WASHINGTON — The Obama administration says it will allow Internet companies to give customers a better idea of how often the government demands their information, but will not allow companies to disclose what is being collected or how much.

The new rules — which have prompted Google, Microsoft, Yahoo and Facebook to drop their respective lawsuits before the nation’s secret surveillance court — also contain a provision that bars start-ups from revealing information about government requests for two years.

Attorney General Eric H. Holder Jr. and James R. Clapper, director of national intelligence, said the new declassification rules were prompted by President Obama’s speech on intelligence reform earlier this month.

“Permitting disclosure of this aggregate data addresses an important area of concern to communications providers and the public,” Mr. Holder and Mr. Clapper said in a joint statement.

RELATED COVERAGE

Mark Pincus of Zynga and Marissa Mayer of Yahoo were among the technology companies executives who attended a meeting with President Obama at the White House in December.Bits Blog: Did Big Internet Companies Handicap Start-Ups in FISA Rule Changes?JAN. 27, 2014
Jay Carney, the White House press secretary. Members of policy teams of big tech companies like Google and Microsoft attended a policy meeting there Friday.Bits Blog: Tech Companies and White House Discuss Surveillance ReformJAN. 10, 2014
Tech Leaders and Obama Find Shared Problem: Fading Public TrustDEC. 17, 2013
Servers in a Google data center in Oregon. The company is tightening its networks against government spying.Tech Giants Issue Call for Limits on Government Surveillance of UsersDEC. 9, 2013
The companies’ dispute began last year after a former government contractor, Edward J. Snowden, revealed that F.B.I. and National Security Agency surveillance programs rely heavily on data from United States email providers, video chat services and social networking companies.

Launch media viewer
President Obama in December met with several technology company executives, including Mark Pincus of Zynga, Marissa Mayer of Yahoo and Sheryl Sandberg of Facebook. Gabriella Demczuk/The New York Times
“We filed our lawsuits because we believe that the public has a right to know about the volume and types of national security requests we receive,” a representative for Google, Microsoft, Yahoo and Facebook said in a joint statement. “While this is a very positive step, we’ll continue to encourage Congress to take additional steps to address all of the reforms we believe are needed.”

Privacy advocates, however, say the new rule will prevent the public from knowing if the government is snooping on an email platform or chat service provided by a young tech outfit.

Sometimes, F.B.I. agents demand data with administrative subpoenas known as national security letters. Other times, the Justice Department makes the demand under the authority of the surveillance court but without a specific warrant.

Either way, the justification is typically secret and companies are prohibited from saying much.

The companies wanted to be able to say how many times they received court orders, known as FISA orders, for the Foreign Intelligence Surveillance Act. The government opposed that.

Currently, they are allowed to disclose only the number of administrative subpoenas known as national security letters, but only in increments of 1,000. That made it impossible for users to know whether government agents grabbed data from their email provider once or 999 times.

Companies say that has hurt their businesses. Forrester Research projected the fallout from Mr. Snowden’s disclosures could cost the so-called cloud computing industry as much as $180 billion — a quarter of its revenue — by 2016.

Under the new agreement, companies will be able to disclose the existence of FISA court orders. But they must choose between being more specific about the number of demands or about the type of demands.

Companies that want to disclose the number of FISA orders and national security letters separately can do so as long as they publish only in increments of 1,000.

Or, companies can narrow the figure to increments of 250 if they lump FISA court orders and national security letters together.

The technology firms will be allowed to publish the information every six months, with a six-month delay. So data published at midyear would cover the last half of the previous year.

Companies will also be allowed to release the number of “selectors” — user names, email addresses or Internet addresses, for instance — that the government sought information about.

On Monday, Apple became the first technology company to amend its latest transparency report to reflect the new guidelines.




The Justice Department had endorsed the new rules months ago but intelligence officials argued they still revealed too much. But the new rule for start-ups persuaded intelligence officials, a United States official with knowledge of the discussions said. The Justice Department proposed the changes to the companies late last week and, by the end of the weekend, they agreed to drop their case before the FISA court.

Privacy advocates point out that the new rules still fall short of various proposals before Congress, including the Surveillance Order Reporting Act, a bill introduced by Zoe Lofren, Democrat of California, and several other bills proposed by both Democrats and Republicans.

“The bottom line is that this is a positive step forward but still falls short of proposals before Congress right now,” said Harley Geiger, a deputy director for the Center for Democracy and Technology. “It’s a good step, but a temporary step towards greater transparency.”

But Ladar Levison, the founder of Lavabit, a secure email service used by Mr. Snowden, said the new rules cast doubt on young companies and didn’t provide the information consumers really need.

“They could be ordered to turn over their source code to the government. A single request could cover 1,000 different user accounts,” Mr. Levison said. “Just simply disclosing the number of FISA court orders doesn’t tell you how pervasive the request is or how much information is being turned over.”