AT&T latest to release data on secret government requests for data


By SB Anderson

AT&T said on Tuesday that it received secret orders under the Federal Intelligence Surveillance Act in the first half of last year involving up to 37,000 customer accounts. Those accounts were included in up to 2,000 orders from the Justice Department; half of those requests were for actual content from customers in as many as 36,000 accounts. The other half demanded just account data.

As many as 2,999 other requests came from the FBI as “National Security Letters,” and involved up to 4,999 accounts. Those letters can only demand information about a customer account, not personal data such as documents or emails.

ATT FISA and NSL Report 2/14

SOURCE: AT&T

The Justice Department in late January, to settle a lawsuit the companies had brought seeking more transparent reporting, relaxed reporting standards and allowed the FISA data to be made public for the first time. Companies that choose to report the FISA requests and NSL requests combined can use ranges of 0–249; if data is separate, it must be reported in larger ranges — 0-999.

FISA data can cover both the total number of orders made and how many accounts were involved. It can also be broken out by requests for customer information, such as subscriber name, or actual content, such as an e-mail. National Security Letters are limited to only customer information, not content.

AT&T on Tuesday also released its first ever data on non-national security related civil and criminal court requests for user data and information. Other communications and internet companies, such as Google, have been releasing “transparency reports” with this data for several years.

During 2013, AT&T received an average of 827 requests a day from law enforcement — 301,816 for the years, most involging criminal cases and issued by subpoenas, which are believed to typically only cover data about a user and account, not content created. Just under 1 in 5 requests came via more powerful court order or warrant. Only about 1% of requests were rejected by AT&T and for about 5% of the requests, AT&T had no or only partial information to release.

About 100,000 “emergency” requests were received, such as those related to a 911 call. About 38,000 request were for a customer’s location, as well as all numbers for a particular cell tower.

ATT Transparency Report

SOURCE: AT&T

AT&T did not release information about how many customers were actually affected by the requests; nor did competitor Verizon in its report a few weeks ago. Other companies, such as Yahoo and Google, release that data, but AT&T said “demands for information in civil or criminal matters involve a wide range of variables – making it very difficult to tally the number of customers whose information was provided in response to those demands.”

Verizon, which issued a “traditional” transparency report covering court requests and National Security Letters earlier in January, has not released updated data to include FISA orders and additional NSL details since allowed under the relaxed reporting guidelines that were were made effective after it released its original report.

Transparency Reports Updated 2/18/14

FISA and NSA Data (updated 2/18/2014)(Click on image for larger version in new browser window).