, for those government officials and entertainment industry leaders who accuse Google of supporting piracy because of their anti-SOPA stance, here’s Google’s position plain English, courtesy of their blog post discussing their transparency report:

    Fighting online piracy is very important, and we don’t want our search results to direct people to materials that violate copyright laws. So we’ve always responded to copyright removal requests that meet the standards set out in the Digital Millennium Copyright Act (DMCA). At the same time, we want to be transparent about the process so that users and researchers alike understand what kinds of materials have been removed from our search results and why. To promote that transparency, we have long shared copies of copyright removal requests with Chilling Effects, a nonprofit organization that collects these notices from Internet users and companies. We also include a notice in our search results when items have been removed in response to copyright removal requests.

    So the next time you hear a grandstanding politician say something like “Google profits from piracy and the advertising pirates do,” be sure to smack them in the mouth. Actually, no. Don’t get thrown in jail due to someone else’s ignorance. Just keep the above blockquote in mind, and hell, maybe even send it to the offending party, along with the transparency report.