October 8, 2014
Yesterday, Twitter sued the Department of Justice for declaratory judgment. See Twitter, Inc. v. Holder et. al.,3:14-CV-04480. Twitter wants a holding that its First Amendment rights have been violated by the DOJ’s prohibition against disclosing certain requests for subscriber information. Essentially, Twitter wants to publish its Transparency Report:
Twitter seeks to lawfully publish information contained in a draft Transparency Report submitted to the Defendants on or about April 1, 2014. After five months, Defendants informed Twitter on September 9, 2014 that “information contained in the [transparency] report is classified and cannot be publicly released” because it does not comply with their framework for reporting data about government requests under the Foreign Intelligence Surveillance Act (“FISA”) and the National Security Letter statutes.
What’s at stake for Twitter? For the industry? Edward Snowden’s disclosures implicated tech companies in government surveillance efforts. Forrester Research predicts that losses attributable to disclosure of the PRISM project could be as high as $180 billion for the “cloud computing industry.” Consumer advocacy groups also apply pressure. The Electronic Frontier Foundation publishes, “Who Has Your Back: Protecting Your Data from Government Requests.” The report card issues gold stars to companies who publish transparency reports. Investors have also demanded these reports from companies who do not publish them voluntarily. See, for example, SEC No Action letters for Verizon (2013 WL 6914388) and AT&T (2013 WL 6513871). As a result, most ‘electronic communication providers’ publish these reports. See for example, reports at Twitter, Microsoft, Google, Facebook. Even Pinterest has one.
But are these reports any good? Vodafone’s recent report was recently criticized for not detailing its relationship with the British spy agency GCHQ and Twitter’s complaint highlights the fact that recent guidance on disclosure from the Deputy Attorney General is still too restrictive. As an alternative, Twitter’s complaint outlines a better report, one that includes the following:
- The number of NSLs [National Security Letters] and FISA orders Twitter received, if any, in actual aggregate numbers (including “zero,” to the extent that that number was applicable to an aggregate number of NSLs or FISA orders, or to specific kinds of FISA orders that Twitter may have received);
- The number of NSLs and FISA orders received, if any, reported separately, in ranges of one hundred, beginning with 1–99;
- The combined number of NSLs and FISA orders received, if any, in ranges of twenty-five, beginning with 1–24;
- A comparison of Twitter’s proposed (i.e., smaller) ranges with those authorized by the DAG Letter;
- A comparison of the aggregate numbers of NSLs and FISA orders received, if any, by Twitter and the five providers to whom the DAG Letter was addressed; and
- A descriptive statement about Twitter’s exposure to national security surveillance, if any, to express the overall degree of government surveillance it is or may be subject to.
Some might argue that this complaint is merely a marketing effort (or, an “opportunity to play the good citizen”). I do not see it that way though certainly this lawsuit is an excellent way for Twitter to make its position clear.