Technology companies will be allowed to reveal more details about government data requests under a tentative agreement with the U.S. Department of Justice.
The deal announced on Monday is in line with efforts by President Barack Obama's administration to create more transparency about law enforcement and national security orders.
[ Also on InfoWorld: Hallelujah, the NSA has been reformed! | Get your websites up to speed with HTML5 today using the techniques in InfoWorld's HTML5 Deep Dive PDF how-to report. | For a quick, smart take on the news you'll be talking about, check out InfoWorld TechBrief -- subscribe today. ]
The agreement, which must be approved by the Foreign Intelligence Surveillance Court, enables "communications providers to make public more information than ever before about the orders they have received to provide data to the government," according to a letter on Monday from the U.S. Office of the Deputy Attorney General.
The letter was sent to Facebook, Google, LinkedIn, Microsoft, and Yahoo, all of which had filed motions with the court asking for permission to publish more information on orders and directives that sought user information. The companies are withdrawing their motions. Apple, which did not file a motion with the court, said it was pleased with the new rules.
In a joint statement, the five companies that received the letter praised the deal but said "we'll continue to encourage Congress to take additional steps to address all of the reforms we believe are needed."
The new disclosure rules were widely but cautiously welcomed, as broader debate continues on how the U.S. government should revise its surveillance programs that were revealed through documents leaked by former NSA contractor Edward Snowden.
The American Civil Liberties Union said "it is commendable that the companies pressed the government for more openness, but even more is needed."
"Congress should require the government to publish basic information about the full extent of its surveillance, including the significant amount of spying that happens without the tech companies' involvement," the ACLU said in a statement.
House Judiciary Committee Chairman Bob Goodlatte, a Republican from Virginia, said in a statement the agreement is a move toward more transparency but "additional steps are needed in order to ensure our nation's intelligence collection programs include real protections for Americans' civil liberties."
Under the agreement, the Director of National Intelligence has declassified data disclosed in aggregate, within certain limits. This includes data related to the Foreign Intelligence Surveillance Act, which in some cases couldn't be disclosed at all in the past.
Companies now have two options for publicly reporting data. Under the first option, statistics on Foreign Intelligence Surveillance Act (FISA) orders and National Security Letters (NSLs) can be published every six months.
For FISA requests, there must be a six-month delay between the publication date and the period covered in the report. Information about NSLs, including the number of customer accounts affected by NSLs, can be reported within ranges of 1,000, starting with 0-999. The same rule applies to FISA orders and the customer selectors, or search terms, targeted in them. There are no restrictions on reporting on criminal process inquiries.
If a company develops a new service, the government can use a "New Capability Order" exception to force the company to delay its reporting of orders for two years.
The second option lets companies report the total number of national security requests they received, including NSLs and FISA orders, within ranges of 250. That limit also applies to the total number of customer selectors targeted in FISA orders and NSLs, the letter said.
As a result of the agreement, Apple said it was re-reporting all the national security letters it has received, including FISA orders and NSLs, under the second option. For the first half of 2013, Apple received fewer than 250 national security orders.
Kevin Bankston, policy director of the New America Foundation's Open Technology Institute, an open-source software advocate, criticized the number ranges under which companies are allowed to disclose requests.
"Fuzzing the numbers into ranges of a thousand -- and even worse, lumping all of the different types of surveillance orders into a single number -- serves no national security purpose while making it impossible to effectively evaluate how those powers are being used," he said in a statement.