Facebook and Twitter's user privacy efforts crushed by new government legislation

Facebook and Twitter's attempts to champion user privacy are being undermined by the intelligence community and UK government following new proposals to jail employees who tip off users that their data has been requested.

Under the new offense employees of any communication service provider can be jailed for up to two years for informing a user that security services or law enforcement authorities has requested their data.

The move hampers ongoing attempts by Facebook, Twitter and several other social network and technology companies to assure members that their information is secure and that they will be told if any government agency is monitoring them.

In October the Facebook launched an alert tool that notifies users if it thinks their account is being monitored by a national government agency. Twitter meanwhile has a policy of notifying users of requests for account information, “which includes a copy of the request, prior to disclosure, unless we are prohibited from doing so”. The company also says that it provides “post-notice to affected users when prior notice is prohibited”.

Security services are understood to be infuriated by the practice which they say is compromising their investigations.

David Anderson, the independent reviewer of terrorism legislation, suggested in his June report reviewing investigatory powers that technology companies were “increasingly uncomfortable” with data requests, to the point that they “may well show a preference . . . to protect customers’ privacy rather than co-operate with governments”. He was told by one unnamed technology company that its priority was “our brand, not UK intelligence”.

The new criminal offence for tipping off suspects is contained within an impact assessment that was published alongside the draft Investigatory Powers Bill in November.

The document says that the law “will ensure that a communication service provider does not notify the subject of an investigation that a request has been made for their data unless expressly permitted to do so”.

Unlike current practices communication providers would only be permitted to tip off their customers “where the public authority is content for them to do so”.

Facebook and Twitter have yet to comment on the proposed offence.