Google received more government requests for user data in the first half of this year than ever before. It also admits it’s significantly underreported the number of non-US accounts targeted by US intelligence.
Google’s latest Transparency Report covering January to June 2017 shows once again it’s the go-to firm when governments need data on people.
Due the breadth of Google’s services, this data could include your Gmail messages, documents and photos you’ve saved on Google services, and videos on YouTube
During the period, Google received 48,941 requests for data from 83,345 accounts and produced user information for 65 percent of requests. This time last year it received 44,943 requests from 76,713 accounts.
About half the requests come from the US government. Other major sources of requests include Germany, France, and the UK. Many countries in the report have made fewer than 10 requests.
The report doesn’t show US national security requests made under the Foreign Intelligence Surveillance Act (FISA) for the current period. Using Section 702 of the FISA Amendment Act of 2008, agencies like the NSA can force Google to hand over content from non-US citizens for foreign intelligence purposes.
Current figures are subject to a six-month delay. However, Google has revised upwards the number of accounts affected by these requests, which have been significantly underreported for the past three years.
In January 2016 to June 2016, for example, Google originally said there were 500-999 requests for 18,500 to 18,900 accounts. In fact the 500-999 requests were for 25,000 to 25,499 accounts.
Account figures were revised upwards for all periods to the first half of 2014. It also over-reported account figures in the second half of 2010.
Apple yesterday also revealed the scale of the government requests it faced in the first half of 2017, which do include FISA requests for the current period.
It received between 13,250 and 13,499 national security orders, affecting between 9,000 and 9,249 accounts. In the corresponding period last year it only received up to 2,999 orders. Apple also received 30,814 requests for access to 233,052 devices.
Google is lobbying for changes to key laws that enable law enforcement around the world to request user data. In the US, it’s asked for the definition of foreign intelligence information under Section 702 FISA to be narrowed if and when it’s reauthorized.
It’s also campaigning for reforms to processes under mutual legal assistance treaties (MLATs) between nations, and the US Electronic Communications Privacy Act (ECPA).
Google has previously argued that MLAT processes are too slow, and wants other countries to be able use ECPA to access data from US providers, so long as they commit to baseline privacy, due process, and human rights principles.
“Providing a pathway for such countries to obtain electronic evidence directly from service providers in other jurisdictions will remove incentives for the unilateral, extraterritorial assertion of a country’s laws, data localization proposals, aggressive expansion of government access authorities, and dangerous investigative techniques,” wrote Richard Salgado, Google’s director of Law Enforcement and Information Security.
“These measures ultimately weaken privacy, due process, and human rights standards.”
Previous and related coverage
Context is everything, and raw data demands don’t tell the full story.
Device and requests went down, but secret and classified orders spiked by more than three-fold.
More on Google and security
- Google: Here’s why we’re putting all our top-level domains on forced HTTPS list
- Google isn’t violating copyright, says court, even if its thumbnails are of pirated photos
- Dirty Cow vulnerability discovered in Android malware campaign for the first time
- Google’s Project Zero fuzzed top browsers for bugs: Safari users won’t like the results
- Google rolls out Android zero-touch enrollment for the enterprise