Snowden leaks prompt tech firms to tout privacy, transparency policies

Annual EFF survey finds more companies are now taking steps to inform users about government requests for data

Several tech companies have revamped privacy and transparency policies since revelations in leaked National Security Agency (NSA) documents showed that the U.S. was secretly collecting customer data from Internet Service Providers, telecommunications companies and others.

The Electronic Frontier Foundation (EFF) Friday released a report identifying nine companies with perfect scores for their efforts in protecting customer data. Last year's report listed just two companies with perfect scores.

Among the companies receiving maximum scores from advocacy group were Google, Microsoft, Facebook, Apple and Dropbox. California ISP Sonic and Twitter made the list two years in a row.

The annual " EFF Who Has Your Back" report evaluates companies' privacy policies, terms of service agreements, public statements, and courtroom track records of major online companies, social networking sites and mobile service providers.

The EFF awards a gold star for best practices in six areas, including requiring warrants to release customer content to government agencies, informing users about a government request for data, and willingness to fight for customer privacy rights in courts.

Google, Facebook, Microsoft and five others received a maximum possible six gold stars. A handful of others including LinkedIn, Pinterest, Tumblr and Wordpress just missed the cut, but only because they have not yet brought any cases on behalf of customers to court, according to EFF.

About 20 of the 26 companies surveyed by EFF released a transparency report over the last year providing details about government requests for customer data along with a description of how these requests were handled.

In contrast, just seven of the companies surveyed by the EFF in 2013 had released a transparency report. Of the companies surveyed this year, only AT&T, Comcast and Snapchat did not require a warrant for handing over customer data.

"This year, the majority of the companies surveyed have made a formal commitment to inform users when their data was sought, a welcome safeguard that gives users the information they need to fight on their own," the advocacy group noted in a blog post.

Edward Snowden's leaks of NSA classified data appears to have fostered a new determination within industry to shed light on government attempts to access customer data, the reported noted.

"The sunlight brought about by a year's worth of Snowden leaks appears to have prompted dozens of companies to improve their policies when it comes to giving user data to the government," EFF activism director Rainey Reitman wrote.

While the trend is sure to be encouraging for users spooked over fears of government surveillance, not all of it is likely driven by altruistic motives on the part of the companies.

Snowden's revelations about private industry's role in the NSA's data collection has raised considerable concern in the U.S. and around the world. The long-term concern for many of these companies is that customers of their cloud services will move on from any firm seen willing to hand over customer data to government entities.

In public comments, officials at Google, Microsoft, Yahoo and other vendors have insisted that any information sharing that might have occurred with the government was unwilling and legally obligated. They have noted that the only circumstances under which they provided customer data to the government is when they have been served with a court order or a legally enforceable request.

Many of these companies have also demanded that the U.S. government allow them to provide even more details about requests they get from the NSA and other agencies for access to customer data.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His e-mail address is jvijayan@computerworld.com.

See more by Jaikumar Vijayan on Computerworld.com.

Read more about security in Computerworld's Security Topic Center.

Tags privacyMicrosoftLinkedInGoogleFacebookAppletwitterdropboxWordpressnsaElectronic Frontier FoundationGovernment/IndustriesNational Security AgencyTumblrPinterest

Show Comments