IEEE Spectrum is the flagship publication of the IEEE — the world’s largest professional organization devoted to engineering and applied sciences. Our articles, podcasts, and infographics inform our readers about developments in technology, engineering, and science.
Enjoy more free content and benefits by creating an account
Saving articles to read later requires an IEEE Spectrum account
The Institute content is only available for members
Downloading full PDF issues is exclusive for IEEE Members
Access to Spectrum's Digital Edition is exclusive for IEEE Members
Following topics is a feature exclusive for IEEE Members
Adding your response to an article requires an IEEE Spectrum account
Create an account to access more content and features on IEEE Spectrum, including the ability to save articles to read later, download Spectrum Collections, and participate in conversations with readers and editors. For more exclusive content and features, consider Joining IEEE.
Join the world’s largest professional organization devoted to engineering and applied sciences and get access to all of Spectrum’s articles, archives, PDF downloads, and other benefits. Learn more →
Technology giants such as Google, Microsoft and Yahoo have started disclosing U.S. government requests for customer information under a new agreement reached last month. But the first such reports on the controversial Foreign Intelligence Surveillance Act (FISA) orders remain limited in how much detail they reveal about the surveillance activities of the U.S. National Security Agency.
The agreement allows companies older than two years old to disclose the number of FISA orders they receive as increments of 1 000—but only with a six-month reporting delay. Previously, companies were prohibited by law from disclosing any information on FISA orders that represent surveillance warrants targeting customer data. FISA orders can target customer "content" such as emails, instant messages and photos, as well as "non-content data" such as a customer's name, location, IP address and billing information.
Some companies had already begun disclosing the number of National Security Letters (NSL) they received. Such letters are issued primarily by the FBI to obtain customer records as part of an extra-judicial process, but do not target customer content details. Companies can also report on NSL requests without observing the six-month delay.
Google, Microsoft, Facebook and Yahoo chose to disclose FISA requests and NSL requests separately in increments of 1 000 (such as a range between 0 and 999). Apple and LinkedIn took a different route under the new agreement by disclosing their FISA and NSL requests combined as increments of 250. Both had fewer than 250 in the first six months of 2013.
The graph below shows which companies had the largest number of affected customers.
Individual companies also disclosed more information on the various surveillance requests they received in their own reports.
Watchdog groups remain skeptical that the new disclosure agreement provides more meaningful transparency regarding government surveillance, according to The Guardian. So far, counting requests is essentially meaningless, as almost every company has received fewer than 1 000 requests in each six-month period. Spencer Ackerman, reporter for The Guardian, also pointed out that the NSA still collects data outside of the FISA process by tapping into the communications infrastructure of Silicon Valley companies such as Google and Yahoo under executive order 12333.
Jeremy Hsu has been working as a science and technology journalist in New York City since 2008. He has written on subjects as diverse as supercomputing and wearable electronics for IEEE Spectrum. When he’s not trying to wrap his head around the latest quantum computing news for Spectrum, he also contributes to a variety of publications such as Scientific American, Discover, Popular Science, and others. He is a graduate of New York University’s Science, Health & Environmental Reporting Program.