Following six months of sensational stories emanating from the Snowden-leaked files from the NSA, privacy professionals are taking stock. Recently, we have heard from the president on the subject of the needed balance between privacy and security, and needed reforms. And we have seen the report of the President’s Review Group on Intelligence and Communications Technologies and the report of the Privacy and Civil Liberties Oversight Board.
And yesterday, the Justice Department announced that Google, Yahoo, Facebook, Microsoft and LinkedIn have agreed to withdraw motions demanding that they be allowed to release more information in their transparency reports designed to reflect law enforcement and national security takedown requests and requests for access to personal data in their custody. The Department of Justice announced that it is working to “allow more detailed disclosures about the number of national security orders and requests issued to communications providers.”
Skeptics immediately appeared to question the granularity and timeliness of the now-allowed disclosures. The online journal The Verge had a headline “Department of Justice announces new gag-order deal with Google, Facebook, Microsoft and Apple.”
But as described by The Guardian newspaper, the outlet for the Snowden leaks, “the deal also purports to shed far more light than ever on a question the intelligence agencies have been extremely reluctant to address – the number of people affected by NSA surveillance.”
Presumably, the online companies fought hard for greater transparency precisely because the numbers show a limited number of national security requests (relative to the huge volume of data flowing through their networks). Reports of limited national security access are likely, in part, to assuage concerns over massive government surveillance. More and more companies are likely to issue transparency reports, just as we have seen reports for the first time this year from companies like Verizon.
Hogan Lovells recently released a whitepaper examining the "transparency reports" published by Google, Microsoft, Skype, Twitter and LinkedIn concerning law enforcement requests for data in multiple countries, concluding that when the numbers are adjusted for population sizes and the number of Internet users in each respective country, they reveal that the U.S. government requests information from these providers at a rate comparable to — and sometimes lower than — that of several other countries, including many EU member states.
When the per-capita and per-Internet-user data requests for Google, Microsoft, Skype, Twitter and LinkedIn were combined for 2012, the newest whitepaper shows that the U.S. government requests totaled approximately 96 per capita and 119 per Internet user in 2012, compared to values over twice as high for Taiwan, the UK and Hong Kong, and greater values for France, Australia and Germany.
In 2012 it was reported that the rate at which European governments seek access to private data is at an “all-time high, having increased more than the rate of U.S. government requests during the same period." While there is no comparison of governments' national security requests for data, it is important to note that there is a growing consensus for amendment of the Electronic Communications Privacy Act to expand the warrant requirement in the U.S.
Former U.S. Department of Commerce General Counsel Cameron Kerry, in his valedictory address on international privacy delivered at the German Marshall Fund of the United States, expressly cited this new Hogan Lovells whitepaper and its findings in his plea for a more balanced international view of issues such as national security access to data, which occurs around the world.
As I said last summer, “it is naive to think that European intelligence agencies do not use data collected from phone and Internet companies in their investigations.” The transparency reports, which soon will have greater granularity, should help the world understand that the U.S. is hardly alone in its national security practices and that reform needs to be viewed as a global concern.