Surveillance

Google Begs to Be Allowed More Transparency on NSA Data Requests

Wants to preserve their "Don't Be Evil" motto

|

But not as much as the government.
Credit: surrealpenguin / Foter.com / CC BY-SA

In March, Google did its level best to provide some transparency about the number of National Security Letters it had received by the FBI demanding data about its users. The information was limited, though, providing ranges rather than flat numbers due to government fears that exact numbers would provide information about their investigations, a claim that sounds fairly absurd.

In the wake of the public relations hit disaster the PRISM leak could have on tech companies, Google is now asking the government permission to supply more data about Foreign Intelligence Service Act requests. Here's their full letter:

Dear Attorney General Holder and Director Mueller

Google has worked tremendously hard over the past fifteen years to earn our users' trust. For example, we offer encryption across our services; we have hired some of the best security engineers in the world; and we have consistently pushed back on overly broad government requests for our users' data.

We have always made clear that we comply with valid legal requests. And last week, the Director of National Intelligence acknowledged that service providers have received Foreign Intelligence Surveillance Act (FISA) requests.

Assertions in the press that our compliance with these requests gives the U.S. government unfettered access to our users' data are simply untrue. However, government nondisclosure obligations regarding the number of FISA national security requests that Google receives, as well as the number of accounts covered by those requests, fuel that speculation.

We therefore ask you to help make it possible for Google to publish in our Transparency Report aggregate numbers of national security requests, including FISA disclosures—in terms of both the number we receive and their scope. Google's numbers would clearly show that our compliance with these requests falls far short of the claims being made. Google has nothing to hide.

Google appreciates that you authorized the recent disclosure of general numbers for national security letters. There have been no adverse consequences arising from their publication, and in fact more companies are receiving your approval to do so as a result of Google's initiative. Transparency here will likewise serve the public interest without harming national security.

We will be making this letter public and await your response.

David Drummond
Chief Legal Officer  

NEXT: NSA Scandal: Why We Get the Police State We Deserve. And What We Can Do to Fix That.

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. Transparency here will likewise serve the public interest without harming national security.

    Transparency? That’s for candidates, not office holders.

  2. Just to clarify, the government would rather Google didn’t release any metadata on their FISA requests to the public because it would reveal details about the program. I’d use this as Exhibit A on how metadata is clearly a search that requires a warrant by the government’s own attempt to protect it.

    1. Ridiculous. Metadata is perfectly fine for the government to have, obviously, but you want to release metametadata? What are you trying to do, 9/11 us?

    2. Nice.

    3. I just asssumed they didn’t want to reveal the exact number of people they wanted all the data on because revealing that the exact number is 7.09 billion would reveal too much about the scope of the operation.

      That would also explain the argument that revealing the exact number would bring up privacy issues – if you know they are investigating 7.09 billion people you then know that your neighbor is under investigation and your neighbor knows you are under investigation as well.

      1. The really ridiculous thing about all of this is the sheer, staggering amount of metadata that must exist that they’re asking for. It’s got to be a vast sea of data that is unusable unless targeted, but they want it all anyway. I work with large datasets (100 million row tables with 400+ columns, stuff like that) and I know how data just gets lost in such datasets. They can be mined for statistical data but only if you have criteria that you can use to say “I want to see certain predictors for behavior X”.

        Basically they just seem to want our data because all our data are belong to them, and fuck you that’s why.

        1. I get to work with government idiots, writing queries for them, and I swear… They don’t know what they want, but you’re supposed to know how to find it for them. Morons. If the NSA is anything like the DoD, we really don’t have much to worry about.

        2. Yeah, I’m more worried about false positives or using this as an excuse to do political bad deeds with a “national security” excuse.

          1. ^This.

            And they can present the results any way they want in front of a jury because jurors sure the fuck aren’t going to know the validity of the results. Someone unknowingly ordering a weekly pizza from a front organization for the mob will just be shown as “weekly contact with the mob”.

            Get a burner and replace it every two years with a burner from a different carrier. Change ISP’s as often. Get browser plugins that turn off all tracking calls, and make sure cookies and cache are cleared every time the browser is closed. Avoid social media like the plague.

        3. They want our data because they know that, sooner or later, they are going to be able to use that data however they want. All the bullshit about the oversight and protections and restrictions on what they can and cannot do with the data will be whittled away bit by bit and byte by byte. The authority to gather the data implies the authority to analyze the data, analyzing the data in this way is just an extension of analyzing the data in that way, the courts will have to defer to the experts at the NSA as to what sort of analysis is required, reasonable exceptions are reasonable, exceptional circumstances are exceptional, yadda, yadda, yadda.

  3. we offer encryption across our services

    Except, you know, actually encrypting email. If Gmail had some kind of embedded public-key encryption, a hell of a lot more people would use it, which would thwart the NSA to some extent.

    1. Several plugins, extensions etc. exist for this purpose

      (I haven’t actually used any of them, so I can’t vouch for any of the info presented)

      1. That’s not what I mean, though. It should be built into Gmail from the get-go, it should help people set up public keys when they set up their accounts, and it should encrypt by default. My mom isn’t going to switch to Chrome and install some plugins and then learn how to use them.

        Google could make email encryption easy and commonplace. They don’t. Why not?

        1. Google does not because it would prefer to lick the laces of leviathan’s boots.

        2. If the e-mail is encrypted, Google can’t scan the contents for the purposes of trageting ads toward the recipient.

    2. That goes for the rest of their services. It’s a bit deceptive too since they likely just mean encrypted communication between your pc and their server (https/ssl).

      They won’t ever offer any end-to-end encryption for gmail since that prevents ads, and doing it in general for all their services, like Google Drive, where they do not have access to your private keys would make a large service provider like them extremely suspicious in the eyes of the government.

      1. That.

  4. The biggest problem about this is the secrecy and the gag orders surrounding the existeance of the entire program. If you can’t disclose facts about what kind of information is being collected, how it’s being used, or in what numbers, then you can’t have an informed debate about it.

    First, they should immediately declassify all of the FISA court rulings regarding the program. At least let us read the court’s arguments for why this is constitutional.

    Second, it might be possible to more narrowly tailor the information being collected to only people of interest. Since we’re talking about fundamental liberties here, the government has to have a compelling interest, and they must use the least restrictive means to pursue it. Which means if there is a way to do this witohut collecting EVERYONE’s phone records, they should be constitutionally held to do that. They could require Google to filter out just the emails and numbers linked to a terror network, and only provide that data, and Google would likely be happy to do that rather than turn over everything. I’d feel more secure if my data remained scattered in private hands of different websites instead of gathered in a central database.

    1. Silly, do you think that just because you invoke the judge created balancing tests that the state and its paid clowns in gowns are going to be more receptive to your request?

  5. They should just go ahead and publish the data, with a link on their home page. What’s the government going to do, arrest Google?

    1. Google Motors

  6. Why does Google contest the news reports? Per the article, Google says “Assertions in the press that our compliance with these requests gives the U.S. government unfettered access to our users’ data are simply untrue.”

    Is it the “unfettered” part they find objectionable? Is it an issue of degree, or is Snowden fundamentally wrong, or misrepresented?

    1. Well, maybe (and I’m hoping this is true, but not expecting it), Google is already filtering the metadata for only certain people. Or something similar. But they can’t talk about what exactly they are and aren’t giving the government, because it’s all classified. This is what makes it impossible to have any sort of rational debate about the program – the meta-meta-data is secret. You can’t even talk about what’s in the FISA court opinions.

      1. Huh? So it’s okay if Google decides who to spy before they hand over the data?

Please to post comments

Comments are closed.