Tech and media firms join Twitter in key test of FBI gag orders

A bitter fight between the Justice Department and Silicon Valley is expanding as a diverse group of companies have lined up behind Twitter in a case that will help determine the limits of free speech in the age of Edward Snowden.

On Tuesday, groups ranging from BuzzFeed to Wikipedia to the Guardian filed friend-of-the-court briefs (see below) to support a challenge by Twitter to Patriot Act gag orders. Two other large companies, which are only allowed to refer to themselves as “Corporations 1 & 2,” also filed briefs.

The case, which began when Twitter sued the Justice Department in October, turns on how companies may use so-called “transparency reports” to tell users about government requests for their data.

Twitter claims it has a right under the First Amendment to say specifically how often it receives National Security Letters, while the government counters that companies can only do so in broad strokes lest they jeopardize national security.

In recent years, the FBI has made extensive use of National Security Letters to obtain information about subscribers, while also attaching gag orders to the letters that forbid companies from revealing they have even received a letter in the first place. The Justice Department has issued hundreds or thousands of such letters to companies like Google, Facebook and AT&T.

In its lawsuit, Twitter claims it is an illegal prior restraint of free speech for the government to bar companies from even disclosing that they have received a letter. A group of media companies has now voiced support for that argument:

“Twitter’s proposed transparency report is no less entitled to free speech protections than ‘literature’ or ‘movies,'” said the brief filed on behalf of BuzzFeed, NPR, the Washington Post, PEN America, the Guardian and First Look Media.

The brief reflects the media’s newfound legal interest into what has largely been a tech industry fight, but also shows how digital media companies like BuzzFeed are finally taking up the legal fight for free speech, a burden that has long been borne almost entirely by old-line newspaper companies.

“Corporations 1 & 2”

Meanwhile, a separate filing shows that a phone and internet company are also weighing in on the Twitter case, but in the guise of “Corporations 1 & 2.” The companies (which are likely Verizon and Google or Yahoo) are using the pseudonyms at the direction of a judge, and are muzzled in part because they are already before an appeals court in another national security case over the right to disclose government demands.

The right of internet companies to discuss security letters has become more pressing since 2013 , when leaked documents from Edward Snowden revealed massive surveillance operations by the U.S. government. Those operations rely on obtaining information from tech and phone companies, and have been facilitated by the legal process governing Patriot Act letters, as well as a related process for NSA demands.

In response, companies like Twitter have come to claim that free speech and the public interest give them the freedom to disclose how many NSA and FBI letters they receive in the first place. The companies stress they are not arguing for the right to disclose the contents of the letters, since doing so could jeopardize ongoing investigations, but only the existence of the letters.

The docket also shows that a group of other entities  — the Wikimedia Foundation, CloudFlare, Sonic, Wickr, Credo Mobile and Automattic (publisher of WordPress.com) — filed a brief in support of Twitter.

Here’s a copy of the media companies’ filing with some of the key parts underlined. Note that a key part of the argument turns on whether the federal judge has authority to hear the case in the first place (as the companies argue) or if the case belongs instead in a controversial secret court (as the Justice Department claims).

Media Amicus in Twitter Case

[protected-iframe id=”c2f560431d071729a0491afe9d08caae-14960843-34118173″ info=”https://www.scribd.com/embeds/256148646/content?start_page=1&view_mode=scroll&show_recommendations=true” width=”100%” height=”600″ frameborder=”0″ scrolling=”no”]

This article was updated at 12:35pm ET to note that Automatic is the publisher of WordPress.com; an earlier version said “WordPress” (which refers to the software used by the company, WordPress.com). This article was also updated at 1:40pm on Thursday to clarify that it was the Wikimedia Foundation (not Wikipedia) that was on the amicus brief.

Firms may face new $16,500 privacy fines under White House bill

Many consumers have grown resigned to the parade of privacy breaches that occur when apps or big tech companies like Facebook or Google misuse their personal data. These incidents typically result in a slap on the wrist for the offending company, but that could change under a new privacy law the White House is expected to propose next month.

According to Politico, which offers details from three Administration sources, the proposed law would work by strengthening data protection rules and by greatly increasing the power of the Federal Trade Commission to impose fines.

This last point is significant since the FTC, which is the country’s de facto privacy cop, is often incapable of meting out real punishments, even in the event of most egregious privacy breaches. A recent example is a company that used a free flashlight app to steal personal data from 50 million Android users but avoided even a fine. As a result, newer companies like Snapchat may be tempted to play fast and loose with privacy, knowing there will be few consequences.

While the FTC has been able to punish repeat offenders, including Facebook and Google, through the use of 20-year consent decrees, the companies sometimes appear to treat such measures as just a cost of doing business. But under the new bill, the FTC would pack more of a punch, including a new power to fine $16,500/day:

The agency, under the administration’s proposal, would gain the power to issue civil penalties against companies, sources said. Currently, the FTC can only levy fines when companies break existing privacy or security settlements with the agency. But the bill would empower the FTC to slap businesses with penalties of $16,500 per violation per day for breaking the law, one source indicated. Other portions of the bill would firm up the FTC’s legal authority over nonprofits and telecom companies.

If passed, the law would also reportedly increase the FTC’s oversight over data brokers and in emerging areas of tech like facial recognition software. It may also give consumers new power to learn what information internet companies possess about their personal lives, though it would not go as far as Europe’s controversial “right to be forgotten” law.

While the additional powers FTC may be welcomed by many consumers, the proposed law could prove contentious in Congress, and with the increasingly powerful tech lobby. Opponents are likely to claim that the stricter controls on data and privacy could inhibit innovation, and risk imposing emerging industries in red tape.

To learn more, and to hear directly from the FTC, come join Gigaom at Structure Data in New York City on March 18, where I’ll be speaking with FTC Commissioner Julie Brill.

How California’s new ‘do-not-track’ law will hurt consumers

http://blog.ericgoldman.org/archives/2013/10/how_californias.htm

Law professor and blogger Eric Goldman drops some knowledge on the ineffectiveness and, one could argue, innovation-hindering effects on these types or privacy laws. I think regulation is a good idea, but it must be flexible and it should be paired with better public education so consumers can make informed choices. I’d rather websites spend money protecting my data or asking me at the time of collection whether they can use data for ads.

Facebook fights to seal financial info in privacy payout case

Facebook wants a court to approve a deal that will see it pay $20 million to settle the ‘sponsored stories’ controversy. But now, as groups file objections, the judge is questioning whether the settlement’s blacked out financial figures can remain secret.

One win could cost Apple lots of won in South Korean lawsuit

Apple could face a number of payouts in South Korea based on its methods of iPhone location information collection and storage. A lawyer who won himself one million South Korean won ($936 U.S.) based on the issue is now looking to help others cash in.