The world's leading technology companies have united to demand sweeping changes to US surveillance laws, urging an international ban on bulk collection of data to help preserve the public's “trust in the internet”.
In their most concerted response yet to disclosures by the National Security Agency whistleblower Edward Snowden, Apple, Google, Microsoft, Facebook, Yahoo, LinkedIn, Twitter and AOL have published an open letter to Barack Obama and Congress on Monday, throwing their weight behind radical reforms already proposed by Washington politicians.
“The balance in many countries has tipped too far in favour of the state and away from the rights of the individual – rights that are enshrined in our constitution,” urges the letter signed by the eight US-based internet giants. “This undermines the freedoms we all cherish. It’s time for change.”
Several of the companies claim the revelations have shaken public faith in the internet and blamed spy agencies for the resulting threat to their business interests. “People won’t use technology they don’t trust,” said Brad Smith, Microsoft's general counsel. “Governments have put this trust at risk, and governments need to help restore it.”
The chief executive of Yahoo, Marissa Mayer, said: “Recent revelations about government surveillance activities have shaken the trust of our users, and it is time for the United States government to act to restore the confidence of citizens around the world."
Silicon Valley was initially sceptical of some allegations about NSA practices made by Snowden but as more documentary evidence hasemerged in the Guardian and other newspapers detailing the extent of western surveillance capabilities, its eight leading players – collectively valued at $1.4tn – have been stung into action amid fears of commercial damage.
“We understand that governments have a duty to protect their citizens,” they say in the letter. “But this summer’s revelations highlighted the urgent need to reform government surveillance practices worldwide.”
Crucially, Silicon Valley and these key reformers in Congress now agree the NSA should no longer be allowed to indiscriminately gather vast quantities of data from individuals it does not have cause to suspect of terrorism in order to detect patterns or in case it is needed in future.
“Governments should limit surveillance to specific, known users for lawful purposes, and should not undertake bulk data collection of internet communications,” says the companies' new list of principles.
They also argue that requests for companies to hand over individual data should be limited by new rules that balance the “need for the data in limited circumstances, users’ reasonable privacy interests, and the impact on trust in the internet”.
Feinstein, who represents California, has been accused by critics of being a cheerleader for Washington's intelligence committee but now faces opposition from her state's largest industry.
The companies also repeat a previous demand that they should be allowed to disclose how often surveillance requests are made but this is the first time they have come together with such wide-ranging criticism of the underlying policy.
The industry's lobbying power has been growing in Washington and could prove a tipping point in the congressional reform process, which has been delayed by the autumn budget deadlock but is likely to return as a central issue in the new year.
The Feinstein and Leahy/Sensenbrenner bills agree with technology companies that there should be greater transparency of court rulings regulating surveillance and more opportunity for privacy advocates to argue against intelligence agency requests.
The eight technology companies also hint at new fears, particularly that competing national responses to the Snowden revelations will not only damage their commercial interests but also lead to a balkanisation of the web as governments try to prevent internet companies from escaping overseas.
“The ability of data to flow or be accessed across borders is essential to a robust, 21st century, global economy,” the companies argue in the list of reform principles. “Governments should permit the transfer of data and should not inhibit access by companies or individuals to lawfully available information that is stored outside of the country. Governments should not require service providers to locate infrastructure within a country’s borders or operate locally.”
And they argue foreign governments need to come together to agree new international standards regulating surveillance, hinting at legal disputes and damage to international trade otherwise.
“In order to avoid conflicting laws, there should be a robust, principled, and transparent framework to govern lawful requests for data across jurisdictions, such as improved mutual legal assistance treaty – or “MLAT” – processes,” say the companies. “Where the laws of one jurisdiction conflict with the laws of another, it is incumbent upon governments to work together to resolve the conflict.”
Official responses to the Snowden revelations have been angriest in countries subject to US surveillance such as Germany and Brazil, but more muted in countries such as Britain and Australia, whose governments are close partners of the NSA.
Martha Lane Fox, who recently resigned as the British government's digital champion, responded to the new letter by expressing concern at the lack of understanding of both the scale and complexity of the surveillance story within Britain's government.
"We do have an issue in this country among the corporate world, the political establishment and the general population where we have a shortage of skills and understanding for the digital age," she told the Guardian. "There is an absence of a clear, coherent debate around this subject in this country and it's a very big issue that will only become more frequent the more technologically dependent we become."
She pointed to comments made by the former Conservative home office minister Lord Blencathra and the Labour peer Lord Soley, who both expressed concern at the scope of surveillance by the security services.
"[The government] needs to listen to people, to examine whether their policies are fit for the digital age. It's not that people aren't used to their data being collected, but what it is being collected for, and there needs to be a distinction between the average person and a security threat."
The eight internet companies behind the new letter also acknowledge that business also has a responsibility to protect privacy.
“For our part, we are focused on keeping users’ data secure, deploying the latest encryption technology to prevent unauthorised surveillance on our networks, and by pushing back on government requests to ensure that they are legal and reasonable in scope,” they conclude.
“We urge the US to take the lead and make reforms that ensure that government surveillance efforts are clearly restricted by law, proportionate to the risks, transparent and subject to independent oversight.”
Google, Twitter, Yahoo and last week Microsoft have all responded to public concerns over surveillance by increasing the security of their products, introducing “perfect forward secrecy” encryption to protect information travelling on their internal systems.
"The security of users' data is critical, which is why we've invested so much in encryption and fight for transparency around government requests for information,” said Google's chief executive, Larry Page.
“This is undermined by the apparent wholesale collection of data, in secret and without independent oversight, by many governments around the world. It's time for reform and we urge the US government to lead the way.”