Tech companies and Justice Dept. make a deal on data requests

Several influential tech companies made an agreement with the Justice Department that allows them to publicly report in very broad terms what kind of – and how many – data requests they get from security and law enforcement agencies.

That means companies like Google, Microsoft, Facebook and Apple, which are required by US law to share data about a fragment of their users, can now alert the public about the scope of two types of surveillance-related court orders they receive.

The new policy – made public Monday – allows companies the chance to disclose with an approximate statistic how many national security letters and requests from the Foreign Intelligence Surveillance Court (FISC) they receive. 

The amount of national security letters and customer accounts targeted can be reported every six months in a range between zero and 999. The same goes for FISC requests. However, if companies decide to combine the letters and the FISC requests into one number, the range can be between zero and 249, according to the Justice Department.

“While this aggregate data was properly classified until today, the office of the Director of National Intelligence, in consultation with other departments and agencies, has determined that the public interest in disclosing this information now outweighs the national security concerns that required its classification,” a Justice Department statement said.

It's a small victory for transparency advocates, especially since under a gag-order tech companies were previously not allowed to say they had received those requests. 

Tech companies respond

The same day the Justice Department published a letter detailing the new rules, Apple released the information along with a statement.

"We believe strongly that our customers have the right to understand how their personal information is being handled, and we are pleased the government has developed new rules that allow us to more accurately report law enforcement orders and national security orders in the US," the statement said.

According to Apple, between Jan. 1 and June 30, 2013, it received between zero and 249 national security orders for consumer data. Apple has millions of accounts, so that's a fraction of its database.  

Apple also reported it received 927 requests that involved 2330 user accounts from law enforcement agencies that were not connected to national security requests. Apple disclosed data on 747 accounts.

After former NSA contractor Edward Snowden leaked information to news outlets that showed the vast scope and depth of US government surveillance, tech companies sought to tell consumers exactly how they fit into these spy programs.

Eventually, five companies – Facebook, Google, LinkedIn, Microsoft and Yahoo!, along with Apple's support – brought a dispute to a secret court in Washington, D.C. that deals with national security investigations. 

The companies had wanted to tell consumers about the court orders they get, and Monday's deal means the litigation from that dispute is over, according to Reuters. 

Microsoft published a joint statement by the five companies that said they welcomed the deal, but that there was still more steps to be taken:  

"We filed our lawsuits because we believe that the public has a right to know about the volume and types of national security requests we receive. We're pleased the Department of Justice has agreed that we and other providers can disclose this information. While this is a very positive step, we'll continue to encourage Congress to take additional steps to address all of the reforms we believe are needed.”