Facebook, Microsoft and Apple disclose little on U.S. government data requests
Posted on 17 June 2013.
The disclosure of details about the controversial PRISM program set up by the NSA has indubitably damaged the reputation of the companies involved in it, and some of them are naturally trying to rebuild it and prevent both businesses and individual users from jumping ship and searching alternatives.


Since the first revelations by Edward Snowden were disclosed to the public, several of these companies have petitioned the U.S. government to let them reveal how many of "special" government requests for information they receive each year. But even though it is obviously in the interest of the U.S. intelligence agencies that these companies retain as many as customers as possible, they still aren't ready to let them provide that particular bit of information.

Instead, Facebook, Microsoft and Apple have been allowed to share how many national security-related requests (FISA, National Security Letters, and other) they receive only in a range, and only if the number is aggregated to that of other types of law enforcement requests.

"For the six months ending December 31, 2012, the total number of user-data requests Facebook received from any and all government entities in the U.S. (including local, state, and federal, and including criminal and national security-related requests) – was between 9,000 and 10,000," Facebook shared on Friday.

"These requests run the gamut – from things like a local sheriff trying to find a missing child, to a federal marshal tracking a fugitive, to a police department investigating an assault, to a national security official investigating a terrorist threat. The total number of Facebook user accounts for which data was requested pursuant to the entirety of those 9-10 thousand requests was between 18,000 and 19,000 accounts."

Microsoft has stated that from July 1, 2012 to December 31, 2012, they received "between 6,000 and 7,000 criminal and national security warrants, subpoenas and orders affecting between 31,000 and 32,000 consumer accounts from U.S. governmental entities (including local, state and federal)."

"We are permitted to publish data on national security orders received (including, if any, FISA Orders and FISA Directives), but only if aggregated with law enforcement requests from all other U.S. local, state and federal law enforcement agencies; only for the six-month period of July 1, 2012 thru December 31, 2012; only if the totals are presented in bands of 1,000; and all Microsoft consumer services had to be reported together," they pointed out, adding that they "have not received any national security orders of the type that Verizon was reported to have received that required Verizon to provide business records about U.S. customers."

Finally, on Monday, Apple chimed in to say that "from December 1, 2012 to May 31, 2013, Apple received between 4,000 and 5,000 requests from U.S. law enforcement for customer data," and that "between 9,000 and 10,000 accounts or devices were specified in those requests, which came from federal, state and local authorities and included both criminal investigations and national security matters."

They also made it a point to say that some categories of information can't never be shared with authorities because they do not store it (customers’ location, Map searches, Siri requests), and/or because they can't be provided (for example, conversations over iMessage and FaceTime that are encrypted from end to end.

Google is still negotiating with the government over what they can disclose, but said that they believed that it was "important to differentiate between different types of government requests."

Yahoo, who has unsuccessfully battled the NSA in court over PRISM participation in 2008, has not yet commented on the revelations.









Spotlight

Staples customers likely the latest victims of credit card breach

Posted on 21 October 2014.  |  Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //