The US government promised more transparency, but the limitations set indicate otherwise
Yahoo has just released its updated transparency report while managing to not actually reveal too much information. And it’s not Yahoo’s fault at all, but that of the United States government and the new rules it set for companies.A week ago, the United States government has issued a new policy, allowing Internet providers to disclose more information about the national security requests they receive.
“As we said then, the number of Yahoo accounts specified in global government data requests comprised less than one one-hundredth of one percent (<.01%) of our worldwide user base for the reporting period,” writes Yahoo’s Ron Bell, General Counsel, and Aaron Altschuler, Associate General Counsel for Law Enforcement and Security.
Basically, while the US government now allows companies to reveal how many secret requests they receive from various organizations, the new policy only lets them provide data in ranges.
This means that Yahoo’s new transparency report doesn’t really give out much.
For instance, when it comes to FISA requests for disclosure of content received between January 1 and June 30, 2013, Yahoo reveals it got between 0 and 999 requests, which regard between 30,000 and 30,999 accounts.
When it comes to FISA requests for disclosure of non-content data, Yahoo received between 0 and 999 requests regarding between 0 and 999 accounts. The same can be said about the National Security Letters. As you can obviously see, this is all quite silly and while it provides some ranges, they’re too wide.
Data for the July 1 – December 31, 2013 for the FISA requests for disclosure of content or non-content data cannot be revealed at the current time due to another set of limitations set by the US government, namely that information about such requests must be delayed six months.
What are FISA requestsYahoo also gave more details regarding what FISA requests are to help everyone understand the report, including why there are two types. First off, FISA requests are compulsory legal process reviewed and approved by the Foreign Intelligence Surveillance Court. This means that companies are obliged to comply with the requests. Several years back, Yahoo tried to fight such a demand in court and lost.
The FISA requests for disclosure of content can be used to get content that users create, communicate and store on or through the service. The list includes email content or instant messages, photographs posted on Flickr, entries in your Yahoo Address Book and calendar entries and so on.
The FISA requests for disclosure of non-content data are limited to email address, name, location and IP address, as well as login details, billing information and other such information.