Now Reading
Google defies law enforcement, demands warrants for user data

From the archive: This story is more than 10 years old.

Google defies law enforcement, demands warrants for user data

  • Google

Google's biannual Transparency Report was released on Wednesday, detailing the requests law enforcement agencies worldwide make to Google asking for private user data.

For the first time, Google's report included a breakdown of the legal process used by U.S. law enforcement agencies to compel companies to hand over user data.  

Google is now demanding that U.S. law enforcement agencies present probable cause search warrants to access user data from Gmail and Google Drive accounts.

The demand for search warrants would defy the Electronic Communications Privacy Act (ECPA) that enables U.S. law enforcement agencies to obtain data that is more than 180 days old with only a subpoena instead of requiring a search warrant that demonstrates probable cause.

"In order to compel us to produce content in Gmail we require an ECPA search warrant," Google spokesperson Chris Gaither told Ars Technica.

"If they come for registration information, that's one thing, but if they ask for content of e-mail, that's another thing."

According to the report, 68 percent of data requests made by U.S. law enforcement agencies were through subpoenas issued under the ECPA, to obtain user identifying information. Subpoenas are the preferred method for law enforcement agencies since they are the quickest way to gain access to user data and do not require the approval of a judge. 

Only 22 percent of requests for user data were made by presenting probable cause search warrants. For the most part, ECPA search warrants are issued by a judge when law enforcement agencies present sufficient evidence for probable cause showing that the information requested is related to a crime.

"User data requests of all kinds have increased by more than 70 percent since 2009, as you can see in our new visualizations of overall trends. In total, we received 21,389 requests for information about 33,634 users from July through December 2012," read the report.

In keeping with years past, the U.S. accounted for the largest number of information requests in the second half of 2012 with over eight thousand attempts to obtain user data. Google complied with 88 percent of those requests affecting almost 15 thousand different user accounts.

India made the second largest number of requests, followed by the UK, France and Germany. 

The ECPA is a law that was enacted in the late eighties, a time when email was not widely used and also not stored on servers for the length of time it is today. During that time, emails left on servers for more than six months was assumed to have been forgotten and left, giving law enforcement the ability to obtain the data. 

The law is considered out-of-date by some lawmakers but a Senate Judiciary Committee attempted to update the legislation last year. Some lawmakers supported the attempt to amend a portion of the ECPA that enables law enforcement agencies to obtain email data without showing probable cause but the bill found little support in the US Senate.

This article originally appeared on GlobalPost.

Read more about

ecpa, google, internet, privacy

— 30 —

Top headlines

Best in Internet Exploder