When PRISM was leaked in early June, Facebook was one of the first companies citied in the report to deny any involvement with the program. The revelation did, however, push Facebook into asking the U.S. government for permission to publish government data request numbers. That wish was granted in mid-June, and now Facebook has published its very first transparency report.
Facebook today published what it calls the "Global Government Requests Report." In short, it's a report detailing government requests for user data from all over the world. It lists the total requests for data by country as well as how many user accounts were requested in said country. It also reveals the percentage of requests where Facebook was required by law to hand over data.
Before we get to the actual numbers, Facebook's General Counsel, Colin Stretch, reiterates once again that the social network does not provide a back door into its network for the NSA or any other governmental body. Instead, it makes any government requesting jump through as many hoops as possible:
As we have made clear in recent weeks, we have stringent processes in place to handle all government data requests. We believe this process protects the data of the people who use our service, and requires governments to meet a very high legal bar with each individual request in order to receive any information about any of our users. We scrutinize each request for legal sufficiency under our terms and the strict letter of the law, and require a detailed description of the legal and factual bases for each request. We fight many of these requests, pushing back when we find legal deficiencies and narrowing the scope of overly broad or vague requests. When we are required to comply with a particular request, we frequently share only basic user information, such as name.
So, let's check out the numbers, shall we? They cover the first six months of 2013, and cover pretty much every nation that Facebook operates in. As expected, the United States is number one with 11,000 to 12,000 data requests that impact 20,000 to 21,000 user accounts. Additionally, 79 percent of these requests end up with Facebook handing over some user data.
What may be surprising to some, however, is that India came in second place with 3,245 requests for data impacting 4,144 user accounts. Only 50 percent of those requests ended up with Facebook handing over data though.
Rounding out the top five is the United Kingdom in third place, Germany in fourth and Italy in fifth. Only other one country, France, sent over 1,000 data requests in the first six months of this year. The rest of the countries in the report, mostly eastern Europe and Southeast Asia, sent less than 100 requests.
One thing you may have noticed is that only the United States data requests are published in aggregate form without a hard number to accompany it. Unfortunately, that's the only way Facebook can publish the numbers for U.S. data requests as the government makes Facebook combine federal and local data requests in an aggregate number so that the public can't see how many federal requests for data are actually being sent.
You may recall that this aggregate requirement rubbed Google the wrong way in late June when it filed a complaint with the FISA court regarding its inability to publish more accurate data request numbers. In its filing, Google argued that it should be able to publish an aggregate figure of federal requests without having to lump in local law enforcement requests. Publishing aggregate figures of just federal requests wouldn't have any impact on national security, but Google hasn't made any progress with its complaint even after Microsoft filed its own complaint as well.
Regardless, Facebook feels that publishing these numbers, even if they're disingenuous, play an important role in the public debate concerning the NSA:
We hope this report will be useful to our users in the ongoing debate about the proper standards for government requests for user information in official investigations. And while we view this compilation as an important first report - it will not be our last. In coming reports, we hope to be able to provide even more information about the requests we receive from law enforcement authorities.
As we have said many times, we believe that while governments have an important responsibility to keep people safe, it is possible to do so while also being transparent. Government transparency and public safety are not mutually exclusive ideals. Each can exist simultaneously in free and open societies, and they help make us stronger. We strongly encourage all governments to provide greater transparency about their efforts aimed at keeping the public safe, and we will continue to be aggressive advocates for greater disclosure.
That last paragraph is the most important point Stretch makes, and it's something that we can only hope the U.S. government takes to heart in the coming months. Obama's proposed NSA reforms promised transparency, but almost everything out of his administration thus far looks to sustain the status quo under a facade of transparency.[Image: Wikimedia Commons]