“Who Has Your Back?” In Depth: Which Companies Promise To Tell Users About Government Data Requests?

EFF recently launched a campaign calling on companies to stand with their users when the government comes looking for data. (If you haven’t done so, sign our petition urging companies to provide better transparency and privacy.) This article will provide a more detailed look at one of the four categories in which a company can earn a gold star in our campaign: promising to tell users about government data demands.

This category requires a company to make an enforceable promise to let users know when the government comes knocking, unless giving notice is prohibited by law or a court order. This commitment is important because it gives users a chance to defend themselves against government requests. In most situations, a user is in a better position than a company to challenge a government request for personal information, and of course, she has more incentive to do so.

Promising to give notice should be an easy commitment to make — the company doesn’t have to take a side, it merely has to pass on important information to the user. And companies don’t have to give notice if the law or a court order prevents it. Ideally, we think companies should make this promise in their terms of service and privacy policies, although none of the companies on our chart currently does that.

We gave Twitter a full gold star in this category. While Twitter doesn’t promise to notify users about government requests in its terms of service or privacy policy, the company does say in its law enforcement guidelines that “Twitter’s policy is to notify users of requests for their information prior to disclosure unless we are prohibited from doing so by statute or court order.” Twitter went even further earlier this year when it pushed back against a Department of Justice gag order so that it could inform several users that their data had been sought in the Wikileaks investigation.

We also gave Google half of a gold star. Like Twitter, the company doesn’t promise to notify users about data requests in its terms of service or privacy policy, but according to a blog post by Google’s Chief Legal Officer David Drummond, “Whenever we can, we notify users about requests that may affect them personally.” This is good, but it doesn’t get a full star because it falls short of a full promise.

Other prominent Internet companies — including Amazon, Apple, AT&T, Comcast, Facebook, Microsoft, Myspace, Skype, Verizon, and Yahoo — can do more to give you the chance to defend your privacy against government overreach. Sign the petition to tell these companies to join Twitter and Google in making this important public commitment to their users, and to add the promise to their official policies. And if your company officially makes this promise to users but you’re not on our list, let us know!

This article was written by Marcia Hofmann and first published on Electronic Frontier Foundation.

Related Posts

Benefits of the MeeGo Software Platform The MeeGo open source project is unique in that it offers benefits to everyone in the ecosystem starting from the developer all the way up to the oper...
CAPTCHAs With Chaos: Strong Protection for Weak Passwords The passwords of the future could become more secure and, at the same time, simpler to use. Researchers at the Max Planck Institute for the Physics...
Social Media and Law Enforcement: Who Gets What Data and When? This month, we were reminded how important it is that social media companies do what they can to protect the sensitive data they hold from the pryin...
Tracking Protection Lists: A privacy enhancing technology that complements Do Not Track Yesterday, Microsoft released version 9 of Internet Explorer, which includes two significant new privacy features: Tracking Protection Lists (TPLs) an...
Who’s watching you? Ahead of terrorist attacks, becoming bankrupt and being attacked in their homes, people are more worried about their online privacy being violated and...
The Android Monopoly and how to harness it From an underdog to ubiquitous manufacturer support, the Android platform has come a long way since its introduction in 2008. Almost every single devi...

We Recommend These Vendors and Free Offers

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


Leave a Comment

Your email address will not be published. Required fields are marked *

*