This site is a continuation of a project started by Fores regarding transparency in how governments requests information about citizens from IT and telecom companies.
Some of the worlds biggest online actors, including Twitter, Facebook, Microsoft and Google, have recently began to publish transparency reports, disclosing requests from authorities regarding user data from the corporations, and also if the corporations has complied with those requests.
Our aim is to do the reverse – to ask authorities themselves if they request, and what sort of information they do request, user data from corporations. With the use of the Swedish legislation on the Principle of Public Access, we thought it would be an easy process where we could get a vast amount of data fairly quickly. This proved not to be the case. So, what led up to this project?
We will start with the legislative part. The Data Retention Directive regulates the storage of “/ … / Information about who communicates with whom, when clinical it happens, was the one who communicates located and what type of communication used.” It obligates the providers of web services to report usage patterns and establish agencies that monitor these flows.
According to Freedom House’s last report on freedom online (2012), authorities around the world increasingly regulate free speech in online forums. More recently, a dozen vendors and operators at their own initiative sought to help support transparency and openness in the processes of exchange and disclosure of information by displaying accounts for how many applications or dispensing requests were submitted to them in different transparency reports.
Twitter’s transparency report shows that since 1 January 2012, Twitter has received 8,552 applications from various authorities with requests to take part of the user data or to take down information from the web. 1858 of these concern access to information or user data and 48 concerns removal of content.
One of the most recent reports comes from Microsoft where they report that in 2012 they received 75,378 requests from law enforcement authorities regarding requests of customer data. In only 2.1 percent of the cases, Microsoft found legitimate reason to share the requested information.
Google’s report shows that authorities in some countries use this form of information gathering with no apparent legal basis. This indicates the emergence of a risky behavior in which agencies become capable of tracking user behaviour on arbitrary basis – without the need to disclose its actions to the public.
How often do authorities request access to user data or take-downs of content on the web? Are there legal grounds for these applications? How do the authorities act to ensure that the disclosed data is used only for the intended purpose? These are some of the questions we aim to answer in our project which will be publicly available right here, together with the rest of the site contents.
For the list of answers from authorities, look no further.