[sgrenfro]

Re: #2. Basically correct. Reporting a range that includes all requests, including those that can't be disclosed individually, is the best outcome we've been able to negotiate so far. Here's the answer in the FAQ:

Why did you report the numbers for the United States in ranges?

We have reported the numbers for all criminal and national security requests to the maximum extent permitted by law. We continue to push the United States government to allow more transparency regarding these requests, including specific numbers and types of national security-related requests. We will publish updated information for the United States as soon as we obtain legal authorization to do so.

[Cowen]

I didn't even see that part of the FAQ. That makes sense.

Thanks for making this. It's definitely better to have some data than none.

[quantumpotato_]

What confidence to we have that this data is true?

Is this something that could be verified with homomorphic encryption?

http://en.wikipedia.org/wiki/Homomorphic_encryption

[schoen]

No. If users send unencrypted data to a service provider, they can never use technical means to verify what the service provider does with the data. For example, suppose that some category of user data is automatically printed out on paper every night.

[quantumpotato_]

Right, of course. Thanks.

[o0-0o]

Is this data requested from the NSA by country of target, or data requested by these countries?

[sgrenfro]

Country here means the country making the request.