Tech Companies Allowed to Say How Often NSA Comes CallingChris Strohm and Tom Schoenberg
Technology companies including Google Inc. and Apple Inc. won U.S. permission to disclose more about government orders for customer data, a step they sought to fortify their reputations after revelations about their role in U.S. spying.
Companies including Apple, which was the first to report details allowed under the agreement with the Justice Department announced today, are allowed to say broadly how many accounts are covered by government requests and whether the content of users’ communications was sought.
Daniel Castro, an analyst with the Information Technology and Innovation Foundation in Washington, said the accord will provide only limited help to companies seeking to contain a global backlash that he has said could cost the U.S. economy $22 billion to $35 billion over the next three years.
“It doesn’t clear up the fear, doubt and uncertainty that is hurting the ability of U.S. companies to sell their products and services abroad,” Castro said in an e-mail.
Companies, wanting to show that they safeguard privacy and carefully vet government requests, had made their case to senior U.S. officials including President Barack Obama. They said their reputations and future profits were put at risk by former government contractor Edward Snowden’s revelations that the National Security Agency had access to information about their customers’ Internet use.
The agreement allows the companies to publish, for the first time, aggregate numbers of orders under the National Security Agency’s so-called Prism program, as well as national security letters seeking information for investigations.
“Communications providers will be permitted to disclose more information than ever before to their customers,” U.S. Attorney General Eric Holder and U.S. Director of National Intelligence James Clapper, said today in a joint statement.
Under Prism, the NSA gets court warrants to compel Internet companies to turn over online content created by their users. National security letters are administrative subpoenas from the Justice Department for records and don’t require court approval.
The companies previously have been prohibited from disclosing any details about the orders, even whether they had received them. Google, Microsoft Corp., Yahoo! Inc., Facebook Inc. and LinkedIn Corp. filed motions with the secret court that oversees spying under the Foreign Intelligence Surveillance Act asking to be able to publish details.
In unveiling proposed changes to NSA surveillance programs on Jan. 17, Obama said that his administration would seek to allow the companies to be more transparent, without offering specifics. He announced the creation of a group led by one of his advisers, John Podesta, to review how companies and government are using data.
Under the agreement announced today, companies have two options.
They can publish the number of FISA orders and national security letters every six months in ranges of a thousand, beginning with 0-999.
There’s a six-month delay for publishing data on FISA orders, meaning a report published on July 1, 2014, would reflect FISA data for the period ending Dec. 31, 2013.
Under the second option, companies are allowed to group the two types of orders together and report in ranges of 250, beginning with 0-249.
The government will require a two-year delay in publishing data about orders related to a new product or service offered by a company, according to the deal.
“We’re pleased the Department of Justice has agreed that we and other providers can disclose this information,” the companies said in a joint statement today. “While this is a very positive step, we’ll continue to encourage Congress to take additional steps to address all of the reforms we believe are needed.”
Apple, maker of the iPhone and the iPad tablet computer, said total national security orders received by the company between Jan. 1, 2013, and June 30, 2013, were less than 250, as was the number of accounts affected.
The content of customer Internet use was released in only about 3 percent of government requests, according to Apple data.
“Our business does not rely on collecting large amounts of personal data about our customers, which is reflected in the figures we are releasing under the new transparency rules,” said Kristin Huguet, an Apple spokeswoman.
“We look forward to working with the White House working group led by John Podesta, focusing on big data and the future of privacy,” she said. “We believe it’s one of the most important issues facing our industry and our society today.”
The outlines of today’s action were discussed during a meeting between intelligence officials and Justice Department representatives at the White House the night before Obama’s Jan. 17 speech, according to a government official briefed on the matter who described the private session on condition of anonymity.
Kevin Bankston, policy director for the Open Technology Institute in Washington, called the deal “a single battle won in a much longer fight.”
“Meaningful transparency means giving companies the ability to publish the specific number of requests they receive for specific types of data under specific legal authorities,” Bankston said in an e-mailed statement.
“Asking the public and policymakers to try and judge the appropriateness of the government’s surveillance practices based on a single, combined, rounded number is like asking a doctor to diagnose a patient’s shadow: only the grossest and most obvious problem, if even that, will be ever be evident.”