Thousands of law enforcement and U.S. national security requests were received by Microsoft and Facebook in the second half of 2012, the two companies disclosed late Friday. The companies noted, however, that the requests represented a tiny fraction of their user bases.
John Frank, vice president and deputy general counsel at Microsoft, said his company was permitted, for the first time, to disclose the total volume of national security orders but was still not allowed to confirm whether it had received any Foreign Intelligence Surveillance Act (FISA) orders. Frank is still convinced, however, that what the company is permitted to publish falls short of what is needed to help the community understand and debate the issues.
Microsoft Escapes Verizon's Fate
With that said, Microsoft revealed that for the six months ended Dec. 31, 2012, it received a total of 6,000 to 7,000 criminal and national security warrants, subpoenas and orders from local, state and federal U.S. governmental entities, affecting more than 31,000 consumer accounts. Frank said that amounted to only a tiny fraction of Microsoft's global customer base.
"Microsoft has not received any national security orders of the type that Verizon was reported to have received that required the wireless carrier to provide business records about U.S. customers," Frank confirmed. That's good for Microsoft, since the debate over Verizon releasing customer information to the U.S. government and the National Security Agency is still raging.
"Verizon and Verizon Wireless are in the center of the storm, but they are keeping quiet and the storm has not ravaged them yet. That's the good news," Jeff Kagan, a wireless industry analyst, told us. "To date, they have not lost customers or investors. I hope they can continue to stay away from the chaos. However, things can change quickly.
"So far I would give Verizon an 'A' in the way they have handled this potential PR disaster. They have been quiet and that's exactly right. What happens next is the question. Let's hope Verizon continues to get an A, but the test gets harder as the debate rages over politics and privacy."
Legitimate Need for Records
Meanwhile, Ted Ullyot, Facebook's general counsel, also revealed data requests. For the six months ending Dec. 31, 2012, the total number of user-data requests Facebook received from any and all government entities in the U.S. was between 9,000 and 10,000.
According to Ullyot, these requests run the gamut -- from things like a local sheriff trying to find a missing child, to a federal marshal tracking a fugitive, to a police department investigating an assault, to a national security official investigating a terrorist threat. The number of Facebook user accounts for which data was requested was between 18,000 and 19,000 accounts.
"With more than 1.1 billion monthly active users worldwide, this means that a tiny fraction of 1 percent of our user accounts were the subject of any kind of U.S. state, local, or federal U.S. government request -- including criminal and national security-related requests -- in the past six months," Ullyot said. "We hope this helps put into perspective the numbers involved, and lays to rest some of the hyperbolic and false assertions in some recent press accounts about the frequency and scope of the data requests that we receive."