Verizon may not have been able to fight a secret Foreign Intelligence Surveillance Court order, revealed last night by the Guardian, to hand over subscribers’ call data to the National Security Agency. But over the past decade, the phone company—and its competitors—haven’t tried very hard to resist such government surveillance.
As USA Today reported in 2006, the telecom industry started working with the NSA in 2001 to assemble call records of “tens of millions” of Americans. In 2008, the Wall Street Journal detailed how the program had expanded to emails, Internet searches, and bank and credit-card transactions, allegedly including copies of all data going in and out of an AT&T server in San Francisco. Only Qwest, with its tiny market share and a chairman soon afterward convicted of insider trading, declined to participate.
Phone calls, though, aren’t the way everyone communicates anymore. A terrorist could just as easily conduct business over Google Voice or Skype, which is encrypted. And troves of information are stored in cloud-based services, on social networks, and on e-commerce websites.
Luckily for consumers, Internet companies tend to be much less willing to share your data with Big Brother. Many companies,1 for example, demand that law enforcement get a warrant if it wants your email, even though the law doesn’t explicitly require one for older messages. Twitter, Google, and Microsoft publish transparency reports that show how many times the government requested data, and how often their requests were granted. All of those companies have joined with public interest groups like the American Civil Liberties Union to form the Digital Due Process coalition, which is advocating for updates to privacy law for the Internet age. Google even challenged a national security letter this year. And with the notable exception of Yahoo! and Amazon, these companies do a whole lot better than the telecom ones on the Electronic Frontier Foundation's privacy scorecard—where Verizon rates the worst.
So why is Silicon Valley so much better about safeguarding your stuff? Here are a few possible reasons.
The Internet companies usually depend much more on advertising for revenue, which means they need your data, and they need you to be comfortable handing it over (Verizon only started doing this more recently). Trust is increasingly important for social-media companies like Facebook, which has outraged users on several occasions by making their information more public than expected, and data-storage companies like Dropbox, which needs people to believe their information is safe. Defending your information from the government buys goodwill, while not cutting into their bottom line.
At the risk of overgeneralizing, the people of the Internet industry tend to be much more libertarian in their political views. (The top House recipient of the industry’s campaign donations last cycle, as I mentioned before, was Ron Paul.) That would make them less willing to go along with government requests for information.
And perhaps most importantly: The telecom industry has always had a cozier relationship with government, dating back to its days as a regulated monopoly called Ma Bell. It's used to cooperating with requests from officials, since it used to be required to as a condition of its privileged status, and still needs to work with agencies like the Federal Communications Commission for access to public airwaves. That's why public interest advocates tend to complain about regulatory capture: There's a well-oiled revolving door between the big telecom companies and senior government positions (conveniently, Verizon's chief security officer used to work for the FBI). By contrast, the Internet is a less regulated realm—partly because it’s newer—and zealously guards its freedom. Internet companies tend to exchange staff with groups like the Electronic Frontier Foundation and the Center for Democracy and Technology, instead of regulatory agencies and the security state.
They might not be able to hold out for long, though: The Obama administration is trying to compel the likes of Facebook and Google to let law-enforcement officials snoop on their users' conversations.
Among them Dropbox, Facebook, Foursquare, Google, LinkedIn, Microsoft, Tumblr, Twitter, and WordPress.