Transparency Report: Shedding more light on National Security Letters

Our users trust Google with a lot of very important data, whether it’s emails, photos, documents, posts or videos. We work exceptionally hard to keep that information safe—hiring some of the best security experts in the world, investing millions of dollars in technology and baking security protections such as 2-step verification into our products.

Of course, people don’t always use our services for good, and it’s important that law enforcement be able to investigate illegal activity. This may involve requests for personal information. When we receive these requests, we:

  • scrutinize them carefully to ensure they satisfy the law and our policies;
  • seek to narrow requests that are overly broad;
  • notify users when appropriate so they can contact the entity requesting the information or consult a lawyer; and
  • require that government agencies use a search warrant if they’re seeking search query information or private content, like Gmail and documents, stored in a Google Account.

When conducting national security investigations, the U.S. Federal Bureau of Investigation can issue a National Security Letter (NSL) to obtain identifying information about a subscriber from telephone and Internet companies. The FBI has the authority to prohibit companies from talking about these requests. But we’ve been trying to find a way to provide more information about the NSLs we get—particularly as people have voiced concerns about the increase in their use since 9/11.

Starting today, we’re now including data about NSLs in our Transparency Report. We’re thankful to U.S. government officials for working with us to provide greater insight into the use of NSLs. Visit our page on user data requests in the U.S. and you’ll see, in broad strokes, how many NSLs for user data Google receives, as well as the number of accounts in question. In addition, you can now find answers to some common questions we get asked about NSLs on our Transparency Report FAQ.

You'll notice that we're reporting numerical ranges rather than exact numbers. This is to address concerns raised by the FBI, Justice Department and other agencies that releasing exact numbers might reveal information about investigations. We plan to update these figures annually.

(Cross-posted on the Public Policy Blog)

Transparency Report: What it takes for governments to access personal information

Today we’re releasing new data for the Transparency Report, showing that the steady increase in government requests for our users’ data continued in the second half of 2012, as usage of our services continued to grow. We’ve shared figures like this since 2010 because it’s important for people to understand how government actions affect them.

We’re always looking for ways to make the report even more informative. So for the first time we’re now including a breakdown of the kinds of legal process that government entities in the U.S. use when compelling communications and technology companies to hand over user data. From July through December 2012:
  • 68 percent of the requests Google received from government entities in the U.S. were through subpoenas. These are requests for user-identifying information, issued under the Electronic Communications Privacy Act (“ECPA”), and are the easiest to get because they typically don’t involve judges.
  • 22 percent were through ECPA search warrants. These are, generally speaking, orders issued by judges under ECPA, based on a demonstration of “probable cause” to believe that certain information related to a crime is presently in the place to be searched.
  • The remaining 10 percent were mostly court orders issued under ECPA by judges or other processes that are difficult to categorize.

User data requests of all kinds have increased by more than 70 percent since 2009, as you can see in our new visualizations of overall trends. In total, we received 21,389 requests for information about 33,634 users from July through December 2012.

We’ll keep looking for more ways to inform you about government requests and how we handle them. We hope more companies and governments themselves join us in this effort by releasing similar kinds of data.

One last thing: You may have noticed that the latest Transparency Report doesn’t include new data on content removals. That’s because we’ve decided to release those numbers separately going forward. Stay tuned for that data.