Following a similar move from Google, Microsoft has asked a court for permission to reveal more detailed information on data requests under the US’ Foreign Intelligence Surveillance Act (FISA)
In the wake of the PRISM scandal, Microsoft is taking a page from Google’s playbook and requesting permission from the US government to release more details about government requests for customer data under the Foreign Intelligence Surveillance Act (FISA).
On 14 June, John Frank, vice president and Deputy General Counsel for Microsoft, announced that during the last half of 2012, it had received “6,000 and 7,000 criminal and national security warrants, subpoenas and orders” from law enforcement agencies requesting information on up to 32,000 accounts.
Apart from those vague numbers, the company was forbidden to reveal much more.
“We are permitted to publish data on national security orders received (including, if any, FISA Orders and FISA Directives), but only if aggregated with law enforcement requests from all other US local, state and federal law enforcement agencies; only for the six-month period of 1 July, 2012 through 31 December, 2012; only if the totals are presented in bands of 1,000; and all Microsoft consumer services had to be reported together,” informed Frank in a Microsoft on the Issues blog post.
“To promote additional transparency concerning the Government’s lawful access to Microsoft’s customer data, Microsoft seeks to report aggregate information about FISA orders and FAA [FISA Amendments Act] directives separately from all other local, state, and federal law enforcement demands,” said the company in its filing.
The company also said that it had been denied permission by the FBI and US Department of Justice to disclose aggregate figures on FISA and FAA orders and the total number of accounts affected. And like Google, Microsoft argued that it has a right under the US constitution’s First Amendment to provide that information.
Microsoft maintains that “there is no statutory basis under FISA or the FAA for precluding Microsoft from disclosing the Aggregate Data. Further, to the extent FISA or the FAA could be construed to bar such disclosure, such a construction would constitute a content-based restriction on speech that fails to satisfy strict scrutiny, in violation of the First Amendment.”
Among the claims that have made the rounds in the press – denied by both the US government and major web services providers – is that intelligence agencies have direct and unrestricted access to servers that store private customer data.
The government’s reluctance to allow these companies to paint a more accurate picture of FISA data requests casts a shadow that makes it tough defend against such accusations, argues Google.
“Assertions in the press that our compliance with these requests gives the US government unfettered access to our users’ data are simply untrue. However, government nondisclosure obligations regarding the number of FISA national security requests that Google receives, as well as the number of accounts covered by those requests, fuel that speculation,” said Google Chief Legal Officer David Drummond in an Official Google Blog post dated 11 June.
Do you know all about IT and the law? Take our quiz.
Originally published on eWeek.