Edward Snowden

Major US tech firms now telling users before they hand their data to government

Prosecutors fear change after Snowden leaks will affect integrity of government investigations

PUBLISHED : Friday, 02 May, 2014, 9:43pm
UPDATED : Saturday, 03 May, 2014, 4:55am

Major US technology companies have largely ended the practice of quietly complying with investigators' demands for e-mail records and other online data, saying that users have a right to know in advance when their information is targeted for government seizure.

This increasingly defiant industry stand is giving some of the tens of thousands of Americans whose internet data gets swept into criminal investigations each year the opportunity to fight in court to prevent disclosure. Prosecutors, however, warn that tech companies may undermine cases by tipping off criminals, giving them time to destroy vital electronic evidence before it can be gathered.

Fuelling the shift is the industry's eagerness to distance itself from the government after last year's disclosures by Edward Snowden about US National Security Agency surveillance of online services.

Apple, Microsoft, Facebook and Google were all updating their policies to expand routine notification of users about government data seizures, unless specifically gagged by a judge, officials at all four companies said. Yahoo announced similar changes in July.

As this position becomes uniform across the industry, US technology companies will ignore the instructions stamped on the fronts of subpoenas urging them not to alert subjects about data requests, industry lawyers say. Companies that already routinely notify users have found that investigators often drop data demands to avoid having suspects learn of inquiries.

"It serves to chill the unbridled, cost-free collection of data," said Albert Gidari, a partner at Perkins Coie who represents several technology companies. "And I think that's a good thing."

The Justice Department disagrees, saying new industry policies threaten probes and put crime victims in greater peril.

"These risks of endangering life, risking destruction of evidence or allowing suspects to flee or intimidate witnesses are not merely hypothetical, but unfortunately routine," said Peter Carr, a spokesman for the Justice Department.

The changes in technology company policy do not affect data requests approved by the Foreign Intelligence Surveillance Court, which are automatically kept secret by law.

Google already routinely notified users of government data requests but adopted an updated policy this week detailing the few situations in which notification is withheld, such as when there is imminent risk of physical harm to a potential crime victim.

Lawyers at Apple, Facebook and Microsoft were working on their own revisions, company officials said, although the details had not been released. All were moving towards more routinely notifying users, said the companies, which had not previously disclosed these changes.

The trend towards greater user notification gained new urgency amid the government surveillance revelations made by Snowden, a former NSA contractor.

"Post-Snowden, there is a greater desire to compete on privacy," said Marc Zwillinger, founder of ZwillGen, a Washington-based law firm that has major tech companies as clients. "Companies have had notice policies and cared about these issues for years. It's only now that it's being discussed at the CEO level."