Google Tells Feds It Wants to Disclose Surveillance Orders

Google, Microsoft, Facebook, Yahoo and LinkedIn are ramping up efforts in Congress and the Foreign Intelligence Surveillance Act court to win authority to publish figures about data-collection orders received from the feds. However, the Justice Department says that would undermine the intelligence community.

surveillance

Google, one of the tech companies at the heart of the public-private friction over government requests for commercial data related to national security, is planning to step up its efforts to win the authority to make public disclosures about the scope of those surveillance orders.

That campaign will play out on two fronts, according to David Lieber, a privacy policy counsel with Google.

In Congress, the search giant is backing bills introduced by Al Franken (D-Minn.) in the Senate and, in the House, by Zoe Lofgren (D-Calif.) that would authorize (but not require) companies to release aggregate statistics describing the number of national security orders they have received in a given time period and how many users have been impacted.

"We've been supportive of that legislation, along with a number of other companies, trade associations and civil society groups. And we're looking forward to a broader campaign to codify the principles that are reflected in those bills," Lieber said this week at an event hosted by the Cato Institute, a libertarian think tank.

Lieber says that those bills "advance bedrock First Amendment principles" involving disclosures that, under normal circumstances, would require no special action for companies to make. But the Justice Department and national security authorities have pushed back against the efforts of tech firms like Google, Microsoft, Facebook and Yahoo to publish aggregate data about the volume and scope of national security orders issued under the Foreign Intelligence Surveillance Act.

"If these leading Internet companies are permitted to make these disclosures, the harm to national security would be compounded by the fact that other companies would surely seek to make similar disclosures."

--Department of Justice

Those four companies, joined by LinkedIn, have taken their case to the FISA court, or FISC, where they are seeking a declaratory judgment that would permit them to disclose figures about the data requests they receive under each section of the law, further parsing the numbers by delineating "content" and "non-content" requests.

In a response filed with the FISC Sept. 30 arguing against the tech firms' motion, the Justice Department cited reforms the government has taken in the interest of greater transparency, including granting permission for companies to publish aggregate figures about how many administrative subpoenas (known as national security letters) they receive from federal authorities, as well as a commitment to report the total number of orders -- broadly defined to include FISA actions and national security letters -- issued each year.

DoJ Argues Against Disclosure Permission

The Department of Justic (DoJ) argued that the more granular disclosures that the tech companies are seeking would undermine the efforts of the intelligence community by providing terrorists and other adversaries a picture of which services are subject to what level of surveillance, tipping them off about when the feds have begun collecting information about a new service, and which platforms the government is not serving paper on.

What's more, the DoJ asked the FISA court to reject the tech firms' case on the grounds that if those five companies won the disclosure permission they are seeking, others would doubtless follow, establishing a dangerous precedent that could undermine the intelligence activities that of necessity operate under a veil of secrecy.

"The government is effectively asking the court to place its imprimatur on the proposition that the government should be the arbiter of who gets to speak about the issuance and receipt of FISA demands. That's just a striking departure from important First Amendment principles"

--David Lieber, a privacy policy counsel with Google

"If these leading Internet companies are permitted to make these disclosures, the harm to national security would be compounded by the fact that other companies would surely seek to make similar disclosures," the DoJ argued. "As a result, our adversaries could soon be able to obtain a comprehensive picture of FISA-related surveillance activities."

Free Speech, First Ammendment at Risk?

But in the DoJ's argument, Google's Lieber sees a significant free-speech problem, namely that the government is overreaching in its application of the classified-information shield to bar companies from the disclosures they seek to make.

"In our case before the FISC, the government is effectively asking the court to place its imprimatur on the proposition that the government should be the arbiter of who gets to speak about the issuance and receipt of FISA demands. That's just a striking departure from important First Amendment principles," he said.

There is no separating the tech firms' campaign to disclose more information about the data they share with the government and their own business interests. Even before the revelations of former NSA contractor Edward Snowden, U.S. cloud providers had been struggling to convince foreign customers and governments that data stored with them is not subject to unfettered government inspection under Patriot Act authorities.

With the recent wave of disclosures, those concerns have only heightened, arming critics of the government's surveillance program in Congress, like Sen. Ron Wyden (D-Ore.), with a pro-business argument in favor of checks on bulk data collection and greater transparency.

"American companies that are believed to have been the subject of government surveillance orders are taking a major hit internationally and here at home," Wyden said this week at the Cato Institute. "This is a serious economic issue at a time when we all know our economy certainly is fragile."

Kenneth Corbin is a Washington, D.C.-based writer who covers government and regulatory issues for CIO.com.

Follow everything from CIO.com on Twitter @CIOonline, on Facebook, and on Google +.

To comment on this article and other CIO content, visit us on Facebook, LinkedIn or Twitter.
Download the CIO October 2016 Digital Magazine
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.