“Who Has Your Back?” In Depth: Which Companies Promise To Tell Users About Government Data Requests?

EFF recently launched a campaign calling on companies to stand with their users when the government comes looking for data. (If you haven’t done so, sign our petition urging companies to provide better transparency and privacy.) This article will provide a more detailed look at one of the four categories in which a company can earn a gold star in our campaign: promising to tell users about government data demands.

This category requires a company to make an enforceable promise to let users know when the government comes knocking, unless giving notice is prohibited by law or a court order. This commitment is important because it gives users a chance to defend themselves against government requests. In most situations, a user is in a better position than a company to challenge a government request for personal information, and of course, she has more incentive to do so.

Promising to give notice should be an easy commitment to make — the company doesn’t have to take a side, it merely has to pass on important information to the user. And companies don’t have to give notice if the law or a court order prevents it. Ideally, we think companies should make this promise in their terms of service and privacy policies, although none of the companies on our chart currently does that.

We gave Twitter a full gold star in this category. While Twitter doesn’t promise to notify users about government requests in its terms of service or privacy policy, the company does say in its law enforcement guidelines that “Twitter’s policy is to notify users of requests for their information prior to disclosure unless we are prohibited from doing so by statute or court order.” Twitter went even further earlier this year when it pushed back against a Department of Justice gag order so that it could inform several users that their data had been sought in the Wikileaks investigation.

We also gave Google half of a gold star. Like Twitter, the company doesn’t promise to notify users about data requests in its terms of service or privacy policy, but according to a blog post by Google’s Chief Legal Officer David Drummond, “Whenever we can, we notify users about requests that may affect them personally.” This is good, but it doesn’t get a full star because it falls short of a full promise.

Other prominent Internet companies — including Amazon, Apple, AT&T, Comcast, Facebook, Microsoft, Myspace, Skype, Verizon, and Yahoo — can do more to give you the chance to defend your privacy against government overreach. Sign the petition to tell these companies to join Twitter and Google in making this important public commitment to their users, and to add the promise to their official policies. And if your company officially makes this promise to users but you’re not on our list, let us know!

This article was written by Marcia Hofmann and first published on Electronic Frontier Foundation.

Related Posts

The Open Source trials: hanging in the legal balance of copyright and copyleft For those meddling in open source software affairs, compliance with licenses is a very hot topic. In the last 2 years we have witnessed the licensing ...
ST-Ericsson and Linaro, working towards the first release By ST-Ericcson: Open source has become an important driving force in the smartphone industry and a particularly key area of focus for ST-Ericsson. We...
Android App Permissions Dissected Based on our recent research and feedback from our users, we know that Android permissions can sometimes be confusing. Often it is hard to tell what d...
Apps is the new Web: sowing the seeds for Web 3.0 Billions of downloads. That’s how the success of software platforms is measured today. And while downloads is not a currency (it does not necessarily ...
The Message of Firesheep: “Baaaad Websites, Implement Sitewide HTTPS Now!” The Firesheep Firefox extension has been scaring users across the Internet since its introduction at the Toorcon security conference this past weekend...
Egyptian Actions Highlight Dangers in U.S. Cybersecurity Proposals The Egyptian regime's shutdown of the Internet in an attempt to preserve its political power highlights the dangers of any government having unchecked...

We Recommend These Vendors and Free Offers

ContainerizeThis 2016 is a free, 2-day conference for all things containers and big data. Featured, will be presentations and free, hands-on workshops. Learn more at ContainerizeThis.com

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


Leave a Comment

Your email address will not be published. Required fields are marked *

*