U.S. Eases Surveillance Disclosure Rules

Net Firms Can Release Info on Feds' Request for Customer Data
U.S. Eases Surveillance Disclosure Rules

The Obama administration will allow, for the first time, Internet companies to disclose information about government orders that seek specific, highly sensitive data about their customers.

See Also: Webinar | SolarWinds Breach: If Cyber Companies Can Get Hit, Do You Stand A Chance?

A joint statement issued Jan. 27 by Attorney General Eric Holder and Director of National Intelligence James Clapper says the Justice Department will allow more detailed disclosures about the number of national security orders and requests issued to communications providers, as well as the number of customer accounts targeted under those orders and requests.

"Through these new reporting methods, communications providers will be permitted to disclose more information than ever before to their customers," the government statement says.

With the administration's change of heart, the companies - Facebook, Google, LinkedIn, Microsoft and Yahoo - withdrew their lawsuit filed against the government in the Federal Intelligence Surveillance Court. The lawsuit sought the right to reveal to the public how many times they received orders known as national security letters to compel release of the information.

"We filed our lawsuits because we believe that the public has a right to know about the volume and types of national security requests we receive," the companies said in a joint statement. "... While this is a very positive step, we'll continue to encourage Congress to take additional steps to address all of the reforms we believe are needed."

Leaks by former National Security Agency contractor Edward Snowden highlighted secret government programs in which the government sought customer information from technology companies without allowing them to inform their customers.

Earlier this month, President Obama directed the Justice Department and intelligence director to ease what, in effect, was a gag order on requests the government made to the companies on customer records.

"While this aggregate data was properly classified until today, the office of the Director of National Intelligence, in consultation with other departments and agencies, has determined that the public interest in disclosing this information now outweighs the national security concerns that required its classification," Holder and Clapper's statement says.

In a letter to the technology companies, the government says it's giving them two options on how they can report the government requests. Under the new policy, companies can publish information about the requests only once every six months, with a six-month delay.

The government says this declassification reflects the Obama administration's commitment to make information about the government intelligence activities public available when appropriate.

The American Civil Liberties Union characterizes the administration's move as a victory for transparency and a critical step toward reining in excessive government surveillance. "Companies must be allowed to report basic information about what they're giving the government so that Americans can decide for themselves whether the NSA's spying has gone too far," says Alex Abdo, staff attorney with the ACLU's National Security Project.

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.