In this era of unprecedented digital surveillance and widespread political upheaval, the data stored on our cell phones, laptops, and especially our online services are a magnet for government actors seeking to track citizens, journalists, and activists.
In 2016, the United States government sent at least 49,868 requests to Facebook for user data. In the same time period, it sent 27,850 requests to Google and 9,076 to Apple. These companies are not alone: where users see new ways to communicate and store data, law enforcement agents see new avenues for surveillance.
There are three safeguards to ensure that data we send to tech companies don’t end up in a government database: technology, law, and corporate policies. Technology—including the many ways data is deleted, obscured, or encrypted to render it unavailable to the government—is beyond the scope of this report. Instead, we’ll focus on law and corporate policies. We’ll turn a spotlight on how the policies of technology companies either advance or hinder the privacy rights of users when the U.S. government comes knocking, and we’ll highlight those companies advocating to shore up legal protections for user privacy.
Since the Electronic Frontier Foundation started publishing Who Has Your Back seven years ago, we’ve seen major technology companies bring more transparency to how and when they divulge our data to the government. This shift has been fuelled in large part by public attention. The Snowden revelations of 2013 and the resulting public conversation about digital privacy served as a major catalyst for widespread changes among the privacy policies of big companies. While only two companies earned credit in all of our criteria in 2013 (at a time when the criteria were somewhat less stringent than today), in our 2014 report, there were nine companies earning credit in every category.
Today, technology users expect tech companies to have transparency around government access to user data, and to stand up for user privacy when appropriate. And companies are increasingly meeting those expectations. But there are still many companies that lag behind, fail to enact best practices around transparency, or don’t prioritize standing up for user privacy.
The role of Who Has Your Back is to provide objective measurements for analyzing the policies and advocacy positions of major technology companies when it comes to handing data to the government. We focus on a handful of specific, measurable criteria that can act as a vital stopgap against unfettered government access to user data. Through this report, we hope to galvanize widespread changes in the policies of technology companies to ensure our digital lives are not subject to invasive and undemocratic government searches.