Barton Gellman writes that Twitter deserves wider notice for its “remarkable display of backbone” when served with a sealed court order to produce records on users. I concur, as do a number of us in #privchat on Twitter who think everyone should #ThankTwitter.
But Gellman’s article goes further, and reports what happened when he contacted other companies to inquire about their policies:
It is beyond reasonable doubt that authorities asked other companies to supply the same kinds of information sought from Twitter, but none of them admit it. Soghoian notes that standard procedure in this kind of forensic work is to assemble data from many sources to “draw the graph” of Wikileaks and its leadership — who communicates with whom, and when, and who initiates the contact — even if the contents of the conversations are encrypted. Twitter lived up handsomely to a policy of providing no private information without a binding order, and of notifying users unless legally barred from doing so. The other companies, with a few partial exceptions, will not say what their policies are. I sent carefully framed questions to Verizon Wireless, Sprint, AT&T, T-Mobile, Comcast, Time Warner Cable, Google, Yahoo, Microsoft, Facebook, MySpace and Skype. None replied to most of them. Partial answers, when I got them, were mostly homilies about how seriously they take privacy and how carefully they review each request.
[…]
I asked the companies how many times in 2010 they were served with government demands for non-public information about their customers, and whether they (1) try to narrow those demands; (2) insist on compulsory legal orders before complying; (3) ask courts to allow them to notify their customers; (4) tell customers who inquire, if legally permitted, whether their private data has been obtained by authorities; (5) follow stronger or weaker interpretations of their customers’ rights in areas of disputed law, such as the pro-privacy holdings in the Sixth Circuit and Ninth Circuit that do not bind other jurisdictions. I further asked them, if they declined to answer these questions, why they believed their customers did not deserve to know.
Here is what I got back ….
Read the entire article and the companies’ responses on TechLand