Dr. Shun-Ling Chen, Assistant Research Professor, Institutum Iurisprudentiae, Academia Sinica
Topic: Making Service Providers Accountable to Subscribers: Analyzing and Critiquing Corporate-issued Transparency Reports
Abstract: In 2010, Google published the first ever “transparency report,” offering users an overview of how governments asked the company to provide users’ identity information or asked it to remove certain content. In 2014, after the Snowden revelations, publishing transparency reports became more than corporation’s good will but an industry standard. By publishing such reports, service providers attempt to alienate themselves from government surveillance programs and declare their support for user privacy and free speech rights. Since then, transparency reports have been established as an informal mechanism to hold service providers accountable to their subscribers.
This paper begins with an overview of transparency reports offered by major service providers, including the socio-political context and the narratives they offered. It then compares and analyzes these transparency reports. Although these reports do offer the public some information about government requests of user data and censorship, it is questionable whether they can really make providers accountable, or whether they can empower users to gain more choices and enhance their freedom.
This paper critiques the current state of affairs from several practical aspects. The lack of standardization – in terms of structure, categorization, presentation style, and frequency – makes it difficult for users to compare and conclude which providers have the better practices and protocols when users’ privacy and freedom of expression are at stake. Also, these reports are not audited by third parties. Without access to data or the ability to process data, it is hard to tell how trustworthy their numbers are. Moreover, these reports only cover how providers respond to government requests. Even if a provider gives correct numbers, it may still participate in other government surveillance program that is not reflected by such reports, such as Yahoo’s mass email scanning scandal.
The term “transparency” has been associated with government accountability. Private entities have been using other terms, such as corporate social responsibilities or social audits, when they voluntarily disclose information about their production process and environmental impacts. That service providers predominantly follow Google’s lead in choosing “transparency” for their report on government requests may have suggested new duties and obligations to their subscribers whose private information they now have control and access. Can the public demand service providers what they are willing to offer? Based on which grounds and to what extent can the public demand these private entities to be transparent? This paper also offers its critique from a theoretical aspect by discussing the role of service providers in information society and the relationship between users, service providers and the government.