This article is from the source 'washpo' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at http://www.washingtonpost.com/business/technology/us-to-allow-companies-to-disclose-more-details-on-government-requests-for-data/2014/01/27/3cc96226-8796-11e3-a5bd-844629433ba3_story.html?wprss=rss_homepage

The article has changed 5 times. There is an RSS feed of changes available.

Version 1 Version 2
U.S. to allow companies to disclose more details on government requests for data U.S. to allow companies to disclose more details on government requests for data
(about 2 hours later)
The Justice Department has agreed to relax its long-standing gag order on certain types of sensitive data requests made to companies, allowing them for the first time to publicize — in broad terms — how often they must furnish customer information to the government, U.S. officials announced Monday. The Justice Department has agreed to relax its long-standing gag order on certain types of data requests made to companies, allowing them for the first time to publicize — in broad terms — how much customer information they must turn over to the government, U.S. officials announced Monday.
The agreement, struck in response to legal challenges from Google, Microsoft and other technology companies, comes as part of President Obama’s effort to ease the secrecy around government intelligence-gathering in the aftermath of revelations by former National Security Agency contractor Edward Snowden. The move amounts to a modest victory for Google, Microsoft and other technology companies that waged a legal battle for the right to disclose more information about their obligations under government surveillance programs, a sensitive issue in the aftermath of disclosures last year by former National Security Agency contractor Edward Snowden.
The new policy will allow companies to report on national security letters a form of administrative subpoena as well as on requests from the Foreign Intelligence Surveillance Court (FISC). However, they will be permitted to disclose the volume of requests only in wide numerical ranges. But both the companies and privacy advocates said the concessions, first hinted at in President Obama’s speech Jan. 17 outlining changes to surveillance programs, stop far short of providing a detailed and reliable portrait of how extensively the government gains access to private customer information for intelligence purposes.
The number of national security letters, a frequent tool of the FBI, could be listed as between one and 999, for example. Companies will also be able to disclose, in similarly broad ranges, how many customer accounts are targeted. Such information can be reported, under the new rules, once every six months. The new policy will allow companies to report on national security letters a form of administrative subpoena as well as on requests from the Foreign Intelligence Surveillance Court (FISC). However, they will be permitted to disclose the volume of requests only in wide numerical ranges. Previously, companies were prohibited from acknowledging that they received such requests.
“While this aggregate data was properly classified until today, the office of the Director of National Intelligence, in consultation with other departments and agencies, has determined that the public interest in disclosing this information now outweighs the national security concerns that required its classification,” said a Justice Department statement.
The number of national security letters, a frequent tool of the FBI, could be listed as between zero and 999, for example. Companies will also be able to disclose, in similarly broad ranges, how many customer accounts are targeted. Such information can be reported, under the new rules, once every six months.
The same rules will apply to requests from the FISC. Companies will also have the option of lumping the two categories of data requests together in a single total. If they do so, the numeric range can be in smaller bands, such as between “zero and 249,” according to the Justice Department.The same rules will apply to requests from the FISC. Companies will also have the option of lumping the two categories of data requests together in a single total. If they do so, the numeric range can be in smaller bands, such as between “zero and 249,” according to the Justice Department.
U.S. officials have said that more-precise reporting might tip targets off to investigations. U.S. officials have said that more precise reporting might tip targets off to investigations.
Although the agreement does not provide full transparency, it addresses some of the concerns raised by several technology companies over the summer during negotiations with Justice Department officials. Those talks at one point collapsed, resulting in a series of filings with the FISC, beginning in June, that formally requested a loosening of the restrictions on the grounds that they violated the First Amendment. The agreement addresses some of the concerns raised by technology companies during negotiations with Justice Department officials in the summer. Talks between the sides began after a series of filings with the FISC that formally requested a loosening of the restrictions on the grounds that they violated the First Amendment.
Several technology companies long have publicized certain types of government data requests typically from regular courts and police in “transparency reports,” but they were prohibited from offering a public accounting of national security letters and requests from the FISC. The five companies that had filed legal action at the FISC Facebook, Google, LinkedIn, Microsoft and Yahoo issued a joint statement Monday saying they were pleased with the policy change.
On Monday, Apple disclosed that it had received fewer than 249 national security letters, affecting fewer than 249 accounts, in the first six months of 2013. “While this is a very positive step,” they said in a statement, “we’ll continue to encourage Congress to take additional steps to address all of the reforms we believe are needed.”
Several technology companies long have publicized certain types of government data requests — mainly from regular courts and police — in “transparency reports,” but they were prohibited from offering a public accounting of national security letters and requests from the FISC.
Privacy advocates said that such broad accounting of requests does little to illuminate the extent of government surveillance activity that can sweep in e-mails, video chats, address books, Web browsing histories and more.
Marc Rotenberg, executive director of the Electronic Privacy Information Center, dismissed company “transparency reports” as unreliable, with the companies focused mainly on trying to reassure customers. He said the government itself should be issuing annual reports on its surveillance activities and eventually notifying targets when companies turn over their information. Those are standard practices in the case of police wiretaps, for example.
“It would be more useful over the long term to systematize the reports,” Rotenberg said. “I don’t think that empowering the companies in their so-called ‘transparency reports’ gets us there.”
The new policy was detailed in a letter from Deputy Attorney General James Cole to the five companies that filed motions to the FISC seeking more transparency about data requests. U.S. officials also made a filing to that court, which must formally approve the agreement.
Several of the companies have urged broader changes to surveillance practices, especially those by the NSA. Technology leaders met with Obama in December to demand more-sweeping changes intended to limit data collection and make sure it always happens under court oversight.
Monday’s announcement received mixed reaction on Capitol Hill, with critics saying legislation is needed to curb the reach of government surveillance.
“It’s just common sense that the government should give the American people a good idea of how many of them have had their information collected,” Sen. Al Franken (D-Minn.) said in a statement. “The Obama Administration still has made no progress on that front.”
On Monday, Apple became the first company to use the new rules to disclose how many national security letters it had received. The company said it had received fewer than 249 of the subpoenas, affecting fewer than 249 accounts, in the first six months of 2013. Apple filed an amicus brief in November supporting the other technology companies in calling for greater transparency.
“We applaud the Administration for taking this important step toward greater transparency, and we thank the Justice Department for considering Apple’s point of view as it reached this decision,” the company said in a statement.“We applaud the Administration for taking this important step toward greater transparency, and we thank the Justice Department for considering Apple’s point of view as it reached this decision,” the company said in a statement.
The new policy was detailed in a letter from Deputy Attorney General James Cole to the five companies that filed legal requests to the FISC seeking more transparency about data requests. U.S. officials also made a filing to that court.
“While this aggregate data was properly classified until today, the office of the Director of National Intelligence, in consultation with other departments and agencies, has determined that the public interest in disclosing this information now outweighs the national security concerns that required its classification,” the Justice Department said in a statement.
The companies that waged the legal fight for more disclosure issued a joint statement Monday saying: “We filed our lawsuits because we believe that the public has a right to know about the volume and types of national security requests we receive. We’re pleased the Department of Justice has agreed that we and other providers can disclose this information. While this is a very positive step, we’ll continue to encourage Congress to take additional steps to address all of the reforms we believe are needed.”
Several of the companies also have urged broader changes to surveillance practices, especially those by the NSA. A coalition of companies in December sent a letter to Obama and Congress demanding more-sweeping changes intended to confine data collection to formal channels and to improve transparency over such processes.
“This is a victory for transparency and a critical step toward reining in excessive government surveillance,” said Alex Abdo, staff attorney with the American Civil Liberties Union. “Companies must be allowed to report basic information about what they’re giving the government so that Americans can decide for themselves whether the NSA’s spying has gone too far.”
Follow The Post’s new tech blog, The Switch, where technology and policy connect.Follow The Post’s new tech blog, The Switch, where technology and policy connect.