Privacy groups seek FTC probe of Google, Yahoo for exposing data to NSA
Contend that unseen data collection by NSA suggests lack of adequate security on Internet company networks
Computerworld - Several advocacy groups are calling for an investigation into Internet companies Yahoo and Google whose networks were secretly accessed by the National Security Agency (NSA).
In a letter sent Wednesday, the groups asked the U.S. Federal Trade Commission (FTC) find out how the NSA could to extract so much data without the knowledge of Google and Yahoo.
"The Commission should pursue this investigation because it routinely holds itself out as the defender of consumer privacy in the United States," the authors said. "It is inconceivable that when faced with the most significant breach of consumer data in U.S. history, the Commission could ignore the consequences for consumer privacy."
The letter, signed by officials from the Electronic Privacy Information Center, Privacy Rights Clearinghouse, Center for Digital Democracy and others, follows recent reports that the NSA gained access to millions of consumer records by secretly tapping directly into data streams from major Internet companies.
The reports prompted fresh concern about NSA surveillance activities and of the privacy of data being held by the world's largest Internet companies.
Google, Yahoo, Microsoft and others have insisted that they divulge consumer information to the NSA and other government agencies only under appropriate court orders. Each has denied providing any help to the NSA and other spy agencies gathering data on Internet users.
In fact, in a court filing earlier this week the companies demanded that the government release more information about the kind of data that Internet companies are being asked to provide the NSA.
The letter from the privacy groups stands out because it seeks to hold Google and Yahoo responsible for the NSA's data collection activities because of a lack of network security controls.
"We are saying that the companies should do more to protect the privacy of user data and that the FTC has a responsibility to police these practices, particularly since both Google and Facebook are subject to consent orders concerning privacy," said Marc Rotenberg, executive director of EPIC.
Rotenberg said consumer privacy groups have long urged Internet companies to adopt better privacy and security practices to safeguard the information they collect. He noted that privacy groups have asked Internet companies to minimize data collection when possible and to delete unneeded data.
Therefore, Internet companies must be held responsible for breaches of data they store, he said.
A Google spokeswoman wouldn't comment on the letter. Yahoo didn't respond to a request for comment.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His email address is firstname.lastname@example.org.
- NSA defends collecting data from U.S. residents not suspected of terrorist activities
- Groups fear bill would allow free flow of data between private sector and NSA
- Google's move into home automation means even less privacy
- Bill to require warrant for email searches gains ground in House
- Coming soon to a fridge near you -- targeted ads
- Snowden leaks prompt tech firms to tout privacy, transparency policies
- License reader lawsuit can be heard, appeals court rules
- Is EU's 'right to be forgotten' really the 'right to edit the truth'?
- Tails 1.0: A bootable Linux distro that protects your privacy
- Privacy jitters derail controversial K-12 big data initiative
Read more about Security in Computerworld's Security Topic Center.
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!