March 3, 2014
This afternoon in San Francisco at the Internet and human rights conference Rightscon, OTI's policy director Kevin Bankston will be appearing on the panel "Transparency Reporting for Beginners", with a repeat performance on Friday at the SXSW interactive media conference in Austin, Texas.
Both panels will include policy experts and representatives from companies like Google, Dropbox, Tumblr, and CREDO Mobile, for a discussion about the history and future of transparency reporting. Kevin will be especially focusing on recent developments around the reporting of national security-related requests, and the need for clearer standards and best practices for companies to follow when designing their reports.
Just a few years ago, Google was the only Internet company issuing a transparency report. Post-Snowden, it seems everyone's getting into the game, even telcos like AT&T and Verizon. And there's a lot of diversity in how companies are reporting. Some of that diversity is good, leading to innovative features and new types of data being reported. Some of that diversity is not so good, to the extent there's a lack of clear standardization or best practices when it comes to what data gets reported, in what categories, and using what definitions. That makes it harder to do apples to apples comparisons of data, and also harder for companies who want to start transparency reporting but can't find a standard model or template to follow. So, with every new report from another company entering the transparency field, the wheel gets reinvented again and reporting practices splinter even more, and we're that much farther away from a meaningful standard.
It's time to solidify the best practice, to document it and popularize it, to stick a flag in the ground we've gained and hold it: not just in the realm of surveillance reporting, which has gotten all the attention since Snowden, but also reporting related to content takedowns. OTI is beginning the process of doing that work, in consultation with companies and allied organizations, and in advance of this week's panels we are publishing a draft of what we're working on: the first in a series of memos on transparency reporting best practices. The first draft memo in our "Transparency Reporting for Beginners" series focuses on a key question when it comes to reading or creating a transparency report: how do different companies' reports categorize and define the different types of government demands for data that they receive, and whose reports do it best?
The memo -- which doubles as a quick intro to the laws that regulate government access to your Internet and telephone communications and data -- surveys how all of the major US companies' transparency reports categorize and define different types of government demands, provides a handy chart showing how all the different companies' practices line up, and concludes that Google and Verizon's reports represent the current best practice on this issue.
We're hoping to finalize this memo in coming weeks and start working on the next in the series soon, but wanted to make sure that attendees of Rightscon and SXSW have access to the work we've done so far as we start identifying and documenting standards and best practices for the transparency reporting field. We look forward to hearing feedback from the companies, advocates, and users in attendance at those conferences about what their ideal transparency report looks like!