In a paper published by Christopher Soghoian, a doctoral candidate at the School of Informatics and Computing at Indiana University, he warns that Police and other agencies have “enthusiastically embraced” requesting information from entities like Sprint, Facebook, and, AOL. While law enforcement makes “tens of thousands of requests” for your personal information, there are no U.S. federal laws that require reporting of those requests.
“Unfortunately, there are no reporting requirements for the modern surveillance methods that make up the majority of law enforcement requests to service providers and telephone companies,” Soghoian wrote. “As such, this surveillance largely occurs off the books, with no way for Congress or the general public to know the true scale of such activities.”
While real-time interception of items like your email must be reported and tracked, requests for your information after the fact are easier to manage and cheaper to obtain. Citing a New York Times story from 2006, Soghoian wrote that AOL was receiving 1,000 requests per month. In 2009, Facebook told Newsweek that it received 10 to 20 requests from police per day. Sprint received so many requests for mobile-phone location information that they set up a web interface to give law enforcement direct access. This site was used 8 million times in one year.
“The reason for this widespread secrecy appears to be a fear that such information may scare users and give them reason to fear that their private information is not safe, ” Soghoian wrote.
These numbers are really just the tip of the iceberg given that reporting these requests is not required. While the House of Representatives considered legislation to remedy the situation, the Department of Justice shot it down, saying the reporting requirements would be too time consuming.
Read Christopher Soghoian’s paper, The Law Enforcement Surveillance Reporting Gap, here.
via TechWorld