Facebook claims it has “aggressively” protected its user data from the US government snooping, following revelations that the National Security Agency (NSA) had “direct access” to their servers under a data collection programme called Prism.
Revealing details of the scheme for the first time, Facebook said it received 9,000-10,000 requests for user data from US government entities in the second half of 2012.
The social-networking site said the requests, relating to between 18,000 and 19,000 accounts, covered issues from local crime to national security.
Microsoft meanwhile said it received 6,000 and 7,000 requests for data from between 31,000 and 32,000 accounts.
Secret documents obtained last week by The Guardian and Washington Post indicate that the highly classified operation, known as PRISM, granted the NSA free rein to access technology firms networks at any time, giving the agency access to the time, location and content of messages.
PRISM is primarily geared toward foreign and terror intelligence gathering but also catches home grown users.
In the initial report, nine firms were alleged to be willing accomplices in the scheme; including Yahoo! PalTalk, YouTube, Skype, AOL and Apple (see slide leaked to the Guardian below).
The news has sparked widespread concern in the US. Nearly 20,000 people have signed a petition at Progressive Change Campaign Committee calling on Congress to hold investigations.
In an effort to reassure its users, Facebook lawyer Ted Ullyot wrote on the company’s blog that following discussions with the relevant authorities it could for the first time report all US national security-related requests for data.
“As of today, the government will only authorise us to communicate about these numbers in aggregate, and as a range,” he said.
For the six months ending 31 December 2012, the total number of user-data requests Facebook received was between 9,000 and 10,000, relating to between 18,000 and 19,000 accounts.
“These requests run the gamut – from things like a local sheriff trying to find a missing child, to a federal marshal tracking a fugitive, to a police department investigating an assault, to a national security official investigating a terrorist threat,” Ullyot said.
“With more than 1.1 billion monthly active users worldwide, this means that a tiny fraction of 1% of our user accounts were the subject of any kind of US state, local, or federal US government request.”
Ullyot did not indicate to what extent the company had fulfilled the requests, but said Facebook had “aggressively” protected its users’ data.
“We frequently reject such requests outright, or require the government to substantially scale down its requests, or simply give the government much less data than it has requested,” he said.
Later, Microsoft also published information about the volume of national security orders during the second half of 2012, stressing that they had an impact on only “a tiny fraction of Microsoft’s global customer base”.
While praising the Department of Justice and Federal Bureau of Investigation for permitting the disclosures, Microsoft Vice-President John Frank called on them to “take further steps”.
“With more time, we hope they will take further steps. Transparency alone may not be enough to restore public confidence, but it’s a great place to start,” he wrote in a statement.
Earlier this month, Edward Snowden, a former employee of defence contractor Booz Allen Hamilton and former CIA technical assistant, leaked details of the Prism programme.
The 29-year-old fled the US to Hong Kong shortly before the Guardian and Washington Post newspapers published his revelations.
His whereabouts are unknown, and he has vowed to fight extradition to the US should the authorities attempt to prosecute him.
Watch the video from 29-year-old government contractor Ed Snowden (the source of the leak) below:
Read the Microsoft statement here
Read the Facebook blog here