Facebook's transparency report falls short of expectations

(Cross-posted from the Centre for Communication Governance blog)

 

Stepping up to join other global Internet platform companies, Facebook released its first ‘Global Government Requests Report’ detailing the number of requests it receives from various countries for user data between January and June 2013. In this post I compare the Facebook report with the equivalent reports released by Google, Microsoft and Twitter in the past. For this purpose I have used the most recently published transparency reports of Google, Microsoft andTwitter.

Facebook’s transparency report does not deal with content regulation and removal requests. Thus, there is no way to know as to what content was taken down or censored pursuant to government requests by the social networking giant. Microsoft is the other company which similarly omits to provide information about content removal.

In contrast, both Google and Twitter disclose the number of governmental requests for removal of data. Both segregate this data on the basis of the source (court orders, executive, police etc.), and Google further segregates it by the reasons for removal (defamation, religious offence, hate speech etc.). Google also segregates the data such that the figures are available for each of the various services that it offers (including Blogger, Gmail, YouTube etc.).

Going one step further, Twitter, unlike all the other companies in the survey, provides information about withholding accounts and tweets, each separately. According to its transparency report, it also notifies users about withholding requests that pertain to their content, except when legally prohibited from notifying them. The Twitter report also states that wherever legally permissible, it publishes copies of the removal requests which have resulted in withheld content to Chilling Effects and also restores access to the withheld content.

Since, the number of content removal requests to Google and Twitter is fairly significant, it can be assumed that other comparable companies also receive such requests. I hope that both Facebook and Microsoft will expand their reports in the future to include the data regarding content removal.

The Facebook report confines itself to the data requests numbers from different countries and the number of users affected, along with the percentage of cases in which such data was provided. While, both Google and Twitter also present similar information in their reports, in case of United States in particular, both of them further segregate the data based on the type of requests pursuant to which the data was asked for (subpoenas, search warrants etc.). One shortcoming of the Twitter report is that it does not disclose the exact number of requests for countries for which it received less than 10 requests.

Microsoft in its report provides the number of data requests from different countries and the number of user accounts specified in those requests. However, instead of just mentioning the percentage of cases in which such data was provided, Microsoft segregates the total number of requests into the numbersand percentage of requests in which certain content information or non content information was disclosed.In cases where no information was disclosed it bifurcates it rejections of requests into two categories, firstly, in which no data was found and secondly, where the requests did not meet the legal requirements.

Thus, Microsoft’s report, in contrast to all the other reports, differentiates between content and non-content data. Google and Twitter do not disclose any statistics differentiating the disclosure of content and non content information. On the other hand although, Facebook mentions that while disclosing data, it ‘frequently share only basic user information, such as name’ it does not mention what other information will fall in this category thereby making it ambiguous.

According to their respective transparency reports, Google and Twitter inform their users about the request for user informationin cases where they are not prohibited by law. Twitter also sends a copy of the legal process to the users according to the report. Facebook’s policy in this regard is again ambiguous and though its transparency report is silent on this issue, its Information for Law Enforcement Authorities states that ‘law enforcement officials who believe that notification would jeopardize an investigation should obtain an appropriate court order or other process establishing that notice is prohibited’. This suggests that notice can be usually provided unless prohibited by law. However, this staement may make a greater impact on Facebook’s transparency and accessibility if integrated with the transparency report itself.

While on one hand Google and Microsoft are still awaiting permission to reveal the data under Foreign Intelligence Surveillance Act (FISA), the Facebook report suggests that they have included that particular data as well, as the report states that “The report contains every request for user data we received for the first six months of 2013 and contains the total number of requests we’ve received from each government, including both criminal and national security requests.”

Facebook’s latest report is an important first step towards transparency and accountability. But it could contain more details. Since this report has had the benefit of being preceded by other similar reports, it had the opportunity to adopt the best practices from the other reports and build on their shortcomings. It has not yet embraced that opportunity fully.

Having said that, it is also important, to note that none of the companies’ transparency reports are perfect and a lot more needs to done by each of them for making data and removal requests more transparent and accountable.