Facebook’s official announcement explained that requests for user data went from 46,710 in the last half of 2015 to 59,229 in the first half of 2016. At least 56 percent of these requests, Facebook added, “contained a non-disclosure order that prohibited us from notifying the user.”
Law enforcement agencies from across the globe, Facebook continued, often send restriction requests demanding Facebook remove content from its forums. Fortunately, these requests dropped substantially this year, from 55,827 in the last half of 2015 to 9,663 in 2016 — an 87 percent drop. Most of the 2015 requests revolved around “French content restrictions of a single image from the November 13, 2015 terrorist attacks.”
Additionally, Facebook used its report to disclose for the first time what the company does when law enforcement agencies request “snapshots” of a user account that might be relevant to law enforcement for undisclosed reasons.
These “preservation requests,” as they are known, are requests to “preserve data pending receipt of formal legal process.” They are often processed by the social media website as snapshots, which are preserved temporarily.
According to Facebook, the company does not “disclose any of the preserved records unless and until we receive formal and valid legal process.” In the first half of 2016, Facebook received 38,675 preservation requests regarding 67,129 accounts, a staggering number of requests.
Further, Facebook insisted it does not give law enforcement any “back doors” to user information. Adding that requests are only fulfilled if they meet legal requirements or “legal sufficiency,” as Facebook puts it, they claim to “apply a rigorous approach to every government request [they] receive to protect the information of the people who use [their] services,” the company added. But this rigorous approach is not rigorous enough if “reforms” designed to avoid privacy overreach in America simply don’t go far enough.
Take the USA Freedom Act, for instance. The 2015 law was once supported by libertarian-leaning congressmen like Rep. Justin Amash (R-MI). Later, however, Amash criticized the bill after changes giving government more power were adopted.
Mentioning the new rule by name, Facebook added that “as a result of transparency reforms introduced this year by the USA Freedom Act, our report also contains additional information concerning National Security Letters (NSLs).” NSLs are “extraordinary search procedures” that give the Federal Bureau of Investigation (FBI) the power to “compel the disclosure of customer records held by banks, telephone companies, Internet Service Providers, and others.” They are extraordinary because detailed information can be surrendered without proper oversight, an issue that has led to countless cases of abuse.
While NSLs are still being implemented, the gag order related to the procedure has changed. Now, “the government goes to court to justify the gag order only if an NSL recipient notifies the FBI of its desire for judicial review in the first place.” While the government bears “the burden of immediately going to court and proving its necessity,” NSLs give the FBI the power to bypass this important step.
Facebook may promise to “apply a rigorous approach to every government request” that comes its way, but rigor may only be practiced within the boundaries of U.S. law. If the law fails to protect the user’s privacy by allowing agencies to use “extraordinary” procedures, your data is never protected, no matter how well-meaning companies like Facebook claim to be.
According to Facebook, other government requests concerning “imminent risk of serious injury or death” are also granted on a regular basis. At least 3,016 of these requests were made in the first half of 2016. They targeted 4,192 accounts.
Search warrants were produced in only 13,742 cases of request for data while only 781 others were backed by court orders.