A Letter To The LinkedIn Community
Dear LinkedIn Community,
At LinkedIn, our members come first. That is our core value. Our success is based on the trust that our members place in us. We strive in all our actions to earn their trust by ensuring our policies, procedures and practices provide the clarity, consistency and control that our members have come to expect from us. We do all of this with a fundamental commitment to transparency.
To that end, today we are pleased to be releasing our most recent Transparency Report for the first half of 2013. This report discloses information regarding government requests from around the world for member data we received from January 1 through June 30 of this year and our responses to those requests. As you will see, the report discloses the number of various types of government requests but unfortunately excludes requests related to U.S. national security-related matters. The reason for this exclusion is simple: we have been expressly prohibited by the U.S. government from disclosing the number of U.S. national security-related requests we receive, if any. This prohibition, which limits our ability to provide the transparency that we think our members and the public deserve, has been the source of great disappointment and frustration to us.
LinkedIn has long sought to increase transparency about government requests for our members’ data, which has become particularly important in light of recent revelations about the extensive nature of U.S. government surveillance. We also have engaged with policy makers to improve the framework for protecting members’ data, taking action on many fronts.
For example, through our efforts as part of the Digital Due Process Coalition, we continue to promote changes to the Electronic Communications Privacy Act, an outdated patchwork of confusing standards for allowing law enforcement access to personal information held by technology companies. As a matter of principle, we think it is critical that the U.S. government - while preserving the tools it needs to protect the public - promote and enact laws that protect privacy and take into account changes in technology and user patterns.
LinkedIn strongly believes that all data, whether analog or digital, whether stored on personal computers or in the cloud, is subject to full U.S. Constitution Fourth Amendment protection, no less than documents stored in a file cabinet or in a desk drawer. By way of example, if the U.S. government wants to access a rolodex of contacts located in physical form on an individual’s desk without notice to the person, that can be obtained only via a search warrant, which requires the government to demonstrate “probable cause.” But when that same rolodex of contacts is stored electronically in the cloud (for instance, your LinkedIn connections), current statutes provide that the U.S. government can access that data without notice to the individual via a subpoena to LinkedIn, which requires the government to show only that the data sought is “relevant” to its investigation, a much lower standard than probable cause. It makes no sense that the technological advancement of our society should reduce the protections offered under the Fourth Amendment. Based on this constitutional principle, we require the government to use the higher standard and obtain a search warrant for access to a member’s connections.
We scrutinize and evaluate every request for member data. Consistent with our commitment to our members, we provide only data that we believe we are legally required to provide or under emergency circumstances. We also take steps to notify the member whose data is being requested prior to providing the data, whether the requestor is the government or a private party, unless we are legally prohibited from doing so or the request is an emergency.
It was against that background, and consistent with our history of proactive engagement and cooperation with law enforcement and other regulatory agencies in both the U.S. and abroad, that we engaged in active discussions with the U.S. government, and did so for months, including at the highest levels of the FBI. Despite our outreach and efforts to work cooperatively, we were recently told by the U.S. government that, notwithstanding our commitment to transparency, we were prohibited from providing our members and the general public with even basic, aggregate information regarding the numbers of national security-related requests, if any. We decided we owed it to our members, the internet industry and the general public to take action.
As reflected in a letter to the Director and General Counsel of the FBI we sent today, we have been unable to convince the U.S. government that their requirements are not legally warranted and make no sense, especially as applied to a company like LinkedIn. In our discussions, the U.S. government ultimately gave us two choices:
- We can report the total number of all non-security-related U.S. government requests and can separately report the total number of national security letters received, if any, but only within a bucket range of 0 to 1000 annually (even if we issue our Transparency Reports twice a year), and without any reporting regarding the requests we receive, if any, under the U.S. Foreign Intelligence Surveillance Act (FISA); or
- We can report in a single bucket of 0 to 1000 every six months all U.S. government requests, including national security letters and FISA requests, if any, but cannot break the bucket down into specific numbers, percentages or otherwise.
Both alternatives, for a company like LinkedIn with relatively low numbers of requests for member data in general, are nonsensical, as they would seriously distort the information provided to our members and the public and, of course, would reduce rather than enhance transparency. For example, if we received 100 non-security related requests and 10 national security letters in a year, we could report only the 100 requests and then state that the number of national security letters was between 0 and 1000. We believe that this type of reporting defeats transparency, and in fact, would be misleading about the number of users affected by government requests, and could generate unwarranted concern by members and the general public, both in the United States and abroad.
Make no mistake, we deeply respect and support the U.S. government’s strong interest in, and its obligation to protect, national security. However, this interest must be weighed against transparency and accountability. The bottom line is that we firmly believe that what we are seeking – the disclosure of the number of U.S. national security-related requests that we receive – is consistent with national security interests, the law and our commitment to transparency.
As a result, and given our inability to reach agreement with U.S. government representatives despite our best efforts, we are left with no choice but to file a legal challenge to the U.S. government’s position.
Today we are filing a petition in the U.S. Foreign Intelligence Surveillance Court seeking the ability to publish the specific number of national security-related requests we receive (if any) under each of the various provisions of FISA. In addition, we are asking that the Court hold its hearing on our petition in public, rather than in secret as is its normal practice. Our petition echoes requests made to Congress and the President by industry members and public interest organizations earlier this year.
We are also filing today an amicus brief in the U.S. Court of Appeals for the Ninth Circuit urging affirmance of the district court’s ruling in the case of “In Re National Security Letter”, No. 11-02173 SI (N.D. Cal.), which held that national security letter disclosure restrictions (aka “gag orders”) violate the First Amendment and, in particular, that the prohibition on disclosure of the number of such letters received is not required by national security interests. If the Ninth Circuit affirms the district court’s opinion, then we anticipate we will be allowed to include in our Transparency Report the actual number of national security letters we receive, if any, rather than having to do so in buckets of 1000.
We don’t take such important steps lightly, but these are issues we firmly believe in. As a matter of principle, we think it is imperative that the U.S. government – while retaining the tools needed to protect national security – (a) interpret and apply the law in a manner that respects and protects individuals’ privacy, (b) take into account technological evolution, and (c) balance the need for national security with the critically important values of trust and transparency. That would be good for our members, good for business, and good for the Internet.
We further believe that greater transparency on these issues will help foster and inform the ongoing and vitally important public debate surrounding the U.S. government’s security programs. We plan to continue to advocate for these principles in every appropriate venue so that we can deliver on our commitment to transparency, and continue to earn our members’ trust.
Vice President, General Counsel