Governments Are Feeding on Facebook Data: Report Shows Recent Rise in Official Requests for User Information

For the period between January and June 2019, Facebook received 128,617 requests for user data from various government entities—16% above the 110,634 requests in the period between July and December 2018.¹ This uptick was described in Facebook’s latest transparency report (the “Report”), which provides information about government data requests.² The bulk of the requests (50,741) came from U.S. law enforcement agencies; however, government entities in India, the United Kingdom, Germany, and France also accounted for a large amount of the requests.³ In the United States, Facebook produced at least some data in response to 88% of the requests accompanied by legal process, and 78% of emergency requests.

The Report comes at a high-tension moment, as technology giants and world governments clash over privacy issues—especially end-to-end (and single-key) encryption.⁴ End-to-end encryption is the process by which technology companies make communications on their platforms accessible only to the sender and receiver(s) of the communications; once adopted, the technology companies themselves cannot access the communications, and hence cannot produce them when confronted with a search warrant.⁵ On October 4, 2019, Attorney General Barr, and his counterparts in the United Kingdom and Australia, penned an open letter to Facebook’s CEO, Mark Zuckerberg, requesting that Facebook abandon its pursuit of end-to-end encryption for all of its messaging services.⁶ Barr warned that Facebook’s plan “puts our citizens and societies at risk by severely eroding a company’s ability to detect and respond to illegal content and activity, such as child sexual exploitation and abuse, terrorism, and foreign adversaries’ attempts to undermine democratic values and institutions. . . .”⁷ By contrast, privacy advocates and cryptography experts warn that it is technically infeasible to build “exceptional access” backdoors for law enforcement, because doing so would render systems vulnerable to criminals and authoritarian governments.⁸

As the debate over encryption intensifies, and as government requests for user data increase, technology companies have sought to assure users of privacy. In a blog post accompanying the Report, Chris Sonderby, Facebook’s Vice President and Deputy General Counsel, promised users:

[W]e always scrutinize every government request we receive for account data to make sure it is legally valid. This is true no matter which government makes the request. If a request appears to be deficient or overly broad, we push back, and will fight in court, if necessary. We do not provide governments with “back doors” to people’s information.⁹

Likewise, Google’s Transparency Report Help Center states, “Our legal team reviews each and every request, and frequently pushes back when requests are overly broad or don’t follow the correct process.”¹⁰

While the debate over end-to-end encryption, and the consequences thereof, usually centers on terrorism or child abuse, it is also of increasing importance to white collar enforcement.¹¹ For example, in 2018, the United States Attorney’s Office for the You secured guilty pleas from the members of an insider trading ring who communicated via “an encrypted mobile messaging application [], which allows users to set a timer to messages to irretrievably ‘self-destruct.’”¹² Accordingly, those concerned with white collar enforcement would do well to pay close attention to the legal developments surrounding encryption. They should also make sure their social media policies are up-to-date, as the government will continue to seek what data is available.