Publishing these numbers is a step in the right direction, and speaks to the principles for reform that we announced with other companies last December. But we still believe more transparency is needed so everyone can better understand how surveillance laws work and decide whether or not they serve the public interest. Specifically, we want to disclose the precise numbers and types of requests we receive, as well as the number of users they affect in a timely way. That’s why we need Congress to go another step further and pass legislation (PDF) that will enable us to say more.
You have the right to know how laws affect the security of your information online. We’ll keep fighting for your ability to exercise that right by pushing for greater transparency around the world.
We appreciate that there is interest not only in what these numbers show, but in what they mean. I’d offer two thoughts. First, while our customers number hundreds of millions, the accounts affected by these orders barely reach into the tens of thousands. This obviously means that only a fraction of a percent of our users are affected by these orders. In short, this means that we have not received the type of bulk data requests that are commonly discussed publicly regarding telephone records. This is a point we’ve publicly been making in a generalized way since last summer, and it’s good finally to have the ability to share concrete data.
Second, nothing in today’s report minimizes the significance of efforts by governments to obtain customer information outside legal process. Since the Washington Post reported in October about the purported hacking of cables running between data centers of some of our competitors, this has been and remains a major concern across the tech sector. In December, we announced a number of measures to protect customer data, including a significant expansion of encryption across our services. However, despite the President’s reform efforts and our ability to publish more information, there has not yet been any public commitment by either the U.S. or other governments to renounce the attempted hacking of Internet companies. We believe the Constitution requires that our government seek information from American companies within the rule of law. We’ll therefore continue to press for more on this point, in collaboration with others across our industry.
It is important to remember that receipt of an order does not mean the information that was sought was ultimately disclosed. Microsoft has successfully challenged requests in court, and we will continue to contest orders that we believe lack legal validity.
As always, Yahoo will continue to protect the privacy of our users and to ensure our ability to defend it. This includes advocating strenuously for meaningful reform around government surveillance, demanding that government requests be made through lawful means and for lawful purposes, and fighting government requests that we deem unclear, improper, overbroad, or unlawful.
The new information we are releasing today marks a significant step forward. As we have said before, we believe that while governments have an important responsibility to keep people safe, it is possible to do so while also being transparent. We will continue to advocate for reform of government surveillance practices around the world, and for greater transparency about the degree to which governments seek access to data in connection with their efforts to keep people safe.
We work hard to deliver the most secure hardware and software in the world and we will continue to provide our customers with the best privacy protections available. Personal conversations are protected using end-to-end encryption over iMessage and FaceTime, and Apple does not store location data, Maps Searches, or Siri requests in any identifiable form.
Apple reviews each order, whether criminal or under a national security authority, to ensure that it is legally issued and as narrowly tailored as possible. If there is any question about the legitimacy or scope of the order, we challenge it. Only when we are satisfied that the order is valid and appropriate do we deliver the narrowest possible set of information in response to that order.
LinkedIn will continue working to ensure that the transparency that was won as a result of our legal challenges and advocacy is enacted into law. In addition to providing more information in our Transparency Report, we will also continue to advocate for still narrower disclosure ranges, which will provide a more accurate picture of the number of national security-related requests that companies like LinkedIn receive.