Facebook, Google+ Privacy Issues: Police Can Access User Accounts Without A Warrant, Report Says

According to statistics from the American Civil Liberties Union (ACLU), the U.S. Department of Justice’s live access to social media sites and e-mail providers has jumped by 80 percent from 2010 to 2011.

But police are doing more than just accessing social media accounts—they’re keeping track of how social media users communicate and whom they communicate with. Documents released by the ACLU on Thursday indicate police are using a law from 1986 that tells authorities what phone numbers were dialed, enabling more invasive surveillance.

This allows police to monitor who social media users are in contact with and which Internet addresses they visit. Authorities may even be able to track down specific “Likes” and “+1”’s from Facebook and Google+, the report says.

The ACLU hopes the disclosure of these documents, obtained under the Freedom of Information Act, would push Congress to implement stricter requirements when it comes to police access to “noncontent data.” This term refers to a category that excludes e-mail messages and direct messages. Currently, the government is allowed to “use these powerful surveillance tools with very little oversight in place to safeguard Americans’ privacy,” according to ACLU staff attorney Catherine Crump, who spoke to CNET on Thursday.

However, some efforts are being undertaken to address this privacy concern. On Tuesday, Rep. Zoe Lofgren (D-Calif.) proposed a bill that would force authorities to get warrants before accessing American e-mail accounts and tracking their cellphones. But senators delayed a vote on a similar bill last week when law enforcement groups objected.

The newly-released documents show the Justice Department conducted 1,661 live intercepts on social networks and e-mail providers in 2011, a move that should require a judge’s approval. However, it is unclear how many of these intercepts were aimed at social media sites and how many were targeted e-mail providers.

To perform these “noncontent” intercepts, police generally need to seek court approval for a pen register or trap and trace order, according to CNET. These are terms derived from a surveillance law that is now decades old, which was designed to make it easier for police to track phone numbers associated with incoming and outgoing calls. This law was extended to the Internet with the Patriot Act more than 10 years ago.  

But the type of information police are seeking from these social networks has not been specified. Authorities can gain access to a Facebook users’ Internet Protocol address or port number, but it is unclear whether a “+1” or information about a user’s friends can be obtained.

“This is a very invasive surveillance technology,” said Christopher Soghoian, principal technologist with the ACLU’s Speech, Privacy and Technology Project, in an interview with CNET. “We don’t have a feel for how broadly it’s being used.”

Despite these reports of invasive federal surveillance, the topic of Internet privacy is not being taken lightly by lawmakers. California Governor Jerry Brown has signed two bills prohibiting universities and employers from requiring that applicants reveal their e-mail and social media account passwords. The Los Angeles Times reports the announcement was made on various social media sites on Thursday, including Twitter, Facebook, Google+, LinkedIn and Myspace.