Pinterest Stumbleupon Whatsapp
Ads by Google

In the past decade the American government has gained the ability to secretly observe and collect information on American, and foreign, citizens. Using legal proceedings like National Security Letters (NSLs) governmental agencies can demand that US-based companies turn over detailed customer information. The majority of companies affected are, understandably, not very pleased about this and they’ve started to fight back.

National Security Letters

The Electronic Frontier Foundation (EFF) — an organisation dedicated to defending digital rights — describes NSLs as “one of the most frightening and invasive” expansions of government power granted by the USA PATRIOT Act. They are orders secretly served to communications service providers by the FBI demanding data about users. Phone companies, Internet service providers (ISPs) and companies like Apple and Tumblr all fall under the broad umbrella of communications service providers.

The most worrying thing about NSLs is the accompanying gag order. Any company that receives an NSL is prohibited from revealing any details — including that they have received one. This, along with the lack of judicial oversight when NSLs are served, is why the EFF is challenging their constitutionality in court.

gagged

According to the EFF, an NSL requires any company served with one to provide the FBI with data related to “ordinary American citizens’ private communications and Internet activity”.

NSLs aren’t the only technique used by government security agencies to monitor people’s internet activity. My fellow MakeUseOf author Chris has written about the PRISM project which involves directly collecting data from the servers of major US-based companies What Is PRISM? Everything You Need to Know What Is PRISM? Everything You Need to Know The National Security Agency in the US has access to whatever data you're storing with US service providers like Google Microsoft, Yahoo, and Facebook. They're also likely monitoring most of the traffic flowing across the... Read More .

Ads by Google

Canary In The Privacy Mine

Canaries were once used by miners as a crude safety system. If there was a carbon monoxide leak in the mine the canary would be affected before the miners. By watching the canary the miners could tell whether or not they were safe. If it was tweeting away happily the miners would know everything was okay. If it wasn’t, it was time to get out of the mine. Based on the same principle, some companies — including Apple and Tumblr — have used a warrant canary to indirectly inform the public about gag orders.

canary

Most major communications companies publish regular transparency reports that detail the number of governmental information requests they’ve received. NSLs are not the only kind of request companies get; they also get other kinds of information requests that don’t come with a gag order, for example, search warrants. Their transparency reports reveal far more specifics about these requests than they do the gagged ones.

A warrant canary is a statement that says that the company hasn’t received any gagged governmental information requests. By including the statement in every transparency report the company sets a pattern. If the statement is absent it can be inferred they have received a gagged NSL — or other similar order — in the period covered by the report.

The most important feature of warrant canaries is that companies cannot be compelled to include the statement if they have been served with a gag order because it would be untrue. While the American government can stop a company from speaking out about a gag order, freedom of speech laws mean that they cannot be forced to lie.

Unfortunately, most major companies cannot use warrant canaries; they all receive gagged legal requests. Under recent judicial guidelines, companies have finally been allowed reveal some information about the number of NSLs they receive. They can announce the number of NSLs they get in blocks of 1000, starting from 0. The EFF gives the example that “if an ISP received 654 NSLs, it could report 0–999” received. Looking at the transparency reports of companies like Apple, Google and AT&T is depressing: they receive hundreds or thousands of gag orders a year.

Going Forward

Companies are beginning to fight back against secret governmental information requests. More and more organisations are starting to campaign for privacy Who Is Fighting On Your Behalf Against The NSA And For Privacy? Who Is Fighting On Your Behalf Against The NSA And For Privacy? There are several Internet activism groups who are fighting on your behalf for privacy. They are doing their best to educate netizens as well. Here are just a few of them that are incredibly active. Read More . It has become a hot button issue and companies like Apple and Google have reiterated their commitment to protecting their users’ information.

The EFF has starting to see some success. A judge ruled NSL gag orders unconstitutional last year although they are still being used while the ruling is appealed.

eff

Even still, the continuing revelations about what American governmental agencies are capable of doing are worrying. Just a few months back Dann wrote about how merely searching for privacy software like Tor could get you on an NSA watch-list Your Interest in Privacy Will Ensure You're Targeted By The NSA Your Interest in Privacy Will Ensure You're Targeted By The NSA Read More . The more companies that fight against this state of affairs the better.

What do you think of gagged governmental information requests? Are they an important tool in the fight against terrorism or an abuse of regular people’s privacy?

Image Credits: EFF, Shutterstock, Rachel Kramer via flickr.

  1. reinkefj
    November 19, 2014 at 7:40 pm

    dropbox.com/s/sz10kw55c4fsww4/Screenshot%202014-11-19%2014.39.35.png?dl=0

    Picture of canary

    and

    "I have NOT received any gagged governmental information requests"

    Not that they are interested in my, but maybe we can create an ad hoc inet standard?

  2. dragonmouth
    November 18, 2014 at 10:36 pm

    In spite of all the protestations by the so-called "patriots" to the contrary, United States is heading back to the days of "bills of attainder" and "lettres de cachet." For all the non-Americans that are smugly snickering in front of their monitors. don't get too comfortable, YOU'RE NEXT.

  3. reinkefj
    November 18, 2014 at 8:41 pm

    I just put a warrant canary on my blog!

    • Harry
      November 19, 2014 at 10:08 am

      Hahahhah nice! What does it say?

  4. Paul Harris
    November 18, 2014 at 5:05 pm

    I'm not sure if I'm safer here in Canada, so my Nexus 5/Lolipop is encrypted and I use a VPN service when I'm away from home.
    But I am an honest law-abiding model citizen who hasn't as much as farted in public over a lifetime, so why should I worry.
    The added security will just piss off the Man when he confiscates my phone.

    • Harry
      November 18, 2014 at 9:36 pm

      Hey Paul, the EFF actually talks about people using protection like that even when they don't need it. They recommend it because it helps hide the people who do need it.

    • dragonmouth
      November 18, 2014 at 10:46 pm

      @Paul Harris:
      "I am an honest law-abiding model citizen who hasn’t as much as farted in public over a lifetime, so why should I worry."
      Please discard that silly attitude. You definetely should worry. Maybe not as much as your neighbors to the south, but you should worry nevertheless. With a "proper" spin and massaging, anything you do (or don't do) can be made to look inimical to the State. Any governmental agencies in charge of security can take 2+2 and come out with 5.

Leave a Reply

Your email address will not be published. Required fields are marked *