Facebook, Google, LinkedIn, Microsoft, and Yahoo can now publish more of the main points on user data that the govt. demands, but startups might suffer.

Facebook, Google, LinkedIn, Microsoft, and Yahoo have settled their information disclosure case against the govt with an agreement that enables them to publish more information about government demands for user data. However the compromise comes with conditions that put startups at a drawback.

Attorney General Eric Holder on Monday issued a letter to the corporations containing new guidelines for reporting aggregate statistical data about demands for customer information sought through National Security Letters (NSLs) and Foreign Intelligence Surveillance Act (FISA) orders.

“According to the President’s direction in his speech on January 17, 2014, these new reporting methods enable communications providers to make public additional info than ever before about orders that they receive to supply information to the federal government,” Holder’s letter says.

Because Google previously was forbidden from publishing any information regarding FISA orders, it published a blacked-out graph last November. Henceforth, will probably be in a position to publish approximate numbers, six months after the very fact.

[Is nothing sacred? Read NSA, British Spy Agency Collect Angry Birds Data.] 

Providers may publish requests made as portion of a criminal legal process without restriction. Every six months, they will publish the ensuing: the choice of NSLs received, the collection of customer accounts littered with NSLs, the choice of FISA orders for content, the selection of customer selectors (data field identifiers akin to “email address” or “name”) targeted under FISA content orders, the selection of FISA orders for non-content (metadata), and the variety of customer selectors targeted under FISA non-content orders.

These aggregate numbers, however, are limited of their accuracy as they need to be reported in increments of one,000, starting with zero to 999. For instance, a provider that received one NSL and a provider that received 900 NSLs each will be allowed to report receiving between zero and 1000 NSLs.

The government can be allowing a second option. As with the 1st option, data demands made through criminal legal process remain unrestricted. Providers will even report the combination choice of national security process demands received, including both NSLs and FISA orders, in increments of 250, starting with zero to 249. And separately they are going to report the variety of customer selectors covered by these orders, also using increments of 250.

“This can be a victory for transparency and a critical step toward reining in excessive government surveillance,” said Alex Abdo, staff attorney with the yankee Civil Liberties Union’s National Security Project, in an announcement. “Companies need to be allowed to report basic details about what they’re giving the federal government in order that Americans can decide for themselves whether the NSA’s spying has gone too far.”

Abdo, however, called for Congress to require the govt to publish basic information regarding intelligence gathering kept away from the compelled cooperation of technology companies. The recently disclosed choice of data from mobile apps represents an example of such covert data gathering.

Nate Cardozo, staff attorney for the Electronic Frontier Foundation, in a phone interview expressed disappointment that the technology companies accepted less freedom within the settlement than they’d been seeking and said he hoped another company would pursue the affirmation of broader free speech protection throughout the courts.

The Justice Department’s new guidelines puts startups at an obstacle, particularly if security is relevant to the company’s business model. When a corporation receives its first demand for info, the govt. may designate the demand a “New Capability Order.” If so, the corporate must wait two years (as well as the mandated six-month delay) to make its first report of aggregate numbers. So, were some entrepreneur to launch an encrypted email service, she or he couldn’t disclose information regarding government demands for data for 2 and a half years.

Some companies, akin to Apple, have used “warrant canaries” — an internet statement, including “no government demands for info had been received,” that gets deleted upon receipt of a central authority order — to speak the contrary case by the statement’s absence. Were authorities to insist that the statement remain unaltered, they’d be issuing an order to lie.

Although this tactic remains open to a legal challenge, Cardozo said he believes it’s lawful. “If a corporation does receive an order, all the same problems about compelled speech appear,” he said. “You cannot force someone to copy a lie. There’s fabulous Supreme Court precedent about that.”

InformationWeek Conference is an exclusive two-day event happening at Interop where you would join fellow technology leaders and CIOs for a packed schedule with learning, information sharing, professional networking, and celebration. Come learn from one another and honor the nation’s leading digital businesses at our InformationWeek Elite 100 Awards Ceremony and Gala. You can discover additional information and register here. In Las Vegas, March 31 to April 1, 2014.