Facebook Gave Data On 38,000 Users To Government Authorities5:11 PM EST Tue. Aug. 27, 2013
Facebook opened up the accounts of 38,000 individuals following government requests and demands for user data over the last six months, including at least 11,000 such requests from U.S. authorities.
In its first Global Government Requests Report, the social networking giant said it put in place stringent processes to handle all government data requests. The report, which covers the first 6 months of 2013, ending June 30, said it opened access to accounts on 80 percent of the requests from U.S. officials, providing access to data on at least 20,000 user accounts.
"We scrutinize each request for legal sufficiency under our terms and the strict letter of the law, and require a detailed description of the legal and factual bases for each request," Facebook said in its report, issued Tuesday on the social network. "We fight many of these requests, pushing back when we find legal deficiencies and narrowing the scope of overly broad or vague requests."
[Related: The 9 Most Dangerous Cloud Security Threats]
Facebook said it received requests from more than 70 countries, but the bulk of the data was released to U.S. law enforcement, according to the report made available only to Facebook users.
The Facebook report follows a litany of reports on an extensive U.S. surveillance program that stem from the leak of classified documents by NSA whistle-blower Edward Snowden. The leaks have fueled discussion over the extent of the government's reach on cloud-based user data and a debate about individual privacy when using online services. Earlier this year, Google, Yahoo, Microsoft and Apple released similar reports generally documenting the number of government requests each service received for user data.
The transparency reports are a positive step by Internet services and help increase the discussion on privacy and trust when using online services, said Cameron Camp, a U.S.-based security researcher at Bratislava, Slovakia-based antivirus vendor ESET. People are realizing that the Internet is a public space, Camp said.
"There's been an erosion of trust across the landscape," Camp told CRN. "There's an uncomfortable tension, but also a realization that it is unrealistic to expect a service that you don't pay for won't use your data in some way."
NEXT: The Electronic Frontier Foundation Lauds Facebook For Requiring A Court Warrant For Data
In May, the Electronic Frontier Foundation criticized Apple, AT&T, Verizon and Myspace for their lack of transparency on privacy policies and said the firms could be freely giving up user data to government requests. The digital privacy watchdog group advocates for clear documentation on user privacy and content guidelines by companies running online services.
Organizations should require a warrant for content of communications and tell users about government data requests, the EFF said. The organization said transparency reports and clear privacy guidelines should be made available to users and be easy to access and understand.
The EFF called out Facebook in its May report for failing to issue a transparency report outlining government requests for data. The social network was lauded by the EFF for clearly requiring a warrant from law enforcement when seeing the content of user communications. Other online services requiring a warrant include Dropbox, Foursquare, LinkedIn, Microsoft, Sonic.net, SpiderOak, Tumblr, Twitter and WordPress.
In its report, Facebook said it hopes to be able to provide even more information about the requests it receives from law enforcement authorities in future reports.
"As we have said many times, we believe that while governments have an important responsibility to keep people safe, it is possible to do so while also being transparent," Facebook said. "We strongly encourage all governments to provide greater transparency about their efforts aimed at keeping the public safe, and we will continue to be aggressive advocates for greater disclosure."
The Facebook report does not provide data on the use of the national security letters. The documents, a provision under the U.S. Patriot Act of 2001, gives the FBI the authority to demand information for investigations impacting national security matters. The FBI's written demands for information using a national security letters is subject to a gag order, forbidding businesses from revealing it to the public.
Apple indicated in its transparency report issued in June that it received between 4,000 and 5,000 requests from U.S. law enforcement for customer data from Dec. 1, 2012, to May 31, 2013.
Microsoft's transparency report, which covered 2012, indicated that it received more than 11,000 U.S. law enforcement requests for information or content data of users of its products in 2012. In March, Google also issued a report stating that it received up to 1,000 requests from the FBI and other U.S. agencies in 2012 for access to data stored in its cloud.
PUBLISHED AUG. 27, 2013