Disclosures about national security requests indicate that Yahoo was ordered to hand over content from more accounts than other tech firms during the first six months of 2013. http://www.bbc.co.uk/news/technology-26031092
Yahoo said it was told to release content from between 30,000 and 30,999 accounts over the period under the Foreign Intelligence Surveillance Act (Fisa).
Yahoo said the types of content that might be requested included words in an email or instant message, photos posted online via its Flickr website, Yahoo Address book entries, and appointments entered into its Calendar product.
The firm has also published a transparency report for its Tumblr blogging platform that states the unit had never received a Fisa order or NSL.
One campaigner suggested such information had limited use.
“Transparency reports for a long time were really insightful tools for us to see what governments were asking the tech companies,” Privacy International’s Mike Rispoli told the BBC.
“Now we know that the game has changed.
“Governments do not need to go to companies to get user data – they can directly intercept it. They do not need to go through the front door anymore, they have kicked down the back door.”
The latest figures build on an updated report published by Apple last week.
It is now known that the number of US national security orders for content made between 1 January and 30 June 2013 was as follows:
- Yahoo – between 30,000 and 30,999 accounts
- Microsoft – between 15,000 and 15,999 accounts
- Google – between 9,000 and 9,999 accounts
- Facebook – between 5,000 and 5,999 accounts
- Apple – between 0 and 249 accounts
- LinkedIn – between 0 and 249 accounts
Disclosures involving Fisa orders are subject to a six-month reporting delay.
NSLs are not subject to a time restriction. Yahoo, Facebook, Microsoft and Google have now all given some figures for the number of such letters they received from the FBI between 1 July and 31 December.
By their nature, the figures do not address data taken from the firms without their knowledge.
According to leaked documents published by the Washington Post, the NSA and GCHQ have broken into communication links connecting Google and Yahoo’s data centres to copy records under a programme codenamed Muscular.
In addition, leaks reported by the Guardian, suggest that GCHQ has copied data from fibre-optic cables used by the internet, and shared the information with the NSA as part of an operation called Tempora.
The tech companies are now encrypting more of their data to tackle this, but Microsoft’s general counsel has demanded a response from the authorities.
“Despite the president’s reform efforts and our ability to publish more information, there has not yet been any public commitment by either the US or other governments to renounce the attempted hacking of internet companies,” Brad Smith wrote on the firm’s blog.
“We believe the Constitution requires that our government seek information from American companies within the rule of law. We’ll therefore continue to press for more on this point in collaboration with others across our industry.”