Friday, June 27, 2014

A step toward government transparency

Posted by Richard Salgado, Director Law Enforcement and Information Security

Last year, President Obama directed the Intelligence Community to be more transparent about government surveillance programs, which led to a promise by the Office of the Director of National Intelligence to release a transparency report concerning national security orders it issues on an annual basis. Today, the U.S. government released its first transparency report containing statistics around national security orders for user data to Internet and telecom companies. This is a step in the right direction of increasing trust in both government and Internet services, and it demonstrates again that governments can embrace transparency while protecting national security. We applaud this first step, and strongly encourage other countries to follow suit, though there is still more to be done.

First, the government reports in a manner that makes it impossible to compare its report with the report of companies, such as the Google Transparency Report. Specifically, the government has chosen to disclose an estimated number of “targets” that it has surveilled, rather than the number of “accounts” at issue. This means that where the “target” is an organization composed of many people, and the government uses FISA to require disclosure of information from many different providers about the many accounts used by those people, covering a broad array of services, it may only report that there was one target. By contrast, in our methodology, and that used by other companies, we each would count the number of accounts impacted by a particular surveillance request. The government could provide more meaningful transparency by specifying the number of accounts too.

Second, we would like to see the federal government report on its national security demands with more information about the targets than it does today. Companies like Google can only provide a limited snapshot of how national security authorities are used. The Department of Justice, however, can provide a complete picture. To that end, we support legislation proposed by Senator Franken in August of 2013 that would mandate that the U.S. government release statistics around the number of both citizens and non-citizens whose information is collected and the scale and scope of the search and review of that data.

Finally, we gave early support for USA Freedom Act provisions which would allow companies to provide greater detail about the volume, scope, and type of national security demands that we ourselves receive for user data. Last month, the House version of the USA Freedom Act made improvements on the terms set out by the Department of Justice, and we hope that the Senate paves the way for companies to share more details about the national security demands that we receive.

I’m excited to see how far this debate has come; a year ago almost no one would have imagined that the federal government would release data about its national security demands to companies. These steps show that national security and transparency for the public are not in competition. We also hope that governments around the world will follow the lead of the U.S. government and be more open about the national security demands they serve on service providers and put out comparable transparency reports. Congress, and other governments around the world, should build on these steps.

No comments: