On The Internet, No One Watches The Wiretappers

April 12, 2011

Tagged: , , , , ,

Categories: Old News

When Twitter revealed in January that it had received a Department of Justice order to hand over information on three users associated with WikiLeaks, the real surprise wasn’t that an Internet company had been asked to secretly spill user data for a criminal investigation. It was that, for once, the firm hadn’t kept quiet about it.

Chris Soghoian, a privacy researcher at Indiana University and the Center for Applied Cybersecurity Research, has been following that Twitter case closely as a potentially precedent-shaping test for how and when the government can nab users’ online information. And now he’s released a paper that puts the case in context, outlining just how little Americans are told about the extent of government surveillance on the Internet.

From Forbes

When Twitter revealed in January that it had received a Department of Justice order to hand over information on three users associated with WikiLeaks, the real surprise wasn’t that an Internet company had been asked to secretly spill user data for a criminal investigation. It was that, for once, the firm hadn’t kept quiet about it.

Chris Soghoian, a privacy researcher at Indiana University and the Center for Applied Cybersecurity Research, has been following that Twitter case closely as a potentially precedent-shaping test for how and when the government can nab users’ online information. And now he’s released a paper that puts the case in context, outlining just how little Americans are told about the extent of government surveillance on the Internet.

For traditional, real-time wiretaps of phones or computer communications, law enforcement is legally required to report to Congress its number of surveillance orders annually. Those official numbers show a steady increase in monitoring, from 637 orders in 1987 to 2,376 in 2009. (Of the 30,000 requests between those two years, only seven were rejected.)

But just as disturbing as the the measurable increase in real-time surveillance, Soghoian points out, is that no reporting requirements exist at all for data demanded by law enforcement after the fact from services like search engines, email, broadband providers and others. And despite that lack of reporting, the numbers Soghoian was able to piece together seem to show a level of surveillance even greater than that applied to real-time wiretaps.

“As Americans have increasingly embraced modern technologies such as mobile phones and the Internet, law enforcement agencies have followed,” Soghoian writes. “Unfortunately, there are no reporting requirements for the modern surveillance methods that make up the majority of law enforcement requests to service providers and telephone companies. As such, this surveillance largely occurs off the books, with no way or Congress or the general public to know the true scale of such activities.”

A few of his data points:

* In 2006, Aol revealed to the New York Times that it received a thousand data requests from law enforcement every month.
* In 2009, a Facebook employee told Newsweek that it was receiving 10-20 requests per day.
* Google has voluntarily reported that it received 4,287 requests for user data in the first six months of 2010.
* A site set up by Sprint to allow law enforcement agents to track the locations of suspects was used eight million times in one year.

Soghoian goes on to suggest some ways Congress could address the gap in surveillance reporting, including the idea raised by Berkeley law professor Paul Schwartz in 2008 of an annual telecommunications surveillance index, a sort of yearly report card for law enforcement agencies’ surveilance requests.

http://blogs.forbes.com/andygreenberg/2011/04/11/on-the-internet-no-one-watches-the-wiretappers/

Bookmark and Share

Post a Comment

Your email is never shared. Required fields are marked *

*
*