Feeds

EFF report identifies which internet firms 'have your back' on data

Twitter is tops, but big-name fails from Verizon, Apple, and others

Beginner's guide to SSL certificates

The annual Electronic Frontier Foundation (EFF) report on data protection among online firms has shown lax privacy standards among some of the biggest names in the business when the government comes knocking at the door.

A total of 18 companies were assessed on their privacy policies and T&Cs, stated procedures for handling government data-mining expedition requests, and their overall level of transparency. These factors were then ranked alongside what they'd actually done in the real world when asked by the authorities, plus any lobbying efforts undertaken on the issues in Congress.

The report's dunces were Verizon and MySpace, with both companies getting zero out of a possible six gold stars (a curiously child-like scoring system, in this hack's opinion), with Apple, AT&T, Comcast and Yahoo! only scraping a single star apiece. Amazon and Comcast managed two stars each.

"Apple and AT&T are members of the Digital Due Process coalition, but don't observe any of the other best practices we're measuring. And this year, as in past years, MySpace and Verizon earned no stars in our report. We remain disappointed by the overall poor showing of ISPs like AT&T and Verizon in our best practice categories," the EFF states.

The star pupils, with the full six gold stars (and presumably a pat on the head from teacher) were Twitter and West Coast ISP Sonic.net. Twitter has defended the rights of users ranging from Occupy protestors to French racists, and Sonic.net makes a point of minimizing data retention times to a legally-required bare minimum and not cooperating with IP-hunting legal shysters.

Google and Microsoft got praise for raising awareness of National Security Letters (NSLs) – government-issued investigatory orders with a tight gagging clause that can be enforced without judicial oversight. The NSL orders have now been ruled unconstitutional by a US court, though that decision is pending appeal.

But Google also got a demotion for a change in its official policy on informing users if they are under investigation. This year, the Chocolate Factory changed its T&Cs on user notification to promising to tell them "when appropriate," which the EFF considers so nebulous as to allow a whole host of shenanigans.

But Google gets praise for pioneering the practice of transparency reports, a practice adopted last year by Dropbox, LinkedIn, Sonic.net, SpiderOak, and Twitter, and more recently Microsoft. Such reports are fast becoming key to informing users on privacy practices, but there are still plenty of companies managing petabytes of data that shun them, including Amazon, Apple, AT&T, and Verizon.

"Readers of this year’s annual privacy and transparency report should be heartened, as we are, by the improvements major online service providers made over the last year," the report concludes.

"While there remains room for improvement in areas such as the policies of location service providers and cellphone providers like AT&T and Verizon, certain practices – like publishing law enforcement guidelines and regular transparency reports – are becoming standard industry practice for internet companies." ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
Bladerunner sequel might actually be good. Harrison Ford is in it
Go ahead, you're all clear, kid... Sorry, wrong film
Musicians sue UK.gov over 'zero pay' copyright fix
Everyone else in Europe compensates us - why can't you?
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Euro Parliament VOTES to BREAK UP GOOGLE. Er, OK then
It CANNA do it, captain.They DON'T have the POWER!
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
Forget Hillary, HP's ex CARLY FIORINA 'wants to be next US Prez'
Former CEO has political ambitions again, according to Washington DC sources
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.