Electronic Frontier Foundation::

In this era of unprecedented digital surveillance and widespread political upheaval, the data stored on our cell phones, laptops, and especially our online services are a magnet for government actors seeking to track citizens, journalists, and activists.

In 2016, the United States government sent at least 49,868 requests to Facebook for user data. In the same time period, it sent 27,850 requests to Google and 9,076 to Apple.1 These companies are not alone: where users see new ways to communicate and store data, law enforcement agents see new avenues for surveillance.

There are three safeguards to ensure that data we send to tech companies don’t end up in a government database: technology, law, and corporate policies. Technology—including the many ways data is deleted, obscured, or encrypted to render it unavailable to the government—is beyond the scope of this report.2 Instead, we’ll focus on law and corporate policies. We’ll turn a spotlight on how the policies of technology companies either advance or hinder the privacy rights of users when the U.S. government comes knocking,3 and we’ll highlight those companies advocating to shore up legal protections for user privacy.

Since the Electronic Frontier Foundation started publishing Who Has Your Back seven years ago, we’ve seen major technology companies bring more transparency to how and when they divulge our data to the government. This shift has been fueled in large part by public attention. The Snowden revelations of 2013 and the resulting public conversation about digital privacy served as a major catalyst for widespread changes among the privacy policies of big companies. While only two companies earned credit in all of our criteria in 2013 (at a time when the criteria were somewhat less stringent than today4), in our 2014 report, there were nine companies earning credit in every category.