Tech companies jockey to seem the most transparent
By Sam Gustin, Time
updated 11:33 AM EDT, Tue June 18, 2013
Fearful of a backlash over surveillance, Facebook, Google
and other tech companies deny giving the NSA access to their servers.
STORY HIGHLIGHTS
Big Internet companies are tripping over themselves to
bolster their public image
Apple, Facebook, Google and others deny giving the NSA
access to their servers
The tech companies have released aggregate numbers of
total U.S. data requests
But the disclosures skirt around the central issue of the
NSA-snooping controversy
(Time) -- Trust us, we're from Silicon Valley.
America's largest Internet companies are tripping over
themselves to bolster their public image following blockbuster disclosures
about their role in the U.S. government's controversial data-gathering program.
Ever since news reports suggested that major tech firms —
including Apple, Google, Facebook and Yahoo — provide the National Security
Agency (NSA) with unfettered or "direct" access to their servers, the
companies have been waging an aggressive campaign to demonstrate that they're
not government stooges.
Now, several of the top Silicon Valley firms are engaged
in a game of one-upmanship to show that they are the most transparent Internet
company on the block.
The initial reports about "direct access," as
part of a classified U.S. intelligence system called Prism, have turned out to
be wrong. But the Prism reports have highlighted long-standing privacy fears
about how the largest U.S. tech companies handle their vast troves of user
data. The Internet giants have come under scrutiny following reports that the
NSA uses Prism to examine data — including e-mails, videos and online chats —
that it collects via requests made under the Foreign Intelligence Surveillance Act
(FISA), one of the controversial laws at the heart of the current NSA-snooping
furor.
Following the Prism leak, which was supplied to the
Guardian and the Washington Post by whistle-blower Edward Snowden, Apple,
Google, Facebook and Yahoo all issued statements — in strikingly similar legal
language — denying that they give the NSA "direct" or unfettered
access to their computer servers.
But the companies apparently felt the need to go further
than those denials, and in recent days have engaged in a competition to
demonstrate their commitment to transparency.
Although Silicon Valley has roots in the U.S. military —
the Defense Advanced Research Projects Agency was central to the development of
the Internet — today's big tech companies are keen to demonstrate their
independence from the government and often display a libertarian streak.
Many engineers in Silicon Valley are sympathetic to
"hacker" culture. Above all, Silicon Valley tech titans are wary of
losing the trust of consumers, which could endanger their businesses. These
companies are no doubt well aware of the numerous more secure alternatives to
their services, some of which enable users to roam the Internet anonymously.
Google kicked off the transparency battle last week when
it asked U.S. Attorney General Eric Holder and FBI Director Robert Mueller for
permission to publish "aggregate numbers of national-security requests,
including FISA disclosures — in terms of both the number we receive and their
scope."
That request was noteworthy because it was the first time
Google had even acknowledged that it receives national-security FISA requests.
Facebook and Microsoft quickly followed suit with similar requests. A
Department of Justice spokesperson told TIME that the agency is in the process
of reviewing the request.
Then, over the weekend, Facebook, which unlike Google has
never published a transparency report, reached an agreement with the government
allowing it to disclose data on U.S. information requests. Facebook said that
for the six months ending Dec. 31, 2012, it received between 9,000 and 10,000
data requests, including criminal and national-security-related requests,
covering between 18,000 and 19,000 accounts.
"We're pleased that as a result of our discussions,
we can now include in a transparency report all U.S. national-security-related
requests (including FISA as well as National Security Letters) — which until
now no company has been permitted to do," Facebook general counsel Ted
Ullyot said in a not-so-subtle dig at the company's rivals.
Shortly thereafter, Microsoft released similar data,
indicating that the company received between 6,000 and 7,000 criminal and
national-security requests affecting between 31,000 and 32,000 consumer
accounts.
"This only impacts a tiny fraction of Microsoft's
global customer base," John Frank, Microsoft's deputy general counsel,
said in a blog post. "Transparency alone may not be enough to restore
public confidence, but it's a great place to start."
On Monday, Apple joined the party and announced that from
Dec. 1, 2012, to May 31, 2013, it received between 4,000 and 5,000 requests
from U.S. law enforcement for customer data related to between 9,000 and 10,000
accounts or devices, including both criminal investigations and
national-security "matters." Apple said it was releasing the data
"in the interest of transparency."
Yahoo followed late Monday, saying it received
"between 12,000 and 13,000 requests, inclusive of criminal, Foreign
Intelligence Surveillance Act (FISA), and other requests."
Here's the problem. According to the agreement Facebook,
Microsoft, Apple and Yahoo reached with the government, the companies were only
permitted to release aggregate numbers of total U.S. data requests. Crucially,
they were not permitted to separately break out the number of FISA requests.
For this reason, we don't know if they received 50 FISA
requests, 500 or 5,000. As a result, the disclosures, while laudable, skirt
around the central issue of the NSA-snooping controversy, which is the nature
and extent of the companies' participation in secret U.S. national-security
investigations.
"We believe the companies should be allowed to break
out specific numbers for FISA requests," said Amie Stepanovich, director
of the Domestic Surveillance Project at the Electronic Privacy Information
Center, a Washington-based public-interest organization. "These numbers
would provide nationwide transparency. We also believe that individual users
targeted under FISA should receive notice that they were subject to surveillance,
even after the fact, so they have the chance to contest the surveillance in
court."
For Google, which earlier this year was the first
Internet company to disclose requests made for National Security Letters (NSLs)
— a separate type of query than FISA requests — the arrangement struck by
Facebook, Microsoft, Apple and Yahoo was not satisfactory.
"We have always believed that it's important to
differentiate between different types of government requests," Google said
in a statement. "We already publish criminal requests separately from
National Security Letters. Lumping the two categories together would be a step
back for users. Our request to the government is clear: to be able to publish
aggregate numbers of national-security requests, including FISA disclosures,
separately."
Twitter, which was not named in the NSA leak as a
participant in the Prism program, quickly threw its support behind Google.
"We agree with Google," Benjamin Lee, Twitter's
legal director, said in a Twitter message. "It's important to be able to
publish numbers of national-security requests — including FISA disclosures —
separately."
Thus, the contours of the transparency battle were drawn.
On one side: Facebook, Microsoft and Apple. On the other, Google and Twitter.
For their part, Facebook, Microsoft and Yahoo said they
would continue to urge the government to allow them to be more specific about
national-security requests, including FISA requests. Facebook said it would
continue "to push for even more transparency, so that our users around the
world can understand how infrequently we are asked to provide user data on
national-security grounds." Microsoft said: "What we are permitted to
publish continues to fall short of what is needed to help the community
understand and debate these issues."
But only Google has thus far resisted striking a deal
with the government on the disclosure of data requests. On Monday, a Google
spokesperson told TIME that the company had no update on its negotiations with
the government concerning breaking out FISA requests.
© 2012 TIME, Inc. TIME is a registered trademark of Time
Inc. Used with permission.
Comments
Post a Comment