Image 01 Image 03

Yahoo publishes first transparency report on government requests for user data

Yahoo publishes first transparency report on government requests for user data

Yahoo announced on its blog that it was publishing its first transparency report to share details of government requests for user data.  The company follows others that have published similar figures in light of recent revelations about the NSA’s surveillance program.

From the Washington Post:

Yahoo said Friday that it has received 12,444 requests for data from the U.S. government so far this year that covers the accounts of 40,322 users overall.

In its first government transparency report, the Web giant said it rejected just 2 percent of those federal government requests. Yahoo released the report to share some data about what governments around the world have asked the firm to disclose about its users in the first half of 2013.

As with other technology companies, Yahoo said that the report includes statistics for requests made through national security letters and those made under the Foreign Intelligence Service Act, in addition to other requests from law enforcement.

In 55% of US government requests, only non-content data, such as basic subscriber information, was disclosed.  Content was disclosed in 37% of the requests.  Yahoo defines content as information that could include “words in a communication (e.g., Mail or Messenger), photos on Flickr, files uploaded, Yahoo Address Book entries, Yahoo Calendar event details, thoughts recorded in Yahoo Notepad or comments or posts on Yahoo Answers or any other Yahoo property.”

yahoo-usg

In June, other companies like Facebook and Microsoft published the number of requests they’d received from the government, under the same limitations that national security requests could not be separated from the aggregate number of requests.

Google and Microsoft continue to pushback against the government in arguing for the authority to publish the number of national security demands for user content in a manner that is distinct from other law enforcement requests.  Last week, Microsoft announced that it would move forward with a lawsuit on the matter.

DONATE

Donations tax deductible
to the full extent allowed by law.

Comments

This is why I don’t use Google or Yahoo.

I use Startpage (cause I’m smart):

https://www.startpage.com/

I run my own exchange server here at home.

Duck, Duck Go is another search alternative.

I stay away from commercial software when I can, for example, I’ve run Linux since about 2001. Also everything I run is locked down medium-tight and I refresh from the bare metal about every 6 months.

Paranoid & excessive. No. Given what’s just become public, certainly not paranoid. As for excessive, check out some of the security folks in general, and any of the BSD family OS-es for folks who are serious. I do what’s easy.

I feel a rant coming on…

I used to dabble. What tore it for me was:

1 – One to many crashes with data loss, requiring a reinstall. Also, somehow, commercial products’ answer is always “Upgrade to the newest version (OK, maybe says me.) for only $49.95. (What?)” I got tired of injected defects in older products herding me into newer stuff I didn’t want. Like…

2 – Evil, horrible zero-day vulnerabilities numbers eleventy-three through eleventy-teen were fixed with a service pack. So far so barely tolerable. Service pack *required* install of a couple products I’d avoided (But they’re free!) because of vulnerabilities, DRM and terms of use. So, to get your defects fixed in what I already bought I have to put stuff on my machine that *requires* licensing terms I object to, and didn’t agree to?

3 – Increasingly egregious DRM terms in licenses, for example, shutting down features, products, whole system, locking out material that isn’t “signed” by someone the vendor recognizes, phoning home about various events never fully specified, etc. etc. And finally…

4 – Phoning home to verify licensing on startup. If it can’t connect or gets a negative report, thing shuts down. So, my using SW I bought from them is contingent on their systems being up? And my using hardware I didn’t buy from them is contingent on their letting me use their SW.

And don’t get me started about data held captive behind proprietary formats.

For a last and final kicker, note that Micro$oft is working on a new, magical thing that will check signatures of software being loaded at boot time. That’s right. BAKED INTO THE HARDWARE – they’re doing away with the BIOS – will be a magical check of the stuff being loaded vs. “authoritative” keys held elsewhere.

Think about that. Fine way to keep anybody else’s stuff off of hardware provided by vendors MSFT has locked up, eh? And now you’re dependent on their key service before the thing even starts.

Linux is tracking this effort so it’ll still go, maybe.