It has been several months since we last saw a transparency report from Dropbox, however there has been an update. Dropbox has said they have filed a legal brief asking the court to allow them to report the number of national security requests they receive, which for those unfamiliar, is something that is not allowed (in any detail) at the moment.
As for the current state of the transparency reports, Dropbox (and others) are allowed to share details in terms of how many requests they receive for user information provided they are not national security requests. As an example, Dropbox claimed 87 such requests for 2012 of which those dealt with 164 accounts. The response rate for those was 82 percent. Anyway, this latest legal brief has been filed as an amicus brief with the Foreign Intelligence Surveillance Court.
The filing is in support of other motions filed by Google, Microsoft, Yahoo and Facebook and is “seeking the Court’s permission to publish the number of national security requests they have received and the number of users affected by those requests.” The filing goes on to mention that “Dropbox has an interest in these motions because the government has told Dropbox that it isn’t allowed to publish exactly how many national-security requests, if any, it receives.”
The filing calls the “proposed gag order” a violation of the First Amendment and claims that it “interferes with both the public’s right to obtain truthful information about a matter of substantial public debate and service providers’ rights to publish such information.”
At present companies are able to publish details in terms of the number of national security requests, however those numbers must be rounded to the nearest 1,000. The filing then goes on to mention how if Dropbox “received just one national-security request during that period, and had it wished to include that single request in its report” it would be listed as 1-1,000. In regards, Dropbox says this actually decreases transparency and sheds almost no light on the data requests and could actually lead some to believe that many more requests had been received.
Given the current rules, Dropbox has opted to not include details on national security requests and has said this is bad for the public. Of course, all of this having been said, this is still a newly filed brief and at the time the only solid bit we have is the promise that Dropbox plans to “keep you updated about any developments.”