NSA/FBI Got Access To Content Of Around 40,000 Yahoo/Google User Accounts In First Six Months Of 2013

from the it's-a-lot dept

Last week, we noted that the DOJ and various internet companies had settled their legal fight, which concerned whether or not those companies could reveal the details of how many FISA Court requests they were receiving -- both in terms of how many requests they get and how many accounts are impacted. While Apple immediately released their information, showing very few users impacted, the real interest is in Google, Yahoo and to a lesser extent Facebook. Both Google and Yahoo have put out blog posts updating their transparency report numbers. It appears that both Yahoo and Google decided to go with "option 1" in the settlement, which lets them reports NSLs and FISA orders separately, but in bands of 0-999. The big question with both of them, really, was just how many "customer accounts affected" there would be, and both presented numbers (in slightly different formats). Google showed a historical listing:
Yahoo just shows the most recent:
If you remember, by choosing Option 1, the companies could actually show "customer accounts affected" -- if they had chosen option 2, they could only show targeted customers, leaving out others who were affected as well. But here we see that the number of accounts affected is much larger than the number of requests (though certainly much more limited than some assumed). That is, these requests (which make up a large part of the PRISM program) impact thousands of users, but not millions or "all" as some have claimed. There may very well be other NSA surveillance programs that get data from many more users, but not the FISA orders/PRISM.

Concerning the Google data, you can see that there's been a pretty big increase in the number of users impacted over the past few years, peaking at the end of 2012, but that drop in the beginning of 2013 may be just seasonal. Meanwhile, it's interesting to see that a much larger number of Yahoo accounts have been impacted. Of course, for all we know, there could have been one FISA order to Google and three to Yahoo and then the number of accounts impacted would be around 10,000 per order. But, without more granularity, it's impossible to tell.

What does seem clear is that there are about 40,000 accounts on Yahoo or Google to which the NSA/FBI and others in the intelligence community have access.

Update: Facebook and Microsoft have updated their info as well and it's more of the same:
Microsoft, a major surveillance partner for the US government, received fewer than 1,000 orders from the Fisa court for communications content during the same period, related to between 15,000 and 15,999 “accounts or individual identifiers”.

The company, which owns the internet video calling service Skype, also disclosed that it received fewer than 1,000 orders for metadata – which reveals communications patterns rather than individual message content – related to fewer than 1,000 accounts or identifiers.

[....] Facebook disclosed that during the first half of 2013, it turned over content data from between 5000 and 5999 accounts – a rise of about 1000 from the previous six month period – and customer metadata associated with up to 999 accounts.


Reader Comments (rss)

(Flattened / Threaded)

  1. This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Feb 3rd, 2014 @ 1:20pm

    Yay! "it's impossible to tell." -- JUST AS I TOLD YOU: MEANINGLESS NUMBERS.

    But what I want to know is how many MORE of these USELESS items are you going to run about meaningless numbers? -- Cause I HOOT every time and want to look forward to more hooting!

    Google. Collecting and collating every bit of you. (176 of 195)

    09:19:59[k-362-5]

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Feb 3rd, 2014 @ 1:28pm

    is it any wonder that the requests get 'rubber stamped' by the FISC judges? they must be worn out doing it!

    no wonder either why one of them put in a letter stating they didn't want any more work because they wouldn't be able to do their job properly! their arms must get cramp something rotten!

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Feb 3rd, 2014 @ 1:30pm

    Re: Yay! "it's impossible to tell." -- JUST AS I TOLD YOU: MEANINGLESS NUMBERS.

    If OOTB makes a post, and no one bothers to read it, did he actually tell anyone anything?

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, Feb 3rd, 2014 @ 1:34pm

    Re: Re: Yay! "it's impossible to tell." -- JUST AS I TOLD YOU: MEANINGLESS NUMBERS.

    Yes. Just beyond the Source Wall.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    PRMan, Feb 3rd, 2014 @ 1:38pm

    Re: Re: Re: Yay! "it's impossible to tell." -- JUST AS I TOLD YOU: MEANINGLESS NUMBERS.

    So only Lex Luthor and Darkseid can understand him? Nah, that's giving him too much credit.

     

    reply to this | link to this | view in thread ]

  6. This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Feb 3rd, 2014 @ 1:57pm

    Google

    Google is Swell!

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Anonymous Coward, Feb 3rd, 2014 @ 2:02pm

    Re: Google

    Lol

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Feb 3rd, 2014 @ 2:04pm

    "you can see that there's been a pretty big increase in the number of users impacted over the past few years"

    That's the issue I was worried about when I saw the data. It may not be "everyone" or "all" accounts, but that number is jumping significantly when terrorism appears to be slowing (especially in/on US soil)...

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anonymous Coward, Feb 3rd, 2014 @ 2:08pm

    Re: Yay! "it's impossible to tell." -- JUST AS I TOLD YOU: MEANINGLESS NUMBERS.

    Yay it's impossible to tell how many times people's rights were violated without due cause!

    You dolt.

     

    reply to this | link to this | view in thread ]

  10.  
    icon
    That One Guy (profile), Feb 3rd, 2014 @ 2:14pm

    Re:

    I'd disagree, 'official' terrorism has been rising for years(after all, haven't countless people from the government and private companies been constantly trying to keep people afraid and panicky so they'll give up their rights?), it's just 'unofficial' terrorism(the kind that has an actual body-count) that's been falling, probably from them realizing that they've been made redundant.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Anonymoose, Feb 3rd, 2014 @ 3:55pm

    Smoking mirrors

    ..of course, the picture this paints in aggregate says 'thousands', which is all the talking point anyone needs to try to contain outrage. These numbers reflect what the NSA has asked companies for (via rubber stamp, etc).

    But the requests aren't even a bug on the tip of the iceberg vs. the total volume collected on the net's backbone, or compromised via 'focused' hacking and backdoor access.

    These handful of thousands are not what the feds have been trapping. They've been trapping everything. On and off the internet. Transaction records, travel patterns, communications, associations, cat pictures posted, reading habits, blah blah blah.

    But this agreement allows everyone to pretend that this is contained, non-abusive, and that everyone is on the up and up and it's no big deal.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, Feb 3rd, 2014 @ 5:10pm

    1
    1
    1
    1......is too fucking to much.......yeah, i said it, I DO NOT TRUST THEIR LYING MORALITY AUTHORITARIAN THREATENING ILLUSIONARY BULLSHIT

     

    reply to this | link to this | view in thread ]

  13. This comment has been flagged by the community. Click here to show it
     
    icon
    krolork (profile), Feb 3rd, 2014 @ 5:31pm

    We need a revolution.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous Coward, Feb 3rd, 2014 @ 7:13pm

    So we're seeing X (thousands) of requests of up to Y (tens of thousands) of accounts in size.

    With Z (unknown) overlap of targetted accounts per requests,

    ( X * Y ) - Z = we've-seen-too-much

    How many of those X requests we're submitted as evidence to the disinfecting light of a courtroom?

    If zero (or a secret number) then we cannot know if it was "worth it".

    We must conclude these folks are fisherman in the sense that they go fishing, and not in the sense that they catch fish.

     

    reply to this | link to this | view in thread ]

  15.  
    icon
    Ninja (profile), Feb 4th, 2014 @ 2:17am

    We now know this is mainly targeting regular citizens that happen to be engaged in something the Govt dislike or being of some ethnic group (Muslims!) perceived as threats. Real criminals probably don't even use those services (not the worst ones at least, we still have the dumb ones out there).

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    [deleted], Feb 4th, 2014 @ 5:45am

    Wait, there is more!

    Per Holder, there were some 50k convictions using evidence laundering, before they started backpaddling and admitted in open court.

    Here is my question:

    If NSA tipped off and FBI found that one suspect is up to no good, while another in same case is clear, did they withheld exculpatory evidence as well?

    If so, then we have way bigger mess then they admit. And its outright criminal.

    Therefore, I am patiently awaiting #ggreenwald to release Supreme Court justices dirt in due course. It may turn, they were on board all along.

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    FM Hilton, Feb 4th, 2014 @ 10:50am

    Funny, this happened shortly after

    I blame Mike totally for this:

    The same day that he posted this article, Yahoo decided to start crapping out. First, the whole thing went down, rather a very startling event. I'd never seen that happen before, and I've used it for over 15 years. Total disconnection.

    Second, now the darn bookmarks and other sets on my yahoo page are crapping out.

    I think the NSA is onto you, Mike, and they're punishing people for using it.

    I hate conspiracy theorists, but I'm close to becoming one, after this.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    rbg, Feb 4th, 2014 @ 1:09pm

    Apple Technicians play dumb

    yes and if you get put on the list, you get signed up as a "developer" customer in that Apple uses your account for software development. Applecare technicians have been trained to play dumb. When you find an obvious sign that something is not right the technician asks "what are you doing looking at the
    /var folder" come on get a clue Apple.

     

    reply to this | link to this | view in thread ]

  19.  
    icon
    tbg (profile), Feb 4th, 2014 @ 1:15pm

    This is what made me a target

    I helped a friend write a complaint to a Judicial Ethics Commission pointing out
    blatant fraud, and unethical conduct by a Judge and Amicus Attorney.
    Approximately 4 days before the complaint was to be filed, I had 3 windows based computers on my home network rendered to Digit zeros with with evidence documents and other exhibits for the complaint destroyed.
    At the time, I didn't really know what happened and just assumed it was a virus that hit my network and all I needed to do was to do were reinstalls of the computer operating systems and all would be well. I was wrong. Even to this day, I continue to have network and computer problems.
    After the network attack, the windows computers were rendered as junk. I ordered a new Macbook Pro thinking that a new computer would solve the network problems. The network problems continued. Shortly after the new Macbook Pro was delivered to my home from the Apple online store, I discovered that the EFI Firmware Password had been set before it was delivered. Somebody had tampered with this computer before it arrived at my home. Apple stated that they did not know how this would have happened and they agreed to replace the computer with the one that I
    am now using.
    I continued to have problems.The recent NSA leaks confirmed my suspicions that I was targeted, but I still have a hard time believing that the government would do such a thing.
    After the Snowden revelations, I was determined that I was going to find out for sure and press the issue with Apple. I could never get Apple to do any followup calls to address my issues. Before this
    ordeal, I knew very little about computers, but I have educated myself to an extent and Apple cannot or will not answer my questions. When no Sr. Apple Technician in the United States will return my calls, it seems that all my calls to Applecare are routed to Applecare in Canada.
    Recently a Sr. Level Apple Advisor in Canada stated to me that when Apple initially replaced the computer which had the firmware tampered with, they replaced it with a computer that did not have the standard operating system that it should have had. The replacement computer had a modified operating system installed.

    This is when Apple technicians start giving the run around and never return calls which is where I am at now. I am tired of them asking me "Why did you install that font" What are you doing in Terminal? It's my computer and I can look at anything i want.

     

    reply to this | link to this | view in thread ]

  20.  
    icon
    btrussell (profile), Feb 5th, 2014 @ 3:32am

    Re: Smoking mirrors

    It is only about one every 6 1/2 minutes, 24 hours a day, 7 days a week. When you are truly paranoid, that is not that many people to be afraid of./s

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Clownius, Feb 5th, 2014 @ 8:05am

    Re: This is what made me a target

    Serious nuke it. Wander a few towns over and grab a generic system and put Linux on it. Depending on your confidence go for a distribution thats either simple or super secure.

    Trust no one....

    That system will be hundreds of times more secure even with a simple distribution of Linux than one you believe has been tampered with.

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 2:29pm

    Re: This is what made me a target

    If you're gonna fight the powah, better spend some money on vps's which you vpn through. Only one might be more than enough. Gotta know what good companies out there exist, there's loads. And if even more paranoid, run IPBlock (linux) or peerblock on windows but do not use their useless free lists, there is one specific german made pay list that is really good at making attempts at communicating with your computer falling into a black hole...

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 2:30pm

    Re: Re: This is what made me a target

    Also : your files aren't destroyed most likely....well now they are that you formatted over those hard drives...but had you installed an OS and a good data recovery program on a different drive..your data would be most likely retrievable.

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    tbg, Feb 5th, 2014 @ 4:16pm

    Re: Re: This is what made me a target

    The powah as you refer to them are nothing more than a band of rogue criminals . They will be caught. It's real interesting when I call applecare and start have them go through the font book step by step. Everyone especially applecare that the base of a system starts with the fonts. If you have bad fonts the whole system is bad. It looks like now I am trying to shore up the font book and get rid of all the red xs

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    tbg, Feb 5th, 2014 @ 4:18pm

    Re: Re: Re: This is what made me a target

    no I am not going to fight anyone other than document the cases and abnormalities with applecare so there will come a point when I can say I have called in to applecare over 1000 times and they never fixed the problem

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    tbg, Feb 5th, 2014 @ 7:51pm

    Re: Re: Smoking mirrors

    neat name, your first would not be brent would it? lol

     

    reply to this | link to this | view in thread ]

  27.  
    icon
    btrussell (profile), Feb 7th, 2014 @ 1:51am

    Re: Re: Re: Smoking mirrors

    Thanks! No, but it is my real name initials.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This