Governments continue to ask Google for more data about its users, with more than two-thirds of requests in the U.S. made through a subpoena, which usually doesn't require asking a judge for a search warrant.
User data requests of all kinds have increased by more than 70 percent since 2009, Google said in its biannual "transparency report" that tallies government requests for users' data. For the six months from July through December 2012, the company said it has received about 21,389 information requests for some 33,634 users -- up slightly from 20,938 requests for 34,615 users during the first half of the year.
For the first time, Google disclosed the types of legal process that government entities used to acquire the data. Sixty-eight percent of the 8,438 data requests in the U.S. were done through subpoenas. These types of requests were for user-identifying information issued under the Electronic Communications Privacy Act, and subpoena requests are the easiest to get because they typically don't require a judge's review, Google said.
"It's admirable that Google is now breaking the data down in a more specific way," said Trevor Timm, a blogger and activist with the Electronic Frontier Foundation, a digital civil liberties group. But he added that he was still troubled by the trend.
"This confirms that the United States is ever increasingly conducting types of Internet surveillance without warrants," he said.
John Simpson, a consumer advocate with Consumer Watchdog, agreed. "I am alarmed by the number of government requests and concerned that so many are done with merely a subpoena," he said. "A warrant should be required."
Sixty-six percent of the total data requests over the past six months led to the release of some data, according to the report.
Meanwhile, 22 percent of the data requests in the U.S. were through ECPA search warrants, which are issued by judges based on a demonstration of probable cause that information related to a crime could be found in the data, Google said.
The remaining 10 percent of requests were performed via court orders by judges or through other processes that are difficult to categorize, Google said. Most of the requests, Google said, pertain to criminal investigations, and the requests can come from multiple government agencies, including local and national police forces.
EFF's Timm said the U.S. subpoena requests are probably for metadata such as email headers, timestamps and contact lists, rather than email content.
"But that information can be just as intrusive and violate someone's reasonable expectation of privacy," he said.
For the second half of 2012, the United States maintained its strong lead as the country responsible for the most government data requests to Google with 8,438 -- up 6 percent from 7,969 requests during the first six months of the year. Trailing behind in second place, by a significant amount, was India, with 2,431 requests. The smallest number of requests during the past six months came from Denmark, with 34.
Google has been disclosing government data request figures since 2010.
Though the report primarily covers criminal matters, Google said it cannot be sure that a request relates to a criminal investigation. For example, the report would also include, say, an emergency request from a government public safety agency seeking information to save the life of a person in peril even though there may not be a criminal investigation involved.
Google noted that it may refuse to produce information or try to narrow the request in some cases. "Whenever we receive a request we make sure it meets both the letter and spirit of the law before complying," the company said.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.