Security

Government snooping spikes in 2011: Google breaks it down

Patrick Lambert discusses the latest Google report on the number of user-data requests it receives from world governments. These requests spiked 29% in 2011.

Google has been publishing statistics on how many requests it receives from the various world governments for a couple of years now. These requests fall into two categories. In the first case they asked Google to divulge user information, such as their personal contact information, or what they did using Google's services. In the second case, they asked Google to remove pieces of content from their services. Google is the only major company to publish data about the requests they get, and they do so every six months. The last report, published last week, reveals that in the first six months of 2011, these requests went up 29%.

The information shows things like 757 items being requested to be removed by the US Government, 646 by South Korea, 121 by China, and so on. Then, Google says how many of these requests it complied with. In some cases, like for the US, they specify how many were for copyright issues, defamation, and so on. They also divide the requests by service, such as YouTube, Blogger, AdWords, and so on. When it comes to obtaining user data, the numbers are even more impressive. The various United States government entities asked for information on 11,057 users or accounts. Google complied with 93% of those. The second highest number is India, with 2,439 requests. In that case, the company complied with 70%.

Not everything is shown by the Google transparency report. For example, in many cases data is omitted when the company isn't allowed to talk about it. Also, when the number of requests was low, they may have been omitted entirely. The overall stats show which countries are more likely to censor versus those who aren't. They also show which services are most likely to cause issues with governments. Private parties however are not part of this report, so when a company such as a music label asks to remove content from YouTube, that isn't included.

The very fact that Google publishes these stats is an anomaly. No other large company does, even though they certainly receive requests as well. We know, for example, that all four major cellphone carriers in the U.S. have web portals that law enforcement and government officials can use to get user information. But there's no indication from them how many requests they receive, if they review them, or if they comply with all of them. Google is part of a group called the Due Process Coalition, a group that attempts to bring reforms to U.S. laws that allow broad, warrantless tapping of information by government officials. Yet, none of the other members of this group, such as AOL, AT&T, Facebook, or Microsoft, publish any such transparency information.

Then, there's the so-called National Security Letters. Those are the letters that the FBI can send to anyone, asking for information about anything, without a warrant. These letters almost always come with a gag order as well, so the party who receives it cannot talk about it. The FBI issues over 50,000 such letters every year, and those cannot be part of any transparency report, since their very existence is kept secret. While they are supposed to be used in drug or terrorism cases, it's long been suspected that they are being widely abused, and used for cases with nothing to do with national security. The Department of Justice confirmed that, indeed, this was the case.

Of course, it's easy for U.S. citizens to feel that the Government has powers that are too broad, and with the sharp increase in requests to Google, and presumably the same being true for all other corporations, this may well be. But in some ways, it's even worse for non-U.S. citizens. While there are some checks and balances for what kind of data the government can get on U.S. citizens, when it comes to traffic from other countries that come into the US, the door is wide open. Ever since it was first exposed, it's now no secret that the NSA looks at every piece of data that comes from what it believes are non-U.S. citizens, using racks of servers to analyze the data, regardless if it's a potentially criminal, or just an email exchange between a business and its client.

Feeling paranoid yet?

There are many ways people can reverse the tide, if they so choose. The first is awareness. The spread and broad scope of those data mining practices have to be exposed, and Google is so far the only large entity to do so. Then, open source, backdoor-free encryption has to become universal, easily integrated into every site and every computer, so that all online traffic becomes free from potential abuse. On the political stage, reforms have to be passed as well, although with globalization and differing laws between countries, it's hard to get everyone to agree on what is right, and what the laws should say.

Still, IT pros have a lot of say in this. If a site supports SSL, there's no reason it can't force clients to switch to SSL connections whenever possible. If your corporation makes mobile apps, care should be taken so that these apps use data efficiently and securely. When laptops or portable devices such as smartphones are provided to employees, encryption with plausible deniability should be the default behavior, not only to protect important corporate data, but also any kind of abusive search, by anyone.

The point is that Governments and law enforcement have good reasons to hunt down data to solve crimes and catch criminals - a job that the justice system is set up to do; the court system is what is set up to prevent abuse. Whether government snooping goes too far by mistake, or deliberate action, it's easy to get outraged by overzealous government officials. But they only do it because technology makes it easy for them to do so, using packet sniffers and high capacity routers. It's up to people like us, those who work in technology, to create balances for that.

About

Patrick Lambert has been working in the tech industry for over 15 years, both as an online freelancer and in companies around Montreal, Canada. A fan of Star Wars, gaming, technology, and art, he writes for several sites including the art news commun...

8 comments
mwclarke1
mwclarke1

As mentioned, any background type of checks usually will require a release of information by the party being investigated and no warrant necessary. My opinion is that everything against a US citizen by any US related government entity should 100 percent require a warrant with good cause terrorism or not! Not hard to get a warrant if have good reason for it. The US was founded by certain principles of freedoms, rights, liberties that everyone has and the constitutional was ratified by the states to be a protector of those rights, freedoms and liberties, which should trump all else, with the exception if violating others same rights, this should be the litmus test to all US laws, and why I feel more than not many federal laws and many state laws are actually unconstitutional. Just because a bunch of idiots who we hire to do a job thinks is good idea to pass a law does not mean it is right. We need term limits to congressional members and I think it is time to revoke the lifetime membership of supreme court justices, so the incompetent idiots there can be ousted also.We keep heading down a dangerous road giving up more freedoms for the sake of some other justification and one day we will no longer be able to write comments like these as will be an act of terrorism too! Only thing US government should be doing protection of overall rights , defense of our nations, and other more national strategic issues like national disasters that would be too over bearing for other lower government entities to bear.

mkogrady
mkogrady

The heart and soul of the American Voter is a statistic that many governments and our political parties would like to have statistical data on I bet. Does Google actually publish WHO they sell data to?

mckinnej
mckinnej

We tend to lump this all together under the nefarious term of "snooping", but some of these requests are for very valid reasons, like security clearance investigations. Internet behavior gives investigators better insight before they grant some faceless person the privilege to see our national secrets. Just something else to consider before breaking out the torches and pitchforks to storm the gates.

sboverie
sboverie

There is a need for independant oversight for governmental searches that sometimes turns into a fishing expedition against a target. The government justifies these searches as a means to combat terrorism; the searches are sometimes used against ordinary people who are not suspected of terrorism or support of terrorism. The FBI letter of security is too much of a blank check and there is too much coercive power to compel telecom and internet providers to turn over information about their customers. The justification of these means to prevent acts of terrorism is good on one hand but these means are also easy to abuse. It is said that J Edgar Hoover compiled information on politicians to use as leverage for his own agenda. A neutral oversight of these security requests would help prevent the abuse of an intrusive tool and keep the focus on the real threats against national security. Good that Google does provide information that shows the increasing interest in government requests.

gradkiss
gradkiss

I agree...it is good to be, first aware of what the situation is with government snooping, but it goes a bit further in requirement for the average individual...we all appear to be in this group...in warning everyone of this practice is from and does lead to other acts that are just as corrosive to anyone governed or overseen by the same government. An example is when Microsoft suddenly gave the NSA a back door to skype...and did so without any fuss...when there was a day anyone would have yelled...but instead found the brave ones forking another program or trying out another substitute in the free software foundation's catalog. You can tell everyone that the individuals that govern the uS commerce publishing emotional statements that in turn rally the New York Stock Market, have the Los Angeles Times in a Bankruptcy court too...imagine that...how could it have been me...with my factual statement equaling truth?

Lil ndn
Lil ndn

Amen, and thanks for reminding us; we've seen the enemy and its us! Keep the kites coming. Awareness and frequency are key for solutions. FTW, Freedom Thru Wisdom!

zhahai
zhahai

Nobody in the discussion is doubting that there exist legitimate requests - the entire issue is about the ease by which this power is abused, without accountability. So let's not so easily dismiss the well founded privacy and abuse concerns raised. Just by the way, a security clearance investigation does't require such high secrecy - the person being investigated to get a clearance generally knows and has agreed and provided information to assist the investigation so no warrant would be appopriate. So let's not confuse that in any way with secret warrantless and unconsensensual data gathering. Again, this latter has legitimate uses - but broad and unaccountable power has always led to abuses historically, so why should we expect otherwise this time?