DOJ's non-ironic arguments rejecting Google, Facebook user data transparency requests
This week the US Department of Justice surprised no one when it rejected the formal request of Google, Facebook and other Internet giants to share government user data requests with the public.
Featured
What was a little surprising — to me — was the government's bizarre arguments against... well, everything.
The rejection was released as a public document with redactions on Wednesday, just after a coalition of tech companies including Apple, CloudFlare, Dropbox, Facebook, Google, LinkedIn, Twitter, and Yahoo — except Verizon, who was too busy lining the NSA's catbox with your metadata — sent an open letter to Congress asking them for greater transparency rights.
After the Snowden revelations in which companies were shown to be somehow involved in both foreign and domestic NSA and DOJ surveillance programs, the companies formally requested the ability to publish aggregate data totals on the government's FISA requests for user data.
Google and Microsoft specifically have asked to publish the number of FISA requests each receives under each separate provision of FISA.
The government's rejection — a 33 page filing in the US Foreign Intelligence Surveillance Court — told the court that the request made by major technology firms to disclose more about US intelligence services’ data requests would "cause serious harm to national security."
It also told the court a few other things...
If we give you transparency, then everyone will want transparency
This is actually a reason DOJ gives in its Monday court filing.
On page 10 the government says that if these companies get to disclose FISA requests, then ALL the companies will want to do it too.
If these leading Internet companies are permitted to make these disclosures the harms to national security would be compounded by the fact that other companies would surely seek to make similar disclosures.
I remember this argument from fourth grade when the teacher told someone that if they wanted to go to the bathroom then all the kids would want to go, and they should have thought of going to the bathroom at recess.
The bad guys might stop using Skype
Right now the perception worrying everyone — except the US government — is that all of the companies in the filing are used for government surveillance and so hypothetically each of their platforms are compromised.
On page 11 the DOJ argues that disclosing the info will not 'prove' that the government is only going after specific targets and will reveal the massive scope of companies and platforms the government is surveilling.
The companies’ contemplated disclosures risk significant harm to national security by revealing the nature and scope of the government’s intelligence collection on a company-by-company basis throughout the country.
Such information would be invaluable to our adversaries, who could thereby derive a clear picture of where the government’s surveillance efforts are directed and how its surveillance activities change over time.
If our adversaries know which platforms the Government does not surveil, they can communicate over those platforms when, for example, planning a terrorist attack or the theft of state secrets.
There is a reason for part of this to hold weight: the DOJ is saying that if it's made public that Skype is somehow being used for government surveillance, then the bad guys will stop using Skype. And it's way easier for the government if the targets don't change methods, like they did in The Wire.
However, this argument fails to address the fun fact that when you substitute "adversaries" with "public" and "collection with "abuses" the disclosures could also potentially reveal the nature and scope of the government's intelligence abuses on a company-by-company basis.
Because we said you can't
The doc reads, "The companies assert that the information they seek to disclose is not classified, disregarding the harms to national security the proposed disclosures would likely cause."
However on page 14, the DOJ says it doesn't matter anyway.
Consistent with the Executive Branch's authority to control classified information, that provision explicitly provides for Executive Branch approval of the companies' procedures for maintaining all records associated with surveillance.
The government asserts that it controls the companies' government-"pwned" data and the management of that data anyway, so the companies don't have the right to touch it and plus they already agreed to that when the companies handed it over in the first place.
It's the nonconsensual NDA that just keeps on giving.
Here's a Reuters article coincidentally tailored to dismantle your argument
As a result of the Snowden revelations, the companies have faced plummeting public trust.
Two of the arguments the companies make is that they face financial losses due to the bad press and resulting loss of public trust, and that the disclosures should be made because the public conversation demands acts of transparency.
In a page 20 footnote during its argument against the companies asserting any First Amendment rights to publish FISA request data, the government claims that the companies are doing just fine in the press and it doesn't matter what the public is talking about because: national security.
The DOJ says that the companies have done a heck of a job with PR ("they have been able to clearly and forcefully respond to the inaccurate or misleading reporting") without the need to disclose any FISA request information — referring to statements made by Larry Page, David Drummond and Mark Zuckerbeg.
The DOJ was definitely not referring to Zuck's recent TechCrunch SF Disrupt 2013 mini-rant against the government's surveillance request practices. The Facebook CEO told the audience last month that the government "blew it" and "we feel that people deserve to know" more about the government's requests.
Yahoo's CEO Marissa Meyer had a slightly different viewpoint, telling a crowd she most likely viewed as ignorant peasants that sharing information about the requests would be an act of treason.
The DOJ concludes by citing Reuters article Analysis: Despite fears, NSA revelations helping U.S. tech industry — an article which had a star turn on Reddit's Not The Onion.
In a complete coincidence no one saw coming, the Reuters article serves the sole purpose of thoroughly tearing apart and undermining a report cited in the companies' request; a report stating that American companies are being hit with economic consequences — and included projections for billions in losses — as a result of the American government's current surveillance scandal.
The article claims that "insiders" ("Google employees" and "a person briefed on Microsoft's business in Europe") told Reuters that each company "has seen no significant impact on its business."
ZDNet's Zack Whittaker analyzed the August 2013 report, including:
The "low end" scenario estimates assumes the U.S. loses about 10 percent of its foreign market to European or Asian competitors, or $21.5 billion over the next three years.
However, the "high end" of $35 billion assumes a 20 percent loss to foreign markets by 2016.
The government seems to not understand that the trust of humans is now part of doing business. By the end of July, 10 percent of European cloud contracts with American cloud providing businesses had been canceled with the reason cited being the PRISM/NSA scandal.
This court can't stop us
At the document's conclusion, the DOJ tells the US Foreign Intelligence Surveillance Court (which handles secret government requests and applying restraint over intelligence abuses) that it doesn't really have the power to do anything.
On pages 24 and 25, the filing ends saying the court should reject the companies request because,
...this court lacks jurisdiction to review the applicability of the nondisclosure agreements or any other laws or regulations beyond FISA that restrict the disclosure of classified information...
And so there you have it: the DOJ doesn't think the court has power to make them do anything anyway.
Which really just puts us right back at square one.