A Facebook report on Tuesday revealed that government agents in 74 countries demanded information on around 38,000 users in the first six months of 2013. Nearly half of the demands originated from the U.S. government, which made between 11,000 to 12,000 requests on between 20,000 to 21,000 individuals. Approximately 79 percent of those requests produced some user data.
"Transparency and trust are core values at Facebook," the social network's legal team stated. "We strive to embody them in all aspects of our services, including our approach to responding to government data requests. We want to make sure that the people who use our service understand the nature and extent of the requests we receive and the strict policies and processes we have in place to handle them."
According to the chart, India made the second largest number of requests, pinging Facebook 3,245 times regarding 4,144 users and scoring user data 50 percent of the time. The UK followed with 1,975 requests on 2,337 individuals, then Germany with 1,886 requests on 2,068 users, Italy with 1,705 requests on 2,306 users and France with 1,547 requests on 1,598 users.
"We have stringent processes in place to handle all government data requests," the company said. "We believe this process protects the data of the people who use our service, and requires governments to meet a very high legal bar with each individual request in order to receive any information about any of our users."
On a dedicated guidelines page, Facebook provides examples of when the company is forced to hand over user data such as when a valid subpoena issued in connection with an official criminal investigation is required to compel the disclosure of basic subscriber records. This information may include name, length of service, credit card information, all email address, and all recent login/logout IP addresses, if available.
The company must also provide information when a court order is issued under 18 U.S.C. Section 2703(d), and when a search warrant is issued under the procedures described in the Federal Rules of Criminal Procedure or equivalent state warrant procedures, and probable cause is provided. "We interpret the national security letter provision as applied to Facebook to require the production of only 2 categories of information: name and length of service," the company said.
Additional scenarios include child exploitation, emergency requests regarding harm to children, and risk of death or serious physical injury to any Facebook user. On an international level, foreign authorities may need a Mutual Legal Assistance Treaty request or letter rogatory to compel the disclosure of the content of an account.
"We scrutinize each request for legal sufficiency under our terms and the strict letter of the law, and require a detailed description of the legal and factual bases for each request," the company said. "We fight many of these requests, pushing back when we find legal deficiencies and narrowing the scope of overly broad or vague requests. When we are required to comply with a particular request, we frequently share only basic user information, such as name."
Out of the entire list, the United States is the only country with an actual range of requests. Facebook explains that these numbers include all criminal and national security requests to the maximum extent permitted by law. Facebook said it's pushing Washington for more transparency regarding the requests, including specific numbers and types of national security-related requests.
Facebook's legal team said the company plans to release additional transparency reports on a regular basis in the future.
- Malware XPocalypse Looms for Windows XP Users
- 8 Tools to Watch Your Home Remotely
- A Smartphone Kill Switch Won't Stop Theft