Tag Archives: privacy

Survey shows improved privacy, security at big online services

By SB Anderson

The chart below summarizes how the major tech companies surveyed by the Electronic Frontier Foundation fared as it relates to “privacy policies, terms of service, public statements, and courtroom track record.”

Nine companies this year received the highest six-star rating, compared to two in last year’s survey. A total of 20 companies are now releasing so-called transparency reports about government requests for data compared to 7 a year ago, EFF’s survey showed.

“The sunlight brought about by a year’s worth of Snowden leaks appears to have prompted dozens of companies to improve their policies when it comes to giving user data to the government,” EFF’s Rainey Reitman said in a release.

Full Report (HTML) | Full Report (PDF) | SILK’s aggregated database of transparency reports (HTML)

Results of EFF's 2014 survey

‘Practically irrelevant’ annual report on FISA and NSL requests released

By SB Anderson

Steve Aftergood of the Secrecy News blog aptly called the report ‘practically irrelevant’ and notes its importance “has receded in the wake of the far more substantial disclosures of the post-Snowden era,” but nonetheless, the Justice Department this week officially declared how many times it snooped on us all in 2013.

In its annual report to Congress on activity under the Foreign Intelligence Surveillance Court Act, (download PDF)  the Justice Department said it made 1,655 applications to the Foreign Intelligence Surveillance Court. None of those requests for electronic surveillance, physical search or both was turned down. That total is down about 11% over 2012.

The FBI issued 14,219 secret National Security Letters demanding customer records from businesses. Those covered 5,334 individuals. Requests and people affected were down 7% and 11% respectively.

The report also said it sought “business records” from the surveillance court 178 times, but as Aftergood noted in light of information disclosed in and since the Snowden era began nearly a year ago, “the bland term “business records” extends in principle to everyone’s telephone call records.”

SOURCE:  OnTheBeat graphics using EPIC.org compilation from Federation of American Scientists document collection.

Will non-criminal mugshots of residents from your state be in new FBI database?

By SB Anderson

The FBI plans to launch by summer’s end a facial recognition system that “poses real threats to privacy for all Americans” and could include 4.3 million photos taken for non-criminal purposes within a year, the Electronic Frontier Foundation reports.

“NGI will allow law enforcement at all levels to search non-criminal and criminal face records at the same time. This means you could become a suspect in a criminal case merely because you applied for a job that required you to submit a photo with your background check.”
–EFF report

“The FBI’s massive biometric database that may hold records on as much as one third of the U.S. population,” the EFF said, citing documents it has received as part of a Freedom of Information Act legal fight. “The facial recognition component of this database poses real threats to privacy for all Americans.”

The 4.4 million non-crime-related images would be part of the “Next Generation Identification” system, which “builds on the FBI’s legacy fingerprint database—which already contains well over 100 million individual records—and has been designed to include multiple forms of biometric data, including palm prints and iris scans in addition to fingerprints and face recognition data.”

One source for those new images: Routine employer fingerprint checks. A copy of the fingerprints are already sent to the FBI’s non-civil database; a photo could not be added if employers ask that they be taken, EFF says. The issue: NGI would also mean first-ever searches of both the criminal and noncriminal databases.

“This means that even if you have never been arrested for a crime, if your employer requires you to submit a photo as part of your background check, your face image could be searched—and you could be implicated as a criminal suspect—just by virtue of having that image in the non-criminal file.”

The graphic below shows the status, as of 2012, of FBI discussions with states for participating in NGI. “The FBI hopes to bring all states online with NGI by this year,” EFF said.

Participating states

SOURCE: Electronic Frontier Fondation

U.S. Law enforcement requests for Google user info up 31%; nearly half of all requests globally

By SB Anderson

U.S. law enforcement requests for data about Google users set a new record, data that Google released about the second half of the year yesterday showed.

Wielding subpoenas in 2 out of 3 cases, agencies asked 21,500 times — 59 times a day — for information about nearly 40,000 users and/or accounts. Unlike court orders and warrants, subpoenas are not necessarily issued by a court.

The number of requests was down slightly in the second half of the year (3%) and the number of users/accounts was down a bit more (16%). It is unclear whether the enormous publicity over monitoring of personal data after Edward Snowden released a plethora of explosive NSA documents in the Spring may have been a factor in the slight decline. The drop in the second half of 2013 as the first ever reported on a half-year basis since Google started releasing the data after the second half of 2009.

The data released on Thursday focused on requests that are unrelated to national security, i.e., involving the National Security Agency, FBI and secret Foreign Intelligence Surveillance Court. Aggregate data about those cases was released in February after the Obama administration slightly reduced restrictions on public release.

Google has been releasing the so-called “Transparency Reports” since 2009; some of its peers and competitors didn’t follow suit until the last year. The requests from law enforcement in some cases cover just information about an account holder or user, such as address; in other cases, authorities ask for actual content produced by the user (e.g., Gmail, YouTube, etc.). In 2013, at least some data was released in just over 4 in 5 cases.

The U.S. by far remained the leader in requests, accounting for 43% of all requests (up slightly over the first half), distantly followed by France, Germany and India in the second half of the year. The number of countries that made requests was up in the second half of the year, but about half were for 20 or fewer.

Requests by year and number of accounts affected

Broken down by first and second halves of years

Types of orders

For good measure, Google released this animated cartoon about how it deals with warrants.