Like most of you, I've been quite disturbed by the lack of transparency foisted upon our Internet companies by national security regulations. Unlike many, though, I understand at a deep level the challenging balance between disclosure and security.
That said, I believe it's necessary for Internet companies to be able to present to their users, to at least a minimal degree, how much information they've been required to divulge.
Some of my colleagues in the national security establish insist that any information about who has been required to provide information and who has not will give terrorists and criminals strategic information. They contend that, for example, if terrorists know that Google has been providing lots of information to the the government, then terrorists would use some other service.
I contend that this is projecting a failure of imagination upon our enemy actors. Since it's almost totally obvious to all of you that the government would want some detailed information on possible enemies from companies like Google, Facebook, Microsoft, and Apple, it's not that big an intellectual leap to assume that terrorists could make similar assumptions.
Requiring our major Internet players to withhold transparency is not, actually, protecting us from terrorist activity. What it's doing, instead, is putting American businesses (and they are mostly American-centric businesses) on a riskier footing as compared to their competitors across the pond.
Allowing these companies to provide at least generally detailed disclosures about how much information they've been required to turn over to the government could help their users get a better feel for the scope and percentage (which, quite frankly, is a very small drop in the bucket) of their overall users under investigation.
However, if the companies involved want to be truly be transparent, they should put their numbers into the broader perspective.
Google, for example, recently released an announcement reporting, "Government requests for user information double over three years." This is most likely true, or at least as true as what the U.S. government permits the company to tell us.
But there is another fact which should be weighed against this statement. The worldwide Internet user population has also increased tremendously. According to the ITU (Excel spreadsheet), the worldwide Internet usage population was 1.7 billion in 2009. By 2013, the worldwide population of individual Internet users has grown to 2.7 billion.
If I've done my math right, that means that the worldwide Internet population -- in the same period of time where government requests doubled -- has increased by roughly 62 percent. It would therefore make sense that the number of requests has increased, because the overall user population has increased.
Taking that important data point and factoring it into the statements we've been seeing about government information requests, we're now looking at a more accurate statement: adjusted for the increase in Internet population, government requests for user information have increased by less than 40 percent.
There are no doubt still too many government requests, and there's also no doubt that our companies should be allowed more transparency with their users and customers. But it's also important to keep the big picture in mind as well, and not just vilify government when many security professionals are doing their absolute best to keep us all safe.
Kudos go out to Google's legal team for fighting this good fight. Knowing we have Google on the side of Internet freedom is comforting. But it should also be comforting to know that, factoring in the astounding growth of Internet communications worldwide, America's security establishment isn't quite as draconian as many in the press sometimes claim.