Twitter gives government agencies in the United States at least some of the information they ask for on users 69 percent of the time.
That data and much more about how the social network responds to government requests for user information, as well as demands to remove tweets and reports of copyright violations was part of Twitter’s second so-called transparency report, which it issued today “in celebration of”Data Privacy Day. Google issued such a report today as well.
“We’ve been thinking about ways in which we can more effectively share this information, with an aim to make it more meaningful and accessible to the community at large,” Twitter wrote in a blog post. “We believe the open exchange of information can have a positive global impact. To that end, it is vital for us (and other Internet services) to be transparent about government requests for user information and government requests to withhold content from the Internet; these growing inquiries can have a serious chilling effect on free expression — and real privacy implications.”
In the report, Twitter said that, worldwide, it received 1,858 requests from governments for information about users in 2012, as well as 6,646 reports of copyright violations, and 48 demands from governments that content they deem illegal be removed.
Although Twitter has a responsibility to provide information on users as a result of official actions like subpoenas and court orders, the company has long taken the public position that it protects users’ privacy and anonymity whenever possible. For example, last August, the company fought police attempts in New York to get information on an Occupy Wall Street protester’s account, claiming that law enforcement did not adequately follow the Constitution’s safeguards against invasion of privacy.
“It’s our continued hope that providing greater insight into this information helps in at least two ways,” Twitter continued in its blog post: “first, to raise public awareness about these invasive requests; second, to enable policy makers to make more informed decisions. All of our actions are in the interest of an open and safe Internet.”
Privacy advocates seem to agree. In an email sent to CNET, the Electronic Frontier Foundation’s Trevor Timm lauded Twitter’s report and its attempts to maintain users’ freedoms and privacy. “I think this is the most detailed transparency report that we’ve seen from any Internet company and it should become a model for other companies, especially Facebook,” Timm told CNET. “Facebook is by far the largest social media site, yet has so far refused to release transparency reports to show us how much information the government is requesting and how much they comply.
“The first step in combating unreasonable government surveillance is information. And these transparency reports are vital in that fight. Cell phone carriers should start releasing them on a yearly basis as well.”
It will likely be interesting to many people to see how many times governments around the world ask Twitter to provide information about users in their countries, as well as how often the company decides it has no choice but to comply with those requests. The transparency report includes a section detailing “actionable” demands — meaning situations in which Twitter is legally responsible to provide what is asked for — from every country, as well as a second section focusing solely on the United States.
China is missing from the report, as Twitter is officially blocked there. And while there appears to be evidence that some Chinese are able to access Twitter, the company doesn’t have a responsibility to reply to that government, explained a Twitter spokesperson.
From July 1 to December 31, 2012, Twitter said, it received a total of 1,009 requests for user information from 30 countries. Across the board, the company complied by providing some or all information demanded 57 percent of the time, covering a total of 1,433 user accounts.
Outside the U.S., Japan issued the most requests, asking Twitter for information on 75 users a total of 62 times. Yet Twitter complied just 5 percent of the time, it said. Brazil submitted 34 requests, covering 43 user accounts, and got some or all of what it was looking for 12 percent of the time.
By comparison, American government agencies were given at least some of what they were demanding in 69 percent of the 815 cases in which they asked, the report said. “As Twitter is based in San Francisco…the great majority of government information requests for user information we receive come from the United States,” the company wrote. “To increase transparency and insight, we’re introducing more in-depth details about these requests.”
According to the U.S.-only report, 60 percent of demands in the U.S. came in the form of subpoenas, while 11 percent were court orders, 19 percent were search warrants, and 10 percent were other official requests. Twitter said that in the cases of subpoenas, the requests “do not generally require a judge’s sign-off and usually seek basic subscriber information, such as the email address associated with an account and IP logs.”
Because of the Fourth Amendment to the U.S. Constitution, Twitter wrote, search warrants “typically require the most judicial scrutiny before they are issued, including a showing of probable cause and a judge’s signature. A properly executed warrant is required for the disclosure of the contents of communications (e.g., tweets, [and direct messages]).”
Twitter said that its general policy is to notify users when a government agency is demanding their information, “unless we are prohibited from doing so by law or in an emergency situation.” All told, it explained, less than 20 percent of cases involved such prohibitions issued “under seal.”
The EFF’s Timm said, “I don’t necessary blame Twitter for complying with valid subpoenas and warrants, since they are required to by law. It seems they have been vigilant in challenging unnecessarily broad legal requests. They only comply with 69 percent, while Google complied with 88 percent. And they’ve also written a detailed explanation of why they may not comply, and notify users whenever legally possible. The blame lies with the government for making so many warrantless requests and with Congress for not giving much of our electronic data more protection than just a subpoena.”
Added Timm, “It’s also great to see Twitter requires warrants for all content, despite [the Electronic Communications Privacy Act] not requiring it by law. It’s encouraging to see Google, Facebook, Microsoft, and Yahoo all come out and say this in the past week. The Fourth Amendment should protect the content of our email, just like it protects our physical letters and phone calls.”
Twitter has long held that its users have the right to post almost anything they want, as long as it isn’t illegal. But in some cases, it does respond when governments ask it to remove offending content.
According to the transparency report though, such cases are exceedingly rare. Between July and December, there were just 26 such court-ordered requests worldwide, Twitter said, and in just 5 percent of cases did it actually remove some or all of the content in question.
A recent situation involving a series of anti-Semitic tweets in France is one such case. And as a result, France’s removal requests were granted 100 percent of the time, the report detailed. But even so, that removal covered just 40 accounts, and only 44 individual tweets.
In the United States, by comparison, there were just two such requests between July and December.
Although the parts of Twitter’s transparency report that are likely to get the most attention are the company’s responses to government officials for information on users, and the amount of offending content removed, it also contained interesting data on how often the company acted on demands that content posted to the social network contained copyright violations.
According to the report, Twitter received 3,268 take-down notices worldwide between July and December, and it’s agreed to comply with part or all of those requests 53 percent of the time.
Twitter said that when such requests are submitted, it notifies affected users. Among the types of media it has to remove as a result of these notices are “profile photos, header photos, background images, and Twitter-hosted media (e.g., pic.twitter.com).”
But Twitter also noted that it doesn’t comply with take-down notices for a number of reasons. In many cases, it said, such demands don’t supply adequate information for locating the allegedly offending content. And at the same time, it receives many “misfiled, non-copyright complaints” through its Web forms.
Get your personal as well as office laptops encrypted by Alertsec
Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.
Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.