Freed by a recent legal deal with government lawyers, major technology firms released new data Monday on how often they are ordered to turn over customer information for secret national security investigations — figures that show that the government collected data on thousands of Americans.
The publications disclosed by Google, Microsoft, Yahoo, Facebook, LinkedIn and Tumblr provided expanded details and some vented criticism about the government's handling of customers' Internet data in counter-terrorism and other intelligence-related probes. The figures from 2012 and 2013 showed that companies, such as Google and Microsoft, were compelled by the government to provide information on as many as 10,000 customer accounts in a six-month period. Yahoo complied with government requests for information on more than 40,000 accounts in the same period.
The companies earlier provided limited information about government requests for data, but a new agreement reached last week with the Obama administration allowed the firms to provide a broadened, though still circumscribed, set of figures to the public.
Seeking to reassure customers and business partners alarmed by revelations about the government's massive collection of Internet and computer data, the firms stressed details indicating that only small numbers of their customers were targeted by authorities. Still, even those small numbers showed that thousands of Americans were affected by the government requests approved by judges of the secret Foreign Intelligence Surveillance Court.
The data releases by the five major tech firms offered a mix of dispassionate graphics, reassurances and protests, seeking to alleviate customer concerns about government spying while pressuring national security officials about the companies' constitutional concerns. The shifting tone in the releases showed the precarious course that major tech firms have had to navigate in recent months, caught between their public commitments to Internet freedom and their enforced roles as data providers to U.S. spy agencies.
In a company blog post, Microsoft General Counsel Brad Smith scolded the U.S. and allied governments for failing to renounce the reported mass interception of Internet data carried by communications cables. Top lawyers and executives for major tech firms had previously raised alarms about media reports describing that hacking by U.S. and UK spy agencies and cited them during conversations with U.S. officials during President Barack Obama's internal review of planned changes to the government's spying operations.
“Despite the president's reform efforts and our ability to publish more information, there has not yet been any public commitment by either the U.S. or other governments to renounce the attempted hacking of Internet companies,” Smith said in a Microsoft blog release. Smith added that Microsoft planned to press the government “for more on this point, in collaboration with others across our industry.”
The new figures were released just a week after major tech firms announced a legal agreement with the Justice Department. But lawyers and executive for the companies openly vented their discomfort with the government's continuing insistence that they could only provide broad ranges instead of the actual numbers of government requests.
The companies said they would press for narrower data ranges that would offer more details. “We will also continue to advocate for still narrower disclosure ranges, which will provide a more accurate picture of the number of national security-related requests,” said Erika Rottenberg, LinkedIn's general counsel.
A spokesman for the Office of the Director of National Intelligence declined to comment on the companies' releases and comments. The spokesman pointed to a late January statement by DNI James Clapper and Attorney General Eric Holder that said the agreement would allow the firms to “disclose more information than ever before to their customers.”
Google and all the other companies denied that they gave any government unfettered access to their users' info. The companies are worried more people will reduce their online activities if they believe almost everything they do is being monitored by the government. A decline in Web surfing could hurt the companies financially by giving them fewer opportunities to show online ads and sell other services.
The companies can only reveal how many total requests they receive every six months, with the numbers in groupings of 1,000. And even those general numbers must be concealed for at least six months after any reporting period ends. That restriction means the FISA requests for the final half of last year can't be shared until July, at the earliest.
The data coming out Monday indicated the U.S. government is digging deeper into the Internet as people spend more time online.
Most of the companies showed the number of government requests fell between 0 and 999 for each six-month period. But the numbers of customers affected by those searches ranged more widely.
Google, for instance, has seen the number of people affected by FISA court orders rise from 2,000 to 2,999 users during the first half of 2009 to between 9,000 and 9,999 users during the first half of last year. The company showed an unusual spike in the number of Americans whose data was collected between July and December 2012. During that period, metadata was collected from between 12,000 and 12,999 users. Under the restrictions imposed by the government, no explanation was provided for that anomaly.
Yahoo listed the highest number of people swept up in FISA requests for online content during the first half of last year. The orders seeking user content spanned 30,000 to 30,999 accounts, according to the company. The requested content could have included emails, instant messages, address books, calendar items and pictures.
All the companies also received FISA requests that weren't aimed at scooping up online communications or photos. Those demands sought things such as billing information and locations of where people made an Internet connection.
Google described Monday's disclosure as a positive step while promising to keep fighting for the right to provide more precise numbers about the FISA requests and more specifics about the data being sought. “We still believe more transparency is needed so everyone can better understand how surveillance laws work and decide whether or not they serve the public interest,” Richard Salgado, Google's legal director of law enforcement and information security, wrote in a blog post.
Even if the companies can share more information about the FISA requests, they still might face doubts raised by other National Security Agency documents leaked by former NSA contractor Edward Snowden asserting that U.S. government has found ways to tap into the lines transmitting personal information between data centers. The companies are trying to thwart the hacking by encrypting most, if not all the data, stored on their computers.
“The limited information that can be gleaned from the reports suggests that the government is using its spying powers extremely broadly, likely infringing on the privacy rights of many innocent Americans,” said Alex Abdo, a staff attorney with the American Civil Liberties Union.
Meanwhile, a conservative lawyer who has challenged the constitutionality of the NSA's daily collection of phone data said he had filed a petition with the U.S. Supreme Court to step in and review his case. Attorney Larry Klayman said he had mailed a petition to the top court asking it to intervene in the case, which is already under appeal.
Judge Richard Leon, the presiding U.S. district judge in the case, ruled last December that the NSA program had constitutional flaws. Leon has held off shutting the program down pending court appeals.GoogleNSAsurveillanceUS