The PRISM slide that first implicated major companies in dragnet surveillance, even if they were forced by law to comply. Image: Wikipedia
How many people have had their data lawfully collected by the US intelligence community? For the first time, we've got an answer from the big tech giants: Tens of thousands a year.
Today, Google, Facebook, LinkedIn, Microsoft, and Yahoo all released updated transparency data concerning FISA requests, and while Facebook notes that data is collected "a small fraction of one percent of Facebook user accounts"—a point that rings true for all of the above—that's about all we know.
Such opacity in reporting is exactly what Attorney General Eric Holder and Director of National Intelligence James Clapper were going for when they announced that tech companies could finally disclose Foreign Intelligence Surveillance Act records. FISA is the law that largely governs how agencies like the NSA collect bulk metadata.
According to the new rules, companies are only allowed to report on how many specific requests they received in bands of 1000, or total requests in bands of 250. They're also allowed to split FISA requests across content and non-content types, which Yahoo describes thusly:
FISA Requests for Disclosure of Content may be used to get content that users create, communicate, and store on or through our services. This could include, for example, words in an email or instant message, photos on Flickr, Yahoo Address Book or Calendar entries and similar kinds of information.
For the rest of the story: http://motherboard.vice.com/blog/the-tech-giants-new-data-on-government-spying-leave-more-questions-than-answersFISA Requests for Disclosure of Non-Content Data (NCD) are limited to NCD such as alternate e-mail address, name, location, and IP address, login details, billing information, and other transactional information (e.g., “to,” “from,” and “date” fields from email headers).