Ever since Edward Snowden began leaking classified documents about NSA surveillance, Google and other tech companies have wanted to reveal specifics on NSA's court-ordered access to their customers' data and communications. The problem: the firms were gagged by the FISA Court.
At the end of last year, Google, Yahoo, Microsoft and Facebook (among others) filed public, unsealed lawsuits in the FISA Court, contending that the gag orders violate their free speech rights. (Disclosure: my organization, the First Amendment Coalition, filed an amicus brief supporting the firms' claims). In January the Justice Department acceded to some of the requests, agreeing to revised censorship rules permitting partial disclosure, albeit on a delayed basis, of NSA data requests.
The newly emancipated tech firms have now published what was previously secret. The disclosures, covering the period January to June of 2013, show that . . .
- Google provided content on somewhere between 9,000-9,999 accounts.
- Yahoo provided content on somewhere between 30,000-30,999 accounts.
- Microsoft provided content on somewhere between 15,000-15,999 accounts.
- Facebook provided content on somewhere between 5,000-5,999 accounts.
The numbers are substantial -- some 60,000 accounts for all four firms; half of that for Yahoo alone -- but they are, of course, just a fraction of all the companies' accounts. Facebook by itself has over 200 million users in the U.S., and more than one billion worldwide.
Google, Facebook et al had hoped that these disclosures would reassure their customers that NSA's access to their data and email is much more limited than what they had been led to believe, based on news accounts. The problem for the tech firms is that they can only disclose instances of NSA access that they know about. Call these the "front door" access cases in which NSA, playing by the rules, knocks on the tech firms' doors, announces itself, and presents its papers signed by a FISA judge.
But what of NSA's secret "back door" access to the companies' user data and message contents? I'm referring to news accounts, first published in the Washington Post in November, about NSA's copying of Google user data and content -- secretly, without Google's knowledge -- by exploiting unprotected communications links outside the US.
If NSA does, in fact, have a secret back door channel into Google's (and the other firms') user data and communications, it hardly matters how scrupulous the agency is in adhering to applicable legal rules restricting access through the front door.
Google of course can't be transparent about the extent of government access to customer information when Google itself is aware of only the part of that access that NSA wishes to reveal. And Google's customers, particularly its foreign customers, will continue to doubt Google's ability to protect their privacy.
This dilemma is a serious threat to Google's and other firms' business.
Peter Scheer, a lawyer, is executive director of the First Amendment Coalition. The views expressed here do not necessarily reflect the opinions of the FAC Board of Directors.