Digital Privacy Watchdog Calls Out Apple, AT&T, Verizon

Apple, AT&T, Verizon and Myspace lack transparency when it comes to privacy policies and could potentially be freely giving up user information to the government, according to the Electronic Frontier Foundation, a digital privacy watchdog group.

The organization's third annual report on data privacy and transparency found the four firms failing to provide the public with a clear understanding of their policies with regard to data privacy and retention. The Electronic Frontier Foundation said it examined each company's published terms of service, privacy policy, transparency report and guidelines for law enforcement requests, if any were available.

The organization evaluated 18 firms on six criteria: Whether a warrant was required for content of communications; whether the firm tells users about government data requests; the availability of published transparency reports; published law enforcement guidelines; a public record of fighting for user privacy rights in the courts; and whether the firm supports efforts in Congress to protect privacy rights.

[Related: Study: Cloud Security Improving But Far From Fixed ]

Sponsored post

Both MySpace and Verizon failed to receive any recognition in the study. Apple and AT&T were recognized for being members of the Digital Due Process coalition, a group that advocates for user privacy issues in Congress. But both firms earned no recognition in the other categories.

The Electronic Frontier Foundation credited many firms, including Google and Microsoft, for establishing transparency and guidelines outlining the handling of government requests for user data.

"While we are pleased by the strides these companies have made over the past couple years, there's plenty of room for improvement," the organization said in its report. "We remain disappointed by the overall poor showing of ISPs like AT&T and Verizon in our best practice categories."

Neither Myspace, Apple nor AT&T responded to a CRN request for comment.

A Verizon spokesperson told CRN the company requires a warrant from the government before granting access to user data. Law enforcement routinely uses a warrant when it makes its request, the spokesperson said, adding that he was reviewing whether data privacy policies were published and available to users. The Electronic Frontier Foundation never contacted Verizon for information in its report, the Verizon spokesperson said.

NEXT: Amazon Also Faulted In Report

The Electronic Frontier Foundation faulted Amazon for a lack of transparency into whether a warrant is required for user information or if users are informed when a request for data is granted to authorities. Two other cloud storage firms, SpiderOak and Dropbox, which are included in the report, received high marks for data privacy.

"Amazon holds huge quantities of information as part of its cloud computing services and retail operations, yet does not promise to inform users when their data is sought by the government, produce annual transparency reports, or publish a law enforcement guide," the organization noted in its report.

Comcast earned recognition for challenging an IRS subpoena on behalf of its users in 2003, but despite publishing law enforcement guidelines, the firm received no recognition for requiring a warrant. A review of the company's law enforcement handbook found a warrant generally required for access to user data, although email communication is treated differently. "The contents of email communications in storage for 180 days or less may only be produced in response to a state or federal warrant (unless it can be demonstrated that the email has been opened and is not being kept for purposes of backup protection)," according to the Comcast guidelines.

Microsoft and Twitter were each recognized for publishing transparency reports for the first time. Microsoft issued a law enforcement disclosure report on access to cloud data in March. The company said it received more than 11,000 U.S. law enforcement requests for information or content data of users of its products in 2012.

Twitter maintains a transparency Web page and published its first full report last year in which it said it received 679 requests from U.S. authorities in the first half of 2012, granting information on approximately 75 percent of the requests.