Twitter is Suing the U.S. Government over Surveillance Disclosures

Twitter is Suing the U.S. Government over Surveillance Disclosures

Twitter NSA 310x

The social media giant no longer wants its ability to speak on security and surveillance to be restricted by the feds.

Twitter yesterday filed a lawsuit against the United States government, as the social media platform attempts to be more transparent with its users, and the public at large.

The lawsuit, which can be read here, is pointed directly at federal policies pertaining to surveillance, specifically how and what Twitter discloses related to government information requests. The social media service, which is decidedly more public-facing than both Facebook and email, publishes government transparency reports twice a year, as allowed by law.

The problem that Twitter has with these reports is the dearth of information allowed to be published. Within it's biannual transparency reports, Twitter wants to be able to publish what kinds of information the government is asking for, not simply how often the requests are made.

This past April, Twitter sent a draft of its latest transparency report to the FBI for approval, only to have the agency reject the report on the grounds of protecting classified material.

"Our ability to speak has been restricted by laws that prohibit and even criminalize a service provider like us from disclosing the exact number of national security letters ("NSLs") and Foreign Intelligence Surveillance Act ("FISA") court orders received," said Ben Lee, Twitter's Vice President of Legal in a blog post, "even if that number is zero."

The ACLU has already come out in support of Twitter, saying "We hope that other technology companies will now follow Twitter's lead."

Even earlier this year, Twitter rejected the government transparency agreement signed by Google, Facebook, and others, saying such reports "...must be within a range that provides sufficient precision to be meaningful."

The Department of Justice is looking into the lawsuit, saying for that it has worked with technology companies in the past (see the agreement referenced above), and that it feels this agreement allows such firms to disclose a broad range of information.

Sources: Twitter | WaPo

Permalink

Devin Connors:

This past April, Twitter sent a draft of its latest transparency report to the FBI for approval, only to have the agency reject the report on the grounds of protecting classified material.

This part boggles my mind. How can information be classified when the knowledge of it is already held by a corporate entity that isn't contracted by the government to handle classified information? And why on earth should said corporate entity be responsible for protecting it in the first place? I'm trying to come up with a good analogy for this, but nothing a sane person would do fits. They are classifying the act of asking questions to people with no authorization to access classified information.

Whiskey Tango Foxtrot

Scars Unseen:

Devin Connors:

This past April, Twitter sent a draft of its latest transparency report to the FBI for approval, only to have the agency reject the report on the grounds of protecting classified material.

This part boggles my mind. How can information be classified when the knowledge of it is already held by a corporate entity that isn't contracted by the government to handle classified information? And why on earth should said corporate entity be responsible for protecting it in the first place? I'm trying to come up with a good analogy for this, but nothing a sane person would do fits. They are classifying the act of asking questions to people with no authorization to access classified information.

Whiskey Tango Foxtrot

as close as I can understand is that what is being classified is the request of information. for example a "terrorist" leaning tweet is made (possibly containing some of the trigger words that email scans are supposed to return) then under such things as the Patriot Act the FBI, or NSA can request the packet information used to send the tweet in (which could given circumstances be an instant link to the sender) that in turn could lead to a detainment under said Patriot ACT (Guantanamo pop+1) now what I can understand is that any document sent to a company in this fashion is probably sent "For eyes Only", or "Classified" both of these clearance related headers actually require that any decimation of the information inside be considered to be an act of treason, and in the cases of a document marked "Classified" if questioned about it by an entity that does not have direct clearance the document in question much be disavowed of existing in the first place.

So to clarify: twitter wants to place in its transparency statement how many requests for information have been made by the big 3 (FBI, CIA, NSA), and what types of request they were (even if 0), but because these requests are probably marked classified (meaning that someone of sufficient authority sent it) then even acknowledging the existence of the request is treason, and then decimating any of the information within is a "threat to national security"

gardian06:

Scars Unseen:

Devin Connors:

This past April, Twitter sent a draft of its latest transparency report to the FBI for approval, only to have the agency reject the report on the grounds of protecting classified material.

This part boggles my mind. How can information be classified when the knowledge of it is already held by a corporate entity that isn't contracted by the government to handle classified information? And why on earth should said corporate entity be responsible for protecting it in the first place? I'm trying to come up with a good analogy for this, but nothing a sane person would do fits. They are classifying the act of asking questions to people with no authorization to access classified information.

Whiskey Tango Foxtrot

as close as I can understand is that what is being classified is the request of information. for example a "terrorist" leaning tweet is made (possibly containing some of the trigger words that email scans are supposed to return) then under such things as the Patriot Act the FBI, or NSA can request the packet information used to send the tweet in (which could given circumstances be an instant link to the sender) that in turn could lead to a detainment under said Patriot ACT (Guantanamo pop+1) now what I can understand is that any document sent to a company in this fashion is probably sent "For eyes Only", or "Classified" both of these clearance related headers actually require that any decimation of the information inside be considered to be an act of treason, and in the cases of a document marked "Classified" if questioned about it by an entity that does not have direct clearance the document in question much be disavowed of existing in the first place.

So to clarify: twitter wants to place in its transparency statement how many requests for information have been made by the big 3 (FBI, CIA, NSA), and what types of request they were (even if 0), but because these requests are probably marked classified (meaning that someone of sufficient authority sent it) then even acknowledging the existence of the request is treason, and then decimating any of the information within is a "threat to national security"

The only issue I can see with what you said is that everyone knows the Big 3 are making these requests. If we know 15 such requests are made, it literally changes nothing about what the already knows. I don't think they are talking about releasing the exact information requested by them, they are just trying to save public face by being more forthcoming with information to everyone, but in such a manner that said information is not compromised. Also, I question the ability to label someone's information classified when they themselves do not know their information is classified. For instance: Someone makes a tweet that sets off alarms, the NSA requests the associated information and it's classified. But if the user were to have that information themselves and post it on the internet (clearly hypothetical), are they releasing their own classified information never having known it was classified?

Baresark:

gardian06:
...snip...

The only issue I can see with what you said is that everyone knows the Big 3 are making these requests. If we know 15 such requests are made, it literally changes nothing about what the already knows. I don't think they are talking about releasing the exact information requested by them, they are just trying to save public face by being more forthcoming with information to everyone, but in such a manner that said information is not compromised. Also, I question the ability to label someone's information classified when they themselves do not know their information is classified. For instance: Someone makes a tweet that sets off alarms, the NSA requests the associated information and it's classified. But if the user were to have that information themselves and post it on the internet (clearly hypothetical), are they releasing their own classified information never having known it was classified?

actually you have that backwards. the person posts a tweet that puts out alarm bells to NSA. the NSA then submits a classified request for that users information (twitter must comply, or be deemed complicit in the statements made) then when twitter gives the information to the NSA also classified (in response to a classified request). So when all is said and done Twitter has no right to say that NSA made a request during the last 6 months, or that any request was even made. So twitter is not trying to post the classified information what was requested (depending on the information would show that they were complicit in the original action), but that a request happened at all.

from looking at the article it feels like they want to more or less make statements such as "the government has the right to request information on users that shall remain classified, but no requests have been made in the past 6 months", or "the government has the right to request information on users that shall remain classified, and X requests have been made in the past 6 months" as a user whenever I see a site make a statement about 'government has the right to request information of users' then I would like to know 'why would they need my information' 'has such a request ever been made', 'how often are these requests made'. but given that all requests are done with the "Classified" header means that this is a very very big up hill battle for twitter which may very easily turn them into a scapegoat for national security and "why not to challenge the DOJ.

gardian06:

Scars Unseen:

Devin Connors:

This past April, Twitter sent a draft of its latest transparency report to the FBI for approval, only to have the agency reject the report on the grounds of protecting classified material.

This part boggles my mind. How can information be classified when the knowledge of it is already held by a corporate entity that isn't contracted by the government to handle classified information? And why on earth should said corporate entity be responsible for protecting it in the first place? I'm trying to come up with a good analogy for this, but nothing a sane person would do fits. They are classifying the act of asking questions to people with no authorization to access classified information.

Whiskey Tango Foxtrot

as close as I can understand is that what is being classified is the request of information. for example a "terrorist" leaning tweet is made (possibly containing some of the trigger words that email scans are supposed to return) then under such things as the Patriot Act the FBI, or NSA can request the packet information used to send the tweet in (which could given circumstances be an instant link to the sender) that in turn could lead to a detainment under said Patriot ACT (Guantanamo pop+1) now what I can understand is that any document sent to a company in this fashion is probably sent "For eyes Only", or "Classified" both of these clearance related headers actually require that any decimation of the information inside be considered to be an act of treason, and in the cases of a document marked "Classified" if questioned about it by an entity that does not have direct clearance the document in question much be disavowed of existing in the first place.

So to clarify: twitter wants to place in its transparency statement how many requests for information have been made by the big 3 (FBI, CIA, NSA), and what types of request they were (even if 0), but because these requests are probably marked classified (meaning that someone of sufficient authority sent it) then even acknowledging the existence of the request is treason, and then decimating any of the information within is a "threat to national security"

But that's my point. That knowledge - the existence, types, and numbers of requests are already known to entities not authorized to access classified information: the corporations the requests are being made to. How then can it be classified information when it is already held by people with neither authorization to access classified information nor contractual obligation to protect it? That would be like being told by the police that I was not allowed to disclose the fact that they pulled me over and did a vehicle search even if they found nothing incriminating in my car.

Scars Unseen:

gardian06:

Scars Unseen:

This part boggles my mind. How can information be classified when the knowledge of it is already held by a corporate entity that isn't contracted by the government to handle classified information? And why on earth should said corporate entity be responsible for protecting it in the first place? I'm trying to come up with a good analogy for this, but nothing a sane person would do fits. They are classifying the act of asking questions to people with no authorization to access classified information.

Whiskey Tango Foxtrot

as close as I can understand is that what is being classified is the request of information. for example a "terrorist" leaning tweet is made (possibly containing some of the trigger words that email scans are supposed to return) then under such things as the Patriot Act the FBI, or NSA can request the packet information used to send the tweet in (which could given circumstances be an instant link to the sender) that in turn could lead to a detainment under said Patriot ACT (Guantanamo pop+1) now what I can understand is that any document sent to a company in this fashion is probably sent "For eyes Only", or "Classified" both of these clearance related headers actually require that any decimation of the information inside be considered to be an act of treason, and in the cases of a document marked "Classified" if questioned about it by an entity that does not have direct clearance the document in question much be disavowed of existing in the first place.

So to clarify: twitter wants to place in its transparency statement how many requests for information have been made by the big 3 (FBI, CIA, NSA), and what types of request they were (even if 0), but because these requests are probably marked classified (meaning that someone of sufficient authority sent it) then even acknowledging the existence of the request is treason, and then decimating any of the information within is a "threat to national security"

But that's my point. That knowledge - the existence, types, and numbers of requests are already known to entities not authorized to access classified information: the corporations the requests are being made to. How then can it be classified information when it is already held by people with neither authorization to access classified information nor contractual obligation to protect it? That would be like being told by the police that I was not allowed to disclose the fact that they pulled me over and did a vehicle search even if they found nothing incriminating in my car.

boils down to 2 major things first being the patriot act: if an entity (person or corporation) act, represents themselves in such a way to be considered a threat to national security (divulging classified information falls into this) then they can "without due process" be detained as a terrorist, or at the very least be charged with treason (this part predates the Patriot act, but is the biggest point of contention).
then on top of that add that if a company if found to be in violation of the patriot act then all assets of that company, and the assets of all those in contact with that company shall be frozen.

in your analogy the police officer cannot make such a statement as all actions that a "law enforcement officer" take are actually public record (the actual findings can be locked as part of an "active/ongoing investigation", but the actions are public). now if in your analogy it was an FBI agent, and they said "we were never here" then technically under such things as the Patriot act (one of the scariest laws that was ever fast tracked as a result of hysteria) you can't even talk about the situation, or you can be charged with treason, or treated as a terrorist on "suspicion"

so the obligation that company has to maintain the classified status is: "talk about any specifics and all of your companies assets, your families assets, and even your personal friends assets (of everyone in the company) can be seized, and all of you can be charged with treason"

fun fact if you ever see a document marked "for eyes only", or "classified" and look at the contents without 'authorization' it is considered an act of treason to the US government, and DOJ even tells this to government employees.

gardian06:

Baresark:

gardian06:
...snip...

The only issue I can see with what you said is that everyone knows the Big 3 are making these requests. If we know 15 such requests are made, it literally changes nothing about what the already knows. I don't think they are talking about releasing the exact information requested by them, they are just trying to save public face by being more forthcoming with information to everyone, but in such a manner that said information is not compromised. Also, I question the ability to label someone's information classified when they themselves do not know their information is classified. For instance: Someone makes a tweet that sets off alarms, the NSA requests the associated information and it's classified. But if the user were to have that information themselves and post it on the internet (clearly hypothetical), are they releasing their own classified information never having known it was classified?

actually you have that backwards. the person posts a tweet that puts out alarm bells to NSA. the NSA then submits a classified request for that users information (twitter must comply, or be deemed complicit in the statements made) then when twitter gives the information to the NSA also classified (in response to a classified request). So when all is said and done Twitter has no right to say that NSA made a request during the last 6 months, or that any request was even made. So twitter is not trying to post the classified information what was requested (depending on the information would show that they were complicit in the original action), but that a request happened at all.

from looking at the article it feels like they want to more or less make statements such as "the government has the right to request information on users that shall remain classified, but no requests have been made in the past 6 months", or "the government has the right to request information on users that shall remain classified, and X requests have been made in the past 6 months" as a user whenever I see a site make a statement about 'government has the right to request information of users' then I would like to know 'why would they need my information' 'has such a request ever been made', 'how often are these requests made'. but given that all requests are done with the "Classified" header means that this is a very very big up hill battle for twitter which may very easily turn them into a scapegoat for national security and "why not to challenge the DOJ.

My point was that everyone knows these requests happen already, we are aware of the governments ability to make such requests (even if we don't agree with it). Reporting whether or not a request was made doesn't make a difference I wouldn't think.

I also agree, that is what the article seems to be saying. They only wish to be able to report the fact that a request happens, not tell everyone the details of the request. Feels more like trying to put on a good public facing image while simultaneously submitting to the request of the government.

If you read all three letters, the FBI explicitly states how many times they have sent that request, and that number is 249. And, they also basically say you can feel free to tell them that the amount of users who were looked into were so infinitesimally small as to be virtually meaningless, you just can't disclose the actual number.

Given what I read, there is something more going on there than what was written about in the OP. You should really read the documents for yourself before you try to understand exactly what is going on there.

 

Reply to Thread

Posting on this forum is disabled.