Risk
10/26/2011
06:39 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%
Repost This

Google Says Government Requests For Data Rising

Demands for user information, content changes increase, though Google says that's to be expected with a growing number of users.

Government requests for Google user data continue to rise in the United States, at a rate slightly higher than in the three previous six-month reporting periods. Google began tracking efforts to obtain its user data in the second half of 2009.

"The increase isn't surprising, since each year we offer more products and services, and we have a larger number of users," Google said on Tuesday in its biannual Transparency Report.

There were 5,950 user data requests from January through June 2011. That's an increase of more than 29% compared to the 4,601 user data requests recorded in the July through December 2010 period. Comparing the second half of 2010 to the first half of that year, when 4,287 data requests were received, the rate at which data requests increased was only 7%.

Google complied with 93% of data requests during the first half of 2011. During the previous six-month reporting period, that figure was 94%.

[Google has a long history of pushing back against government demands for information. Read Justice Department Subpoenas Reach Far Beyond Google.]

Requests from U.S. officials for the removal of content on Google-operated websites also increased compared to the previous reporting period, rising from 54 in the second half of 2010, to 92 in the first half of 2011.

However, compared to the first two reporting periods, the number of removal requests declined: Google received 123 removal requests in the second half of 2009 and 128 in the first half of 2010.

The company took a harder line on content removal requests than on user data requests. It removed content in response to only 63% of removal requests during the first half of 2011, down from 87% during the second half of 2010.

Google says that the majority of the content removal requests it receives are from businesses or individuals and that it doesn't include such requests in its figures. It also notes that its figures are not necessarily comprehensive, due to omissions when requests are made.

In addition, laws like the Patriot Act may forbid disclosure of information requests in certain circumstances. Some countries like China make it illegal to disclose details about government information requests, so Google is also limited in what information it can lawfully provide.

In a blog post, Google senior policy analyst Dorothy Chou called for the modernization of laws like the 1986 Electronic Privacy Communications Act, which regulates government access to user information, and asked for help with the OpenNet Transparency Project, a project that aims to provide a standardized format for companies to disclose government information requests.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Bprince
50%
50%
Bprince,
User Rank: Ninja
10/28/2011 | 12:19:40 AM
re: Google Says Government Requests For Data Rising
Very interesting. I'm curious what the basis of the requests for user data were.
Brian Prince, InformationWeek contributor
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web