Facebook came out with its biannual Transparency Report yesterday, and we decided to take a look at big tech companies to see how many user data requests they have recently received from governments around the world.
The aim of this article is to only report the number of government and/or law enforcement requests into user data across big tech companies such as Facebook, Google, Apple, Twitter, Amazon, and Microsoft.
Each company has its own policy for handling requests, and each company states that it works within the confines of the law when deciding whether or not to hand over user data. Some companies are simply online platforms while others also produce hardware, so the types of requests vary from devices, accounts, etc.
In some cases, the big tech companies fight back, but those reports are beyond the scope of this article.
The Facebook Transparency Report was issued yesterday, revealing that globally 103,815 government requests for user data were filed in the first six months of 2018.
Government requests for account data increased globally by around 26% compared to the second half of 2017, increasing from 82,341 to 103,815 requests. In the US, government requests increased by about 30%, of which 56% included a non-disclosure order prohibiting Facebook from notifying the user, according to the transparency report.
As a result of transparency updates introduced in the 2016 USA Freedom Act, the US government lifted the non-disclosure orders on 13 National Security Letters (NSLs) that Facebook received between 2014 and 2017. These requests, along with the US government’s authorization letters, are available below.
Meanwhile, over at Google, there were 126,581 government requests for users/accounts and 57,868 user data disclosure requests in the first half of 2018, totaling 184,449 government requests.
For “users/accounts” requests, “A single user data request may seek information about multiple accounts, so the number of accounts requested may be higher than the number of total requests. Additionally, one person can have multiple Google accounts, or the same account may the subject of several different requests for user information. For example, if we receive a subpoena and later a search warrant for the same account, it will be counted multiple times here.”
For “user data disclosure requests” they must be made in writing, signed by an authorized official of the requesting agency and issued under an appropriate law.
Amazon’s “Information Request Report” for the first half of 2018 is bit more tricky to decipher as it reads more like a legal document; however, the breakdown is that Amazon received 1,736 subpoenas, 344 search warrants, and 162 other court orders for the period January 1, 2018, through June 30, 2018.
- Subpoenas: 1,736
- Search warrants: 344
- Other court orders: 162
National security requests
- Non-U.S. requests: 290
- Removal requests: 0
For Amazon Web Services (AWS) requests:
- Subpoenas: 195
- Search warrants: 25
- Other court orders: 33
National security requests:
- Non-U.S. requests: 45
- Removal requests: 0
Amazon’s report also mentions how Amazon and AWS responded or didn’t respond to each request.
Twice a year Microsoft publishes the number of legal demands for customer data that it receives from law enforcement agencies around the world.
While this report only covers law enforcement requests, Microsoft follows the same principles for responding to government requests for customer data.
Twitter has not yet released its transparency report for the first half of 2018, but during the last half of 2017, Twitter received 6,268 government information requests on user accounts from 84 different countries.
The United States remained the top requester submitting 28% of total government information requests. While still the top requester, the percentage of requests from the United States has decreased dramatically since 2012 when it accounted for 80% of global information requests received by Twitter.
Like Twitter, Apple has not released its report for the first half of 2018, but it does have the numbers for the last half of 2017.
During that time, Apple received 29,718 government device requests involving 309,362 devices. “Of these, 4,450 originated in the US, impacting 15,168 devices,” according to Apple Insider.
Worldwide Government Account Requests during the last half of 2017 totaled 3,358.
For the full Apple transparency report, government request circumstances can vary from instances where law enforcement agencies are working on behalf of customers who have requested assistance locating lost or stolen devices, to instances where law enforcement are working on behalf of customers who suspect their credit card has been used fraudulently to purchase Apple products or services, to instances where an account is suspected to have been used unlawfully.
Requests can also seek to preserve an Apple account, restrict access to an Apple account or delete an Apple account. Additionally, requests can relate to emergency situations where there is imminent harm to the safety of any person.