By David Ignatius
WASHINGTON — With the global furor over the National Security Agency’s surveillance activities, you might think that other governments are refraining from such intrusive monitoring. But recent reports by U.S. technology companies make clear that foreign governments are aggressively compelling the “lawful” disclosure of information, just as the NSA does.
The latest indication of the volume of international snooping came last week from Facebook. The company said it had received requests from 74 countries for data on more than 38,000 users during the first half of this year. To be sure, the U.S. was the overwhelming leader in making such demands, with between 20,000 and 21,000 requests. But it’s interesting to note how widely this surveillance tool is used.
Germany, for example, requested information about 2,068 Facebook users in the first half of 2013. That was more than the 1,598 users pinged by France, just under the 2,337 users tagged by Britain, and far less than the 4,144 users whose information was sought by India. The Facebook report included requests from both law enforcement and security agencies, but didn’t break down how many of either it had received.
Microsoft, Google, Twitter and other big technology companies have issued similar reports, which make clear that the surveillance issue involves governments around the globe. Paradoxically, perhaps, the NSA, though widely perceived as operating outside the law, actually faces stricter legal limits than those that apply in many other countries.
Microsoft disclosed last March that in 2012, it had received law-enforcement requests for information about 122,015 users or accounts, excluding its Skype affiliate. Of those, 24,565 came from the U.S., followed by 17,973 from France, 14,301 from Britain, 14,077 from Turkey and 13,226 from Germany. Microsoft said it also received less than a thousand “national security letters” last year from the FBI for intelligence purposes, but the company has not disclosed how many similar intelligence demands it had received from foreign countries.
Google provided a similar picture of global pressure to provide information. The company noted that in the second half of 2012, it produced data in response to 21,389 requests from 31 countries, including Germany, France, Russia and Taiwan, as well as the U.S. Twitter said that in the first half of 2013, 36 countries sought information about 1,697 accounts. The U.S. government accounted for 78 percent of requests for user data, Twitter said.
Stewart Baker, a leading legal expert on surveillance, noted in congressional testimony in late July that of a dozen democratic countries surveyed in a 2012 report, only the U.S. and Japan imposed “serious limits on what electronic data private companies can give to the government without legal process. In most other countries, and particularly in Europe, little or no process is required before a provider hands over information about subscribers.” Baker, a former NSA attorney, writes a widely read blog about surveillance issues called “Skating on Stilts.”
The extent of the global surveillance problem was foreshadowed by a 2003 study by the Max Planck Institute in Germany, cited by Baker. Researchers estimated the number of surveillance orders per 100,000 people in more than a dozen countries. As Baker summarized the findings, “an Italian or Dutch citizen is more than a hundred times more likely to be wiretapped by his government than an American.”
Why then is surveillance seen as an American problem, rather than a global one? Here again, Baker offers a pointed and cogent analysis: “Thanks to own open debates and detailed legislative limits on intelligence gathering, Europeans know far more about U.S. intelligence programs than about their own. … As a result, it’s easy for European politicians to persuade their publics that the United States is uniquely intrusive. … In fact, the reverse is true.”
Revelations about NSA surveillance appear to have convinced many Europeans that their data is safer if it isn’t held by American cloud-service providers. German Interior Minister Hans-Peter Friedrich explicitly warned in July: “Whoever fears their communication is being intercepted in any way should use services that don’t go through American servers.” A study released last month by the Information Technology and Innovation Foundation estimated that because of such fears spawned by the NSA revelations, the U.S. cloud-computing industry could lose between $22 billion and $35 billion over the next three years.
Here’s an interesting challenge for NSA whistleblower Edward Snowden and his WikiLeaks supporters: Now that Snowden has been granted refuge in Russia, perhaps he can focus a spotlight on illegal and intrusive surveillance by Russian intelligence agencies. That would be a courageous act, indeed, and a global public service.
David Ignatius’ email address is firstname.lastname@example.org.