Risk
10/26/2011
06:39 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Google Says Government Requests For Data Rising

Demands for user information, content changes increase, though Google says that's to be expected with a growing number of users.

Government requests for Google user data continue to rise in the United States, at a rate slightly higher than in the three previous six-month reporting periods. Google began tracking efforts to obtain its user data in the second half of 2009.

"The increase isn't surprising, since each year we offer more products and services, and we have a larger number of users," Google said on Tuesday in its biannual Transparency Report.

There were 5,950 user data requests from January through June 2011. That's an increase of more than 29% compared to the 4,601 user data requests recorded in the July through December 2010 period. Comparing the second half of 2010 to the first half of that year, when 4,287 data requests were received, the rate at which data requests increased was only 7%.

Google complied with 93% of data requests during the first half of 2011. During the previous six-month reporting period, that figure was 94%.

[Google has a long history of pushing back against government demands for information. Read Justice Department Subpoenas Reach Far Beyond Google.]

Requests from U.S. officials for the removal of content on Google-operated websites also increased compared to the previous reporting period, rising from 54 in the second half of 2010, to 92 in the first half of 2011.

However, compared to the first two reporting periods, the number of removal requests declined: Google received 123 removal requests in the second half of 2009 and 128 in the first half of 2010.

The company took a harder line on content removal requests than on user data requests. It removed content in response to only 63% of removal requests during the first half of 2011, down from 87% during the second half of 2010.

Google says that the majority of the content removal requests it receives are from businesses or individuals and that it doesn't include such requests in its figures. It also notes that its figures are not necessarily comprehensive, due to omissions when requests are made.

In addition, laws like the Patriot Act may forbid disclosure of information requests in certain circumstances. Some countries like China make it illegal to disclose details about government information requests, so Google is also limited in what information it can lawfully provide.

In a blog post, Google senior policy analyst Dorothy Chou called for the modernization of laws like the 1986 Electronic Privacy Communications Act, which regulates government access to user information, and asked for help with the OpenNet Transparency Project, a project that aims to provide a standardized format for companies to disclose government information requests.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Bprince
50%
50%
Bprince,
User Rank: Ninja
10/28/2011 | 12:19:40 AM
re: Google Says Government Requests For Data Rising
Very interesting. I'm curious what the basis of the requests for user data were.
Brian Prince, InformationWeek contributor
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6335
Published: 2014-08-26
The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x before 6.2.5.3, 6.3.x before 6.3.2, 6.4.x before 6.4.2, and 7.1.x before 7.1.0.3 on Linux and AIX, and 5.x and 6.x before 6.1.5.6 on Solaris and HP-UX, does not preserve file permissions across backup and ...

CVE-2014-0480
Published: 2014-08-26
The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a // (slash slash) in a URL, which triggers a scheme-relative URL ...

CVE-2014-0481
Published: 2014-08-26
The default configuration for the file upload handling system in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 uses a sequential file name generation process when a file with a conflicting name is uploaded, which allows remote attackers to cause a d...

CVE-2014-0482
Published: 2014-08-26
The contrib.auth.middleware.RemoteUserMiddleware middleware in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3, when using the contrib.auth.backends.RemoteUserBackend backend, allows remote authenticated users to hijack web sessions via vectors relate...

CVE-2014-0483
Published: 2014-08-26
The administrative interface (contrib.admin) in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not check if a field represents a relationship between models, which allows remote authenticated users to obtain sensitive information via a to_field ...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.