Out-Law News 2 min. read
03 Sep 2013, 9:55 am
Both companies were earlier this summer named in documents leaked from the US National Security Agency (NSA) and published in a number of newspapers, including the Guardian in the UK, in connection with the operation of a computer system called 'Prism'. The documents claimed that officials at the NSA could use Prism to access information stored by Microsoft, Google, Facebook and a number of other technology companies for surveillance purposes.
Microsoft and Google have pressed the US Government for permission to release more details about the surveillance activities that the data they collect is subject to. The companies have stressed previously that they do not grant direct access to their systems but that they do accede to legal requests for access to data they store.
Some technology companies, including Microsoft and Google, do publish some information about the data requests they receive. However, Microsoft has now announced that the two companies will press forward with legal action first initiated in June after failing to agree with the US Government about the extent of the details they can release, it said.
"We both remain concerned with the Government’s continued unwillingness to permit us to publish sufficient data relating to Foreign Intelligence Surveillance Act (FISA) orders," Brad Smith, general counsel and executive vice president of legal and corporate affairs at Microsoft, said in a company blog. "We believe we have a clear right under the US Constitution to share more information with the public. The purpose of our litigation is to uphold this right so that we can disclose additional data."
Amidst uproar from privacy groups following the Prism programme revelations, US government and intelligence officials claimed that the data accessed by the NSA is in line with the US' Foreign Intelligence Surveillance Act (FISA).
FISA sets out the procedures that US intelligence agencies have to follow in order to gather foreign intelligence information about foreign based individuals for the purposes of protecting against attacks on the US, such as terrorism. Under the regime intelligence agencies require a court to sanction the acquisition of data, although privacy groups have challenged the thoroughness of the procedure.
Smith said that technology companies had been frustrated in their bid to disclose more details about surveillance activities that affect their users' data. He said that there is a way for there to be greater transparency about the activities without compromising national security.
"[On Thursday], the Government announced that it would begin publishing the total number of national security requests for customer data for the past 12 months and do so going forward once a year," Smith said. "The Government’s decision represents a good start. But the public deserves and the Constitution guarantees more than this first step."
"For example, we believe it is vital to publish information that clearly shows the number of national security demands for user content, such as the text of an email. These figures should be published in a form that is distinct from the number of demands that capture only metadata such as the subscriber information associated with a particular email address. We believe it’s possible to publish these figures in a manner that avoids putting security at risk. And unless this type of information is made public, any discussion of government practices and service provider obligations will remain incomplete," he added.
