recommended reading

Eight Tech Giants Urge Obama and Congress to Curb NSA

Carolyn Kaster/AP

This story has been updated with background and details.

Eight of the largest U.S. technology and social media companies posted an “an open letter to Washington” on Monday asking President Obama and Congress to rein in massive electronic surveillance efforts by the National Security Agency.

Referring to the continuing disclosures by former NSA contractor Edward Snowden of widespread surveillance, AOL, Apple, Google, Facebook, LinkedIn, Microsoft Corp, Twitter and Yahoo said in their letter, “We understand that governments have a duty to protect their citizens. But this summer’s revelations highlighted the urgent need to reform government surveillance practices worldwide.”

The eight companies, which also expressed concern over surveillance by other governments, said the U.S. needs “to take the lead and make reforms that ensure that government surveillance efforts are clearly restricted by law, proportionate to the risks, transparent and subject to independent oversight.”

Since Snowden first started to disclose the extent of NSA’s surveillance efforts in May, the secretive agency has acknowledged that it collects “haystacks” of data, including emails, phone calls and social media to detect terrorist “needles”.

Sen. Mark Udall, D-Colo., asked NSA chief Army Gen. Keith Alexander at a Sept. 26 hearing of the Senate Intelligence Committee if it was “the goal of the NSA to collect the phone records of all Americans?"

“Yes, I believe it is in the nation's best interest to put all the phone records into a lockbox that we could search when the nation needs to do it. Yes," Alexander replied.

Last week, The Washington Post reported that documents provided by Snowden showed NSA gathered 5 billion records a day to pinpoint cellphone locations worldwide.

These and other revelations show, the companies said Monday, that the “balance in many countries has tipped too far in favor of the state and away from the rights of the individual — rights that are enshrined in our Constitution.”

Google CEO Larry Page said “the security of users’ data is critical, which is why we’ve invested so much in encryption and fight for transparency around government requests for information.” But, he said, “This is undermined by the apparent wholesale collection of data, in secret and without independent oversight, by many governments around the world. It’s time for reform and we urge the U.S. government to lead the way.”

Brad Smith, Microsoft’s general counsel and executive vice president for legal and corporate affairs, described the problem with surveillance succinctly: “People won’t use technology they don’t trust. Governments have put this trust at risk, and governments need to help restore it.”

Facebook CEO Mark Zuckerburg said, “Reports about government surveillance have shown there is a real need for greater disclosure and new limits on how governments collect information. The U.S. government should take this opportunity to lead this reform effort and make things right.”

Twitter CEO Dick Costolo said his company “is committed to defending and protecting the voice of our users. Unchecked, undisclosed government surveillance inhibits the free flow of information and restricts their voice.”

The companies laid out a five-point plan that would eliminate wholesale collection of data, promote greater transparency into government surveillance efforts, encourage respect for the global free flow of information and develop a legal framework for data requests across national boundaries.

Governments should codify sensible limitations on their ability to compel service providers to disclose user data that balance their need for the data in limited circumstances, users’ reasonable privacy interests, and the impact on trust in the Internet, the companies said.

In addition, governments should limit surveillance to specific, known users for lawful purposes and should not undertake bulk data collection of Internet communications.

Taking direct aim at the secretive Foreign Intelligence Surveillance Court without naming it, the tech companies said, “Reviewing courts should be independent and include an adversarial process, and governments should allow important rulings of law to be made public in a timely manner so that the courts are accountable to an informed citizenry.”

Transparency is essential to a debate over governments’ surveillance powers, the companies said. “Governments should allow companies to publish the number and nature of government demands for user information,” something that the tech companies cannot do today.

The Snowden disclosures about NSA have fostered a push by other governments to establish their own data centers free from U.S. snooping.  The European Union is pushing for development of its own cloud computing infrastructure, and the tech companies expressed concern this could inhibit the global free flow of information.

“Governments should not require service providers to locate infrastructure within a country’s borders or operate locally,” they said.

The tech companies called on all on governments to endorse its five principles “and enact reforms that would put these principles into action.”

Kevin Bankston, policy director of New America Foundation’s Open Technology Institute, said, “We are incredibly pleased to see these companies’ stepping up to support broad surveillance reforms, including an end to bulk data collection.”

Bankston said the surveillance policy reform suggested by the tech and social media companies “stands in stark contrast to the silence of telecommunications companies like AT&T and Verizon, which so far have refused to publicly discuss the NSA controversy at all, much less support the rights of their users and call for reform.”

Threatwatch Alert

Credential-stealing malware / User accounts compromised / Software vulnerability

Android Malware Infects More than 1M Phones, Adds 13,000 Devices a Day

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download
  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download

When you download a report, your information may be shared with the underwriters of that document.