Continuing its efforts to quell users’ concerns over the safety of their data in the wake of the National Security Agency’s Prism initiative, Facebook Tuesday released its first Global Government Requests Report, saying that it will “release these reports regularly in the future.”
The social network announced the release of the report in a post on the Facebook and Privacy page, reading:
We want to make sure that the people who use our service understand the nature and extent of the government data requests we receive and the strict policies and processes we have in place to handle them. That’s why, today, we are pleased to release our first Global Government Requests Report.
The report, prepared by Facebook Vice President and General Counsel Colin Stretch, covers the first six months of 2013 and provides details on:
- Which countries requested information from Facebook about users (a total of 71).
- The number of requests received from each of those countries.
- The number of users/user accounts specified in those requests.
- The percentage of these requests in which Facebook was required by law to disclose at least some data.
Stretch wrote in the introduction to the Global Government Requests Report:
As we have made clear in recent weeks, we have stringent processes in place to handle all government data requests. We believe this process protects the data of the people who use our service, and requires governments to meet a very high legal bar with each individual request in order to receive any information about any of our users. We scrutinize each request for legal sufficiency under our terms and the strict letter of the law, and require a detailed description of the legal and factual bases for each request. We fight many of these requests, pushing back when we find legal deficiencies and narrowing the scope of overly broad or vague requests. When we are required to comply with a particular request, we frequently share only basic user information, such as name.
As we have said many times, we believe that while governments have an important responsibility to keep people safe, it is possible to do so while also being transparent. Government transparency and public safety are not mutually exclusive ideals. Each can exist simultaneously in free and open societies, and they help make us stronger. We strongly encourage all governments to provide greater transparency about their efforts aimed at keeping the public safe, and we will continue to be aggressive advocates for greater disclosure.
And in the frequently asked questions section of the report, in response to, “Why did you report the numbers for the U.S. in ranges?,” he wrote:
We have reported the numbers for all criminal and national security requests to the maximum extent permitted by law. We continue to push the U.S. government to allow more transparency regarding these requests, including specific numbers and types of national security-related requests. We will publish updated information for the U.S. as soon as we obtain legal authorization to do so.
The U.S. was the country with the most requests regarding the most user accounts by far, with 11,000 to 12,000 and 20,000 to 21,000, respectively. The U.K. was a distant second, at 1,975 and 2,337, respectively.
UPDATED: Privacy International weighed in on the release of Facebook’s first Global Government Requests Report with the following statement:
Transparency reports have traditionally played a critical role in informing the public on the lawful access requests made by governments to companies like Facebook. These reports have provided a useful accountability mechanism for users to know what governments are asking for and how often. Transparency reports also inform users as to what intermediaries are doing to protect their privacy when it comes to sharing data with governments. Given Facebook’s ever-growing presence in the lives of people around the world, we commend it for releasing this report today — a release that has been a long time coming.
However, we are left with a disturbingly hollow feeling regarding Facebook’s gesture, and it has little to do with Facebook itself. Since documents leaked by Edward Snowden have been published and analyzed, the veil has been lifted on what information governments actually collect about us. We are now aware of a terrifying reality — that governments don’t necessarily need intermediaries like Facebook, Google, and Microsoft to get our data. They can intercept it over undersea cables, through secret court orders, and through intelligence sharing.
The usefulness of transparency reports hinges on governments abiding by the rule of law. We now know that these reports only provide a limited picture of what is going on, and it is time that governments allow companies to speak more freely regarding the orders they receive.
Whereas transparency reports detail lawful access requests, we are living in a world where governments exploit over-permissive, vague, and outdated laws with impunity. What is needed is a new strong legal framework that all governments must abide by. Until then, companies like Facebook are left with the burden of having to determine what information may be “lawfully” demanded by each country, and deciding what they can or cannot release. This is too much to ask of these companies, and too great a trust to be placed in them.
Readers: Did anything in Facebook’s first Global Government Requests Report surprise you?