Google: government user info requests spike sharply in 2012

Google received nearly 21,000 requests for access to its user data in the first six months of 2012
Google received nearly 21,000 requests for access to its user data in the first six months of 2012

Google’s Dorothy Chou, senior policy analyst at the internet juggernaut, said in a blog post that the company is striving to “shine a light on how government actions could affect our users.”  

The search engine’s Transparency Report details the number of information requests from governments by country. Like other technology and communications companies, Google regularly receives requests from government agencies and courts around the world to hand over user data, and the report publishes information in six-month chunks.

Google launched the program in 2010, when “there wasn’t much data out there about how governments sometimes hamper the free flow of information on the web,” Chou said. Now, it is able to identify key trends. “This is the sixth time we’ve released this data, and one trend has become clear: Government surveillance is on the rise,” Chou noted. “Government demands for user data have increased steadily since we first launched the Transparency Report. In the first half of 2012, there were 20,938 inquiries from government entities around the world. Those requests were for information about 34,614 accounts.”

That compares with just 15,744 requests from the previous year.

After the US, where 90% of the requests were granted, India came in at No. 2 with 2,319 requests, followed by Brazil (1,566), France (1,546), Germany (1,533) and the UK (1,425).

“It’s no surprise that most requests for data come from the US,” said Matthew Finnie, CTO of cloud services company Interoute, in an email. “The Patriot Act is a clear indicator of how the US sees data ownership. But for businesses across Europe this should give them cause to think what lessons there are for them.”

To wit, they should know where their data is and who is requesting it. For instance, in this era of the cloud, how many businesses really know exactly where and in which country their data is being stored when they outsource it? This is an increasing drumbeat of a question as companies continue to move to a “Big Data” world of storing information off-site in large data centers that can’t provide total transparency.

“European businesses should be using European cloud and hosting providers that guarantee complete transparency on where data is at all times,” Finnie advocates. “This will also help organizations adhere to the local compliance and governance regulations that ensure secure data protection.”

It’s not just user information that is at stake. Government entities often ask Google to take down content. An example is the “Innocence of Muslims” video that sparked violence across the Middle East during the summer. Google was petitioned by a number of governments – including the US, where it was denied – to remove the video for violating local laws or amid fears that the violence would spread.

This type of activity is on the rise as well. “The number of government requests to remove content from services was largely flat from 2009 to 2011. But it’s spiked in this reporting period,” Chou said. “In the first half of 2012, there were 1,791 requests from government officials around the world to remove 17,746 pieces of content.”

Chou added that Google sometimes receives falsified court orders asking it to remove content. “We do our best to verify the legitimacy of the documents we receive, and if we determine that any are fake, we don’t comply,” she said.

It also doesn’t comply if the request is simply made in the name of censorship. For instance, the BBC reports that in one example from the UK, Google received a request from police to remove 14 search results that linked to sites “allegedly criticizing the police and claiming individuals were involved in obscuring crimes.” It declined to remove the content.

Google is hopeful that such transparency will spread to other companies that collect user data. “The information we disclose is only an isolated sliver showing how governments interact with the Internet, since for the most part we don’t know what requests are made of other technology or telecommunications companies,” Chou wrote. “But we’re heartened that in the past year, more companies like Dropbox, LinkedIn, and Twitter have begun to share their statistics too. Our hope is that over time, more data will bolster public debate about how we can best keep the Internet free and open.”

What’s Hot on Infosecurity Magazine?