The US government, and governments around the world, are increasingly using Google as a key surveillance tool. That's the implication of Google's latest Transparency Report, although it's not obvious how concerned individuals or businesses should be of official snooping.
According to Google, the trend is clear:
Government surveillance is on the rise... Government demands for user data have increased steadily since we first launched the Transparency Report. In the first half of 2012, there were 20,938 inquiries from government entities around the world. Those requests were for information about 34,614 accounts.
The number of inquiries has risen by around 37 percent since the first Transparency Report was issued, as recently as 2009.
If it's a global issue, the US government is at least in the forefront. Brazil, France, Germany, and the United Kingdom each generated more than 1,000 government-related requests for user data. India was more inquisitive, with 2,319 requests. The US issued almost as many requests as those countries put together: 7,969.
It also led the charge when it came to requesting the removal of content from Google, with a total of 273 removal requests, including court orders.
Before completely despairing of user privacy, it's worth putting these figures in context. Google claims to have more than 400 million Gmail users alone. If the total number of Google accounts is, say, half a billion, then your chances of being subject to a request for user data is still only 25,000 to one.
On the one hand, Google isn't entirely playing government stooge. It has complied with steadily fewer requests for removal of content, with the current rate running at around 50 percent. On the other hand, Google is rarely refusing requests for user data: 90 percent of requests issued by the US government were successful.
The dramatic backdrop to these dry statistics is, of course, the David Petraeus affair. The latest reports say that Petraeus and Paula Broadwell shared a Gmail account. Petraeus would write drafts of emails; Broadwell would log into the same account, read the drafts, and compose drafts in reply. They never needed to send emails to each other.
A smart ploy, on the face of it, but easily cracked once the FBI started to follow the trail of her IP addresses. What's more, the government has taken the position that draft emails do not count as in "electric storage" with a communication provider, and do not require a warrant to obtain. The ACLU has laid out, in some detail, the likely route by which the FBI tracked down Petraeus and Broadwell's phantom correspondence.
Of course, most of us lead lives of much less interest to government authorities. For enterprises, the concern should probably be less about spying, and more about negligence. If Google, Microsoft, or Amazon complies with an agency's request to hand over enterprise data, what becomes of it? Is it securely protected in the hands of law enforcement? Is it securely disposed of once the investigation is over? If it's obtained without a warrant, will you even know that your data is being examined?
These are just further questions for individuals and organizations to consider before committing sensitive and confidential information to what is, in effect, the cloud.
— Kim Davis , Community Editor, Internet Evolution