• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Current News   »   Google reveals extent of FBI surveillance requests

Google reveals extent of FBI surveillance requests

  • Posted on:March 11, 2013
  • Posted in:Current News, Privacy & Policy
  • Posted by:
    Trend Micro
0

The amount of data held inside Google's archives is almost incomprehensible, yet most online consumers seem fairly comfortable with the degree of data protection the company provides. What some citizens could raise objection with, however, is the extent to which the search engine giant may be facilitating Federal Bureau of Investigation surveillance activities. Wired reported that, in accordance with Obama administration transparency mandates, Google published a report chronicling the number of times it has received requests from intelligence community members seeking access to account holder information without a warrant. This marks the first time that a private company has been allowed to release this information in such detail. 

"National Security Letters (NSLs) allow the government to get detailed information on Americans' finances and communications without oversight from a judge," according to the website. "The FBI has issued hundreds of thousands of NSLs and has even been reprimanded for abusing them. The NSLs are written demands from the FBI that compel internet service providers, credit companies, financial institutions and businesses like Google to hand over confidential records about their customers, such as subscriber information, phone numbers and email addresses, websites visited and more as long as the FBI says the information is 'relevant' to an investigation."

For each year between 2009 and 2012, Google received somewhere between 0 and 999 National Security Letters, with as many as 3,000 individual accounts affected in a given year. The exact numbers could not be published, out of concern for national security interests, though the ranges provided were provocative enough in their own right. According to Wired, Congressional releases have confirmed that in 2011, the latest year available, there were 16,511 NSLs filed pertaining to 7,201 people across the United States.

The fact that the ratio of requests filed to accounts affected is suddenly so lopsided in the sample of Google-related cases has raised several eyebrows. The FBI is allowed to obtain the name address, local and long distance records and length of service through these letters, but agents cannot request other information, such as search queries or email content.

"National Security Letters are a powerful tool because they do not require court approval, and they come with a built-in gag order, preventing recipients from disclosing to anyone that they have even received an NSL," Wired reported. "An FBI agent looking into a possible anti-terrorism case can self-issue an NSL to a credit bureau, ISP or phone company with only the sign-off of the special agent in charge of their office."

Previous privacy questions 
As previously reported in 2010 by Wired, the FBI and telecommunications companies formerly raised data security concerns when they allegedly collaborated to violate wiretap laws for four years to get access to citizen and reporter phone records by using emergency declarations or even government officials simply just asking for them. The Justice Department Inspector General's internal audit from that year criticized how the FBI used these letters to get carriers to immediately turn over phone records.

"The FBI's use of exigent letters and other informal requests for telephone toll billing records circumvented, and in many cases violated, the requirements of the Electronic Communications Protection Act statute," according to the report, which was referencing a leading federal wiretap law. "We found that a distinct lack of oversight and scrutiny by CAU managers, counterterrorism officials and FBI Office of General Counsel attorneys enabled the improper practice of obtaining ECPA-protected telephone records with the promise of future legal process to expand and proceed virtually unchecked for over four years."

The Wall Street Journal reported last year that the FBI had said it must retain a level of secrecy in sending these letters to avoid tipping off the potential terrorists they say they are watching. Former Acting Assistant Attorney General for National Security Todd Hinnen said the letters are "critical" to helping keep the country safe, but there are certainly some legitimate data security concerns as the amount of information grows higher in volume each year.

According to the website, Stephen Vladeck, a professor and expert on terrorism law at the American University Washington College of Law, said the most important national security letter case happened in 2012 as the FBI sent one to a phone company demanding to have phone records for a customer. The company ended up trying to fight the letter in court, to which the FBI came back with a civil complaint saying the business was getting in the way of "the United States' sovereign interests." The case has a heavy fog of secrecy surrounding it, but Vladeck said it begs the question of how First Amendment law can be protected of those who have these letters sent about them. Letters of this kind may be an important issue in data protection moving into the future.

Data Security News from SimplySecurity.com by Trend Micro

Related posts:

  1. Op-ed: Congressional probe reveals Wild West nature of cellphone surveillance
  2. Citi reveals more accounts affected in breach
  3. Google claims account attacks sponsored by foreign governments
  4. Attempts to take down botnet reveal extent of the threat

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.