The US court that authorizes surveillance of foreign citizens through Internet firms has agreed to lift the lid on its secret practices — but only by a tiny degree.
The case involves the Foreign Intelligence Surveillance Court, which rules on what US security staff are allowed to do and what information they can access. It’s this court, which enacts the Foreign Intelligence Surveillance Act (FISA), that not only decides whether internet firms have to share information with security staff, but also whether they are allowed to tell anyone about the sharing.
For the most part the firms have to keep everything secret and can’t tell the user concerned, a measure designed to prevent tipping off a suspect. However, the ban extends even to publishing the statistic of how many times the companies have been forced to share information under a FISA order.
Google and Microsoft are both challenging the latter restriction in court. They want to list the specific number of FISA demands when breaking down figures in their transparency reports, which include overall statistics on government demands for user data.
That court challenge was itself set to be cloaked in total secrecy. However, the court has now agreed that, in a change to usual procedure, both Google and Microsoft can publicly reveal procedural information about their challenge.
In other words, Google and Microsoft aren’t allowed to tell users when they share their data with security staff acting through FISA orders. They aren’t yet allowed to say how many times overall they share data through FISA orders. But they are being granted a special concession: the right to publicly share the argument they are putting to the court for publishing that figure.
Of course, if the argument fails, we’ll never find out why. The terms of the court mean the details of its rulings are themselves secret and aren’t even accessible to Congress members — something members of both parties are trying to change.