Closely examined IT companies disclose FISA requests

Facebook, Google, Microsoft, Yahoo

Under a FISA microscope.

Under the gun and a microscope, Facebook (NASDAQ:FB), Google (NASDAQ:GOOG), Microsoft (NASDAQ:MSFT), and Yahoo (NASDAQ:YHOO) are rushing to out-do one another in releasing their inaugural FISA reports to the public. FISA -- the pleasant-to-the-ears acronym of the dread Foreign Intelligence Surveillance Act -- is a law that requires IT firms to hand users' data to a secretive U.S. court upon request.

For years, the FISA process hummed along smoothly until Edward Snowden leaked details of the program. Shortly thereafter, bloggers learned of the sudden outrage that IT companies felt at being forced to pass along private user data. Now eager to reverse negative perception, IT companies are spreading their FISA request numbers far and wide. That's fine with bloggers, as long as they aren't a favorite request.

In IT Blogwatch, bloggers read between the lines.

Filling in for our humble blogwatcher Richi Jennings, is a humbler Stephen Glasskeys.


Zach Miners data mines:

Google, Facebook and Microsoft were among the technology companies to release new figures Monday showing a rising number of requests for their users' data coming from a secretive U.S. surveillance court.


Depending on the company, the content might include private messages, documents, photos or videos.


Because the numbers of FISA requests can only be made available six months after the end of each reporting period, the companies could not yet provide figures for the second half of 2013.


The FISA figures are the first sets of numbers to be released since technology companies like Facebook, Google and Microsoft were allowed last week to give more information about government data requests, following lawsuits filed by the companies.   MORE


Clearly, Gregory Ferenstein reveals nothing:

Google, Facebook, Microsoft and LinkedIn all made headlines today for releasing "transparency" reports about the number of users for which the U.S. government has requested data.


We now know that major Internet companies have given up personal information from between 0-15,999 user accounts, but we don't know what exactly was given up or whether additional data was taken without the companies' knowledge.


"The numbers themselves don't tell us very much at all," Electronic Frontier Foundation Staff Attorney Nate Cardozo tells me. "These transparency reports only represent a small portion of what the NSA is doing to get data out of these companies. A lot of what the NSA is doing is without the company's knowledge."


The EFF tells me that this sort of bulk collection wouldn't show up in a transparency report, because the government is just taking everything and isn't requesting information on individual users.  MORE


Derek Mead is running numbers:

Today, Google, Facebook, LinkedIn, Microsoft, and Yahoo all released updated transparency data concerning FISA requests, and while Facebook notes that data is collected "a small fraction of one percent of Facebook user accounts"—a point that rings true for all of the above —that's about all we know.


Such opacity in [FISA] reporting is exactly what Attorney General Eric Holder and Director of National Intelligence James Clapper were going for when they announced that tech companies could finally disclose Foreign Intelligence Surveillance Act records.


So while the newly-allowed reports help shed some light on how pervasive the government's lawful data collection is—and that the government largely makes requests that include user content—it doesn't get much more specific than that. Let's run through the companies numbers real quick.  MORE


Dropping everything, Fran Berkman takes requests:

Several industry-leading tech companies are much more transparent about government surveillance requests than they were last week.


Google, Facebook and several other tech companies even sued the FISA court last year for the ability to publish more information; the companies dropped their motions last week after agreeing to new disclosure standards.


During the most recent reporting period, January through June 2013, Yahoo users were most affected by FISA requests of the six companies that updated their transparency numbers.


Google followed Yahoo in accounts affected by FISA requests in the same time period.  MORE


And legal counsel Seth Rosenblatt challenges the court:

Richard Salgado, [Google's legal director of Law Enforcement and Information Security division] also included a request to Congress to change the laws so that tech firms can reveal specific numbers.


Brad Smith, Microsoft's general counsel, struck a more contrarian noting that not all orders received by Microsoft resulted in information being disclosed to the government. "Microsoft has successfully challenged requests in court, and we will continue to contest orders that we believe lack legal validity," he said.


American Civil Liberties Union attorney Alex Abdo acknowledged the reports were helpful, but that "they're not nearly enough" for the public to evaluate the breadth and impact of government surveillance.  MORE


But Mark Wilson claws back:

Trying to claw back its reputation of not being evil, and riding the wave of public interest in the surveillance activities of the government, Google releases some additional details about the government data requests it has received.


Today's report released by Google follows on from last week's agreement with the DoJ and includes details of requests made under the Foreign Intelligence Surveillance Act. For advocates of government transparency this sounds like a victory for freedom of information, but sadly it amounts to very little.  MORE


Meanwhile, Jeremy Kirk beams down a solution:

Email, perhaps still the most widely used Internet application, has about the same level of security as a postcard. But unlike postcards, it's widely depended on by businesses.


A variety of companies, including Wickr and Silent Circle, see commercial opportunities in making encrypted messaging products that are easier to use.


Joining those companies is Washington, D.C.-based Virtru, co-founded by the Ackerly brothers. John, 38, has a background in private equity, and his younger brother Will, 34, joined the U.S. National Security Agency out of college in 2004.


Virtru's big advantage is that it works within the Gmail, Outlook and Yahoo webmail interfaces and doesn't need an external client, which was no small engineering feat, Will said.  MORE

Computerworld Blogs Newsletter

Subscribe now to the Blogs Newsletter for a daily summary of the most recent and relevant blog posts at Computerworld.  

Copyright © 2014 IDG Communications, Inc.

Shop Tech Products at Amazon