Google Says Government Requests For User Data Hit Record High During 2015
Google has just reported that there were over 40,000 request for user data from the government between June and December 2015. Requests for user data has steadily increased since 2009, however this was the highest number yet.
Google admitted that this number was not comprehensive. For example, the same Gmail account may be specified in several different requests for user information. Google also might receive a request for a user for account that does not exist at all. It believes that these discrepancies do balance out. The statistics do cover all government entities that request user data.
What exactly is this data and how do governments obtain it? The Director of the FBI or a senior FBI designee must provide a written certification that demonstrates the information requested is “relevant to an authorized investigation to protect against international terrorism or clandestine intelligence activities.” This results in a National Security Letter or NSL. The FBI can seek “the name, address, length of service, and local and long distance toll billing records” of a Google subscriber.
The government cannot, however, obtain anything else from Google, such as Gmail content, search queries, YouTube videos or user IP addresses. The FBI is required to report how they use NSL’s to Congress biannually. The U.S. Department of Justice also regularly audits how the FBI uses NSL’s.
Google has actively worked in the past year to strengthen the privacy of its users. President Obama, with the support of Google, signed the Judicial Redress Act into law earlier this year. The law creates a process for extending procedural protections under the Privacy Act of 1974 to non-U.S. citizens. The law also helps non-U.S. citizens to address any grievances they might have concerning data collected by the United States government.
Many of the privacy laws that have recently been implemented were inspired by the Snowden scandal. Google has been working to ensure that government surveillance activity is clearly restricted by law, proportionate to the risks, transparent and subject to independent oversight. Although requests for data have increased, they are more subject to scrutiny and legal procedures.