We have been getting a consistent message from the Dept. of Justice and the National Security Administration that it is absolutely essential that they be able to maintain strict secrecy about every aspect of their data collection activities. That broad assumption is being called into question by the recent disclosures about some of the data collection activities. The government confirmed the validity of the order to Verizon to provide all of their metadata for a period of three months.
Today there is news of a rather strange and convoluted effort to allow internet companies to provide very limited information about what user data they have released to the government.
U.S. government loosens gag order on security-related data requests
Earlier this week, in a response to ongoing allegations of widespread surveillance by the United States government, Google, Facebook, and Microsoft published open letters to the Attorney General and the FBI director asking for permission to disclose details about their response to national security requests.
Late Friday night, Facebook and Microsoft revealed that the government had relaxed their nondisclosure agreement slightly. In separate late-night posts, the two companies provided details and a description of the new ground rules they’re required to follow
The new numbers, according to Microsoft, now include “the total volume of national security orders, which may include FISA orders.” In a twist straight out of Alice in Wonderland, the company says, “We are still not permitted to confirm whether we have received any FISA orders, but if we were to have received any they would now be included in our aggregate volumes.”
The new data is as follows, with the emphasis in the original:
For the six months ended December 31, 2012, Microsoft received between 6,000 and 7,000 criminal and national security warrants, subpoenas and orders affecting between 31,000 and 32,000 consumer accounts from U.S. governmental entities (including local, state and federal). This only impacts a tiny fraction of Microsoft’s global customer base.
So they are not allowed to tell us if they actually received 6372 or 6453 actual warrants and certainly not where the warrants came from. If this is in fact all the information that Microsoft has divulged to government agencies, then it does dispel the notion that they are participating in some vast data dragnet. Facebook has also disclosed data under the revised authorization.
For the six months ending December 31, 2012, the total number of user-data requests Facebook received from any and all government entities in the U.S. (including local, state, and federal, and including criminal and national security-related requests) – was between 9,000 and 10,000. These requests run the gamut – from things like a local sheriff trying to find a missing child, to a federal marshal tracking a fugitive, to a police department investigating an assault, to a national security official investigating a terrorist threat. The total number of Facebook user accounts for which data was requested pursuant to the entirety of those 9-10 thousand requests was between 18,000 and 19,000 accounts.
Any sort of investigation about possible illegal activity needs to be conducted with a certain degree of confidentiality whether it is dealing with people who download movies, make drug deals or plan bomb attacks. Information about specific investigations and the individuals who are targets of them can certainly compromise their effectiveness. What I fail to grasp is how general information about law enforcement programs is likely to impede the actual investigations.
Anybody who is knowingly engaging in illegal activity knows that they run the risk of apprehension. They know that their communications can be intercepted. Finding out that Verizon and Facebook are providing some data the the NSA really doesn't tell them anything that they didn't already know.
Robert Mueller would have us believe that the information that has been disclosed has done grave damage.
FBI Director Robert Mueller defended the programs in testimony to Congress on Thursday. In what is likely his final appearance as FBI director before the House Judiciary Committee, Mueller said that terrorists track leaked information "very, very closely" and that because of leaks "we lose our ability to get their communications" and "we are exceptionally vulnerable."
I find that assertion highly questionable. I have always had reservations about the effort to make a close link between a vague and general term like terrorism and national security. Traditionally national security was about defending the country against attack by foreign governments. The efforts of the the Bush administration to link the government of Iraq to the threat of terrorist attack on American soil turned out to be a big bust.
America is faced with a series of violent attacks on groups of innocent citizens. The one that occurred on 9/11 was carried out by an organized group of conspirators with links to a foreign group, but as far as has been determined, not to a foreign government. Far more attacks have been carried out by Americans killing other Americans. The Oklahoma City bombing had no foreign links. The slaughter of people in the movie theater in Colorado had no foreign links. The practical consequences of all of these incidents was the violent deaths of innocent people, but they get characterized and classified very differently.
It has been possible to convince a large portion of the public that the threat of international terrorism is so real and imminent that the government must be allowed broad latitude in the conduct of secret investigations. Yet many of the people who willing endorse those programs are outraged at the thought of gun control. There is something seriously wrong with this picture.