Tech groups tell surveillance review panel to focus on oversight, transparency

ADVERTISEMENT
ITIC represents tech companies including Apple, Google, Facebook, Microsoft and Symantec, while SIIA represents Google, Intuit and Oracle.

Companies should be able to tell their users how many and what kinds of surveillance requests they receive from the U.S. government and how many accounts are affected by those requests, the letter said.

Currently, companies report aggregate numbers in ranges, meaning users can’t tell how often the government is requesting information about electronic communication — such as when or to whom as email was sent — and when the government is requesting the actual content of that electronic communication.

Microsoft, Google, Yahoo, Facebook and LinkedIn have asked the government for the ability to publish more detailed information. This week, the Department of Justice responded with a motion filed in the Foreign Intelligence Surveillance Court (FISC), saying that the companies would be aiding terrorists and harming national security if they published more detailed information.

The government should allow the companies to disclose that information and participate in more disclosures itself, including declassifying FISC opinions, the groups said.

“A body of law has been, and continues to be developed, within the FISC. Providing appropriate access to the legal basis for court findings will improve public understanding of the factors that court takes into account in its rulings.”

The letter cautioned against making communications companies, rather than the NSA, responsible for retaining user data.

“Such requirements could represent a step backward for privacy, given that they would mandate the retention of the same, or perhaps even an increased volume of information relative to what the NSA has been criticized for collecting,” they said.

The surveillance review panel should also ensure that PCLOB has the resources it needs to oversee privacy implications of the surveillance programs and investigate claims that the NSA intentionally weakened encryption standards, as those claims have “created a crisis of trust in the technology community,” the groups wrote.