Facebook-Federal Court Faceoff Stresses Need for Privacy Safeguards
More companies are beginning to resist the government’s efforts to unlock clients’ data. One way to protect privacy is through customer-managed encryption keys.
3 July 2014
For a year, Facebook has been secretly battling the U.S. government over a sweeping set of warrants that enabled prosecutors to seize users’ data and content — and keep it indefinitely. Facebook is one of a number of tech giants, including Google and Microsoft, that seemingly want to just say no to unjustified government demands for their clients’ sensitive data and files.
Last summer, a New York court demanded access to 381 Facebook customer accounts — their contents included photos, private messages, and data. Prosecutors deemed the information relevant for a disability fraud investigation, notes a June 26 post from Facebook’s deputy general counsel.
“This unprecedented request is by far the largest we’ve ever received — by a magnitude of more than 10 — and we have argued that it was unconstitutional from the start,” states the post. Facebook recently filed an appellate brief to invalidate the warrants, and make the feds return the seized data.
Back in September 2013, we analyzed Facebook's Global Government Requests Report, which offers details on official government requests for personal data globally. According to Facebook’s data:
- The United States made the most requests, asking for data on between 20,000 and 21,000 users
- Second to the U.S. was India, with requests for information on 4,144 users
- Third was the U.K., with 1,975 requests
But the high request volume is only due to these countries having the most Facebook users. These countries didn't necessarily have the highest rate of requests. In those terms, Germany and Italy scored highest (with rates of 0.074 and 0.073 respectively) ahead of the United States, India and the U.K.
Source: Internet World Stats
Governments Face Pushback on Cloud Data Demands
Today, more companies are beginning to resist the U.S. government’s efforts to unlock their clients’ data. Last week, we discussed how firms such as Google are looking to block warrantless federal intelligence snooping. In May, we covered how Microsoft was fighting to keep its European Union customer data outside the reach of U.S. government warrants.
In this instance, Facebook said it “forcefully” resisted the 381 requests. However, a lower court said that as an online service provider, Facebook “didn’t even have the legal standing to contest the warrants.” The prosecutor also filed a criminal contempt motion against the social media giant.
In defending the warrants, a judge said that Facebook was a mere “digital landlord” or “storage facility,” notes a BBC story.
Secret Warrants Kept Customers in the Dark
In this case, Facebook claims the warrants:
- Ignore the unreasonable search and seizure provisions of the Fourth Amendment
- Contain no date restrictions
- Allow the federal investigators to keep the seized data indefinitely
- Are “overly broad”
- Violate Facebook users’ privacy rights
The federal investigators cast a wide net in their fraud investigation. Eventually, prosecutors charged 62 of the Facebook users for disability fraud; 300 account owners were, apparently, cleared. However, the government had put a gag order on Facebook, preventing it from letting its affected users even know about the warrants. Only after Facebook’s appeal did authorities unseal the warrants and all court filings.
Customer Managed Keys: Cutting Edge Privacy
One way to strengthen data privacy is to offer the customers their own data encryption keys. Interested in reading more? Then you can click here for more information about customer managed keys (CMKs).
Marc Songini has worked in the information technology field for more than 16 years. His roles have included those of journalist, analyst, and marketing communications specialist. He admits that when he started out as a cub high tech reporter, Netscape was still rocking the industry with a wondrous new user interface called a “browser.” During his 10 years with International Data Group (IDG), Marc wrote for NetworkWorld and Computerworld, both award-winning magazines. Marc specializes in cloud, enterprise apps, and figuring out the meaning of being human in an automated world.