AT&T Says Its Voluntary Sharing of Customer Data Is Classified
Back in October, I wondered whether companies would be able to claim they had chosen not to participate in CISA’s voluntary data sharing in their transparency reports. While CISA prohibits the involuntary disclosure of such participation, I don’t know that anything prohibits the voluntary disclosure, particularly of non-participation.
A related question is playing out right now over a shareholder resolution filed by Arjuna Capital asking AT&T to reveal its voluntary sharing with law enforcement and intelligence agencies.
The resolution asks only for a report on sharing that is not legally mandated, and exempts any information that is legally protected.
Resolved, shareholders request that the Company issue a report, at reasonable
expense and excluding proprietary or legally protected information, clarifying the
Company’s policies regarding providing information to law enforcement and
intelligence agencies, domestically and internationally, above and beyond what is legally required by court order or other legally mandated process, whether and how
the policies have changed since 2013, and assessing risks to the Company’s finances
and operations arising from current and past policies and practices.
AT&T has asked the SEC for permission to ignore this resolution based, in part, on the claim that its voluntary cooperation would be a state secret that requires AT&T to effectively Glomar its own shareholders.
The Sidley Austin opinion cites the Espionage Act for its claim that this information is a state secret. It also pretends this is all about the NSA, when FBI and DEA play a critical role in some of the surveillance AT&T is believed to willingly participate in.
The resolution doesn’t seem to include any question specifically addressing OmniCISA participation, though it was written before final passage of OmniCISA last month.
The response from AT&T raises interesting questions about whether a telecom (or other electronic communications service provider) can be obligated for voluntary activity.
cisa – shit-on-a-shingle served up to americans as a midnight snack by their congressional leaders.
If I were an investor or shareholder of a company that blew me away that easily, I think I would “voluntarily” move my money elsewhere as fast as possible.
.
If I were a customer I’d be gone even faster.
They might as well admit that they DO offer such information “above and beyond what is legally required”, otherwise, why all the money spent on the Sidley Austin opinion?
By the way, Sidley Austin was the firm which, headed by partner (and friend of George Tenet) David Hoffman, undertook the big investigation into APA’s role in the Torture scandal. The Sidley/Hoffman report was a limited hangout that burned some APA bureaucrats and criticized DoD connections, while whitewashing other connections to CIA and FBI. The raw material of the investigation produced some fascinating data, but the headlines were meant to seal the narrative that the torture was all the result of Mitchell, Jessen, and a small coterie of n’er-do-wells.
So, seeing Sidley cover for FBI again is not a surprise. I did write about the limited hangout here: http://valtinsblog.blogspot.com/2015/11/top-us-psychologist-admits-he-met-with.html#.VpgAEK876rU
Meanwhile, thanks so much for your invaluable dissection of all this privacy fol-de-rol!
If this reasoning is accepted it would completely decimate the idea that shareholders are the actual “owners” of a company.
.
Data sharing is, after all, a business decision and if the argument goes that the shareholders cannot have a say in such a critical decision then what are they?