Risk
6/18/2013
05:58 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Google Challenges Surveillance Gag Order

Google argues it has a First Amendment Right to report the number of demands for information it receives under national security laws.

Google I/O: 10 Key Developments
Google I/O: 10 Key Developments
(click image for larger view and for slideshow)
Seeking to undo the damage to its business and reputation as a result of "false or misleading reports in the media," Google has asked the United States Foreign Intelligence Surveillance Court (FISC) to affirm its right to publish limited statistical data about orders it receives from the court.

The Foreign Intelligence Surveillance Court oversees surveillance requests from the nation's intelligence agencies. The requests, made under the Foreign Intelligence Surveillance Act (FISA), typically come with a gag order. In April, as revealed two weeks ago by The Guardian, the court approved a request by the National Security Agency for ongoing daily access to the phone records of Verizon Business Services.

In reports based on information provided by former NSA contractor Edward Snowden earlier this month about the extent of U.S. government surveillance operations, The Guardian and The Washington Post said that Google and other technology companies, including Apple, Facebook, Microsoft and Yahoo, provided the NSA with direct access to company servers through as system called Prism, to sift through customer data in pursuit of national security.

[ Google cooperates with the government in other ways. Read Google Defends Efforts Against Rogue Pharmacies. ]

Google CEO Larry Page and chief legal officer David Drummond promptly rebutted the claim that their company provides U.S. authorities with direct access to customer data. And a week ago, Drummond published an open letter to Attorney General Eric Holder and Federal Bureau of Investigation Director Robert Mueller seeking permission to publish aggregate numbers of national security requests, including FISA orders in its Transparency Report.

Despite this, Google says that the Department of Justice and the FBI maintain that publishing the number of FISA requests the company receives is unlawful. Thus it has asked the FISC for a summary judgment declaring that it has the right to publish two numbers.

The company's legal motion states, "Google seeks a declaratory judgment that Google has the right under the First Amendment to publish, and that no applicable law or regulation prohibits Google from publishing, two aggregate unclassified numbers: (1) the total number of FISA requests it receives, if any; and (2) the total number of users or accounts encompassed within such requests."

In an emailed statement, a Google spokeswoman said that Google has long pushed for transparency so that users can understand the extent of government demands for data, noting that the company was the first to release data on the number of National Security Letters it receives.

"However, greater transparency is needed, so today we have petitioned the Foreign Intelligence Surveillance Court to allow us to publish aggregate numbers of national security requests, including FISA disclosures, separately," Google's spokeswoman said. "Lumping national security requests together with criminal requests would be a backward step for Google and our users."

Apple, Facebook, Microsoft and Yahoo have all taken such a step, publishing statistics on government demands for user data that combine national security requests with requests related to criminal investigations.

As if to underscore the difficulties that Google faces in dealing with supposedly inaccurate claims about its cooperation with U.S. authorities while under a gag order, Google's legal filing notes, "Nothing in this Motion is intended to confirm or deny that Google has received any order or orders issued by this Court."

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
smartmind
50%
50%
smartmind,
User Rank: Apprentice
6/19/2013 | 1:43:31 PM
re: Google Challenges Surveillance Gag Order
Bet if it was the Chinese government asking Google.CN for access to confidential data - it would up sticks and stop operating in China.... oops that is exactly what it did, isn't it? Perhaps it should also leave the USA and operate from elsewhere. I am sure that Ecuador would provide Google with a safe haven?
geek2geek
50%
50%
geek2geek,
User Rank: Apprentice
6/19/2013 | 4:14:35 PM
re: Google Challenges Surveillance Gag Order
Google gets busted for sleeping with NSA and then pleads "battered spouse" syndrome. lol what a bunch of tools
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-2595
Published: 2014-08-31
The device-initialization functionality in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, enables MSM_CAM_IOCTL_SET_MEM_MAP_INFO ioctl calls for an unrestricted mmap interface, which all...

CVE-2013-2597
Published: 2014-08-31
Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that lever...

CVE-2013-2598
Published: 2014-08-31
app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to overwrite signature-verification code via crafted boot-image load-destination header values that specify memory ...

CVE-2013-2599
Published: 2014-08-31
A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services/java/com/android/server/NativeDaemonConnector.java in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.3.x enables debug logging, which allows attackers to obtain sensitive disk-encryption pas...

CVE-2013-6124
Published: 2014-08-31
The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed by a (1) chown or (2) chmod command, as demonstrated by changing the permissions of an arbitrary fil...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.