Microsoft, Google, Facebook show rise in surveillance requests
Google, Facebook and Microsoft were among the technology companies to release new figures Monday showing a rising number of requests for their users’ data coming from a secretive U.S. surveillance court.
Figures vary by company, though the numbers show that the content of multiple thousands of users’ accounts has been sought in recent years by the U.S. Foreign Intelligence Surveillance (FISA) court, which oversees requests for surveillance warrants for national security investigations. The court has been at the forefront of surveillance disclosures made by former National Security Agency contractor Edward Snowden since last June.
Google received FISA requests related to the content of between 9,000 and 9,999 accounts during the first half of 2013, up from between 7,000 and 7,999 in the first half of 2011.
The court sought content related to 15,000 to 15,999 accounts from Microsoft, up from 11,000 to 11,999 in the second half of 2011.
At Facebook, during the second half of 2012, the court sought data related to the content of 4,000 to 4,999 Facebook user accounts, the company said in a report. The company received more of FISA requests during the first half of 2013—the number rose to between 5,000 and 5,999 users’ accounts.
Depending on the company, the content might include private messages, documents, photos or videos.
By releasing the new numbers, the companies hope to become more transparent about the government data requests they receive tied to national security.
"Publishing these numbers is a step in the right direction,” said Richard Salgado, Google’s legal director for law enforcement and information security, in a blog post breaking out the figures.
It’s unclear, however, whether the rising numbers show a growing interest by surveillance authorities in the data stored by companies or growing usage of those companies’ services.
Yahoo and LinkedIn also released new figures on Monday related to government data requests tied to national security. At Yahoo, the company only said it received FISA requests related to content for between 30,000 and 30,999 accounts during the first half of 2013.
Because the numbers of FISA requests can only be made available six months after the end of each reporting period, the companies could not yet provide figures for the second half of 2013.
With such large numbers of users—Facebook alone has more than 1.2 billion—the newly revealed data requests represent just a small slice of the companies’ total users. But they do help to shed more light on the importance of digital data to authorities in the interest of national security.
It was not clear how many FISA requests companies complied with by handing over data. A Facebook spokeswoman said the company could not reveal that information. Microsoft, in its announcement, said that it would continue to contest orders that it believes lack legal validity.
The FISA figures are the first sets of numbers to be released since technology companies like Facebook, Google and Microsoft were allowed last week to give more information about government data requests, following lawsuits filed by the companies. The deal, which was announced by President Barack Obama under an agreement with the U.S. Department of Justice, was designed to provide more transparency about law enforcement and national security orders.
As a result, technology companies can now separately disclose the numbers of national security letters (NSLs) and FISA requests they receive, instead of lumping them together. The company can now also say how many of its FISA requests were targeted at the content of accounts, versus non-content information such as subscriber names. Apple already released new figures last week in response.
Unlike FISA requests, NSLs may not be used to request content and instead are used for things like names, addresses and length of service.
Previously, Facebook could only say that for the first half of 2013, the total volume of user accounts served with law enforcement requests of any kind was a fraction of 1 percent.
Still, even with these relaxed restrictions, the information the companies are allowed to reveal remains vague. For instance, companies are limited to reporting the data in ranges of 1,000, if they choose to break out FISA from NSL requests. For FISA requests related to non-content information, Facebook said the data was sought for between 0 and 999 users’ accounts during the first half of 2013.
The companies said they would continue to advocate for reform of government surveillance practices and for greater transparency about the degree to which governments seek access to members’ data.
Google said it still wants to disclose the precise numbers of types of requests it receives, as well as the number of users they affect.