Risk
6/18/2013
05:58 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Google Challenges Surveillance Gag Order

Google argues it has a First Amendment Right to report the number of demands for information it receives under national security laws.

Google I/O: 10 Key Developments
Google I/O: 10 Key Developments
(click image for larger view and for slideshow)
Seeking to undo the damage to its business and reputation as a result of "false or misleading reports in the media," Google has asked the United States Foreign Intelligence Surveillance Court (FISC) to affirm its right to publish limited statistical data about orders it receives from the court.

The Foreign Intelligence Surveillance Court oversees surveillance requests from the nation's intelligence agencies. The requests, made under the Foreign Intelligence Surveillance Act (FISA), typically come with a gag order. In April, as revealed two weeks ago by The Guardian, the court approved a request by the National Security Agency for ongoing daily access to the phone records of Verizon Business Services.

In reports based on information provided by former NSA contractor Edward Snowden earlier this month about the extent of U.S. government surveillance operations, The Guardian and The Washington Post said that Google and other technology companies, including Apple, Facebook, Microsoft and Yahoo, provided the NSA with direct access to company servers through as system called Prism, to sift through customer data in pursuit of national security.

[ Google cooperates with the government in other ways. Read Google Defends Efforts Against Rogue Pharmacies. ]

Google CEO Larry Page and chief legal officer David Drummond promptly rebutted the claim that their company provides U.S. authorities with direct access to customer data. And a week ago, Drummond published an open letter to Attorney General Eric Holder and Federal Bureau of Investigation Director Robert Mueller seeking permission to publish aggregate numbers of national security requests, including FISA orders in its Transparency Report.

Despite this, Google says that the Department of Justice and the FBI maintain that publishing the number of FISA requests the company receives is unlawful. Thus it has asked the FISC for a summary judgment declaring that it has the right to publish two numbers.

The company's legal motion states, "Google seeks a declaratory judgment that Google has the right under the First Amendment to publish, and that no applicable law or regulation prohibits Google from publishing, two aggregate unclassified numbers: (1) the total number of FISA requests it receives, if any; and (2) the total number of users or accounts encompassed within such requests."

In an emailed statement, a Google spokeswoman said that Google has long pushed for transparency so that users can understand the extent of government demands for data, noting that the company was the first to release data on the number of National Security Letters it receives.

"However, greater transparency is needed, so today we have petitioned the Foreign Intelligence Surveillance Court to allow us to publish aggregate numbers of national security requests, including FISA disclosures, separately," Google's spokeswoman said. "Lumping national security requests together with criminal requests would be a backward step for Google and our users."

Apple, Facebook, Microsoft and Yahoo have all taken such a step, publishing statistics on government demands for user data that combine national security requests with requests related to criminal investigations.

As if to underscore the difficulties that Google faces in dealing with supposedly inaccurate claims about its cooperation with U.S. authorities while under a gag order, Google's legal filing notes, "Nothing in this Motion is intended to confirm or deny that Google has received any order or orders issued by this Court."

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
geek2geek
50%
50%
geek2geek,
User Rank: Apprentice
6/19/2013 | 4:14:35 PM
re: Google Challenges Surveillance Gag Order
Google gets busted for sleeping with NSA and then pleads "battered spouse" syndrome. lol what a bunch of tools
smartmind
50%
50%
smartmind,
User Rank: Apprentice
6/19/2013 | 1:43:31 PM
re: Google Challenges Surveillance Gag Order
Bet if it was the Chinese government asking Google.CN for access to confidential data - it would up sticks and stop operating in China.... oops that is exactly what it did, isn't it? Perhaps it should also leave the USA and operate from elsewhere. I am sure that Ecuador would provide Google with a safe haven?
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-1793
Published: 2014-12-25
rendering/svg/RenderSVGResourceFilter.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted SVG document that leads to a "stale pointer."

CVE-2011-1794
Published: 2014-12-25
Integer overflow in the FilterEffect::copyImageBytes function in platform/graphics/filters/FilterEffect.cpp in the SVG filter implementation in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified ...

CVE-2011-1795
Published: 2014-12-25
Integer underflow in the HTMLFormElement::removeFormElement function in html/HTMLFormElement.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document con...

CVE-2011-1796
Published: 2014-12-25
Use-after-free vulnerability in the FrameView::calculateScrollbarModesForLayout function in page/FrameView.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaS...

CVE-2011-1798
Published: 2014-12-25
rendering/svg/RenderSVGText.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 does not properly perform a cast of an unspecified variable during an attempt to handle a block child, which allows remote attackers to cause a denial of service (application crash) or possibly have unknown othe...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.