Data Privacy Day is recognized every year on January 28 in the US, Canada, and many EU countries (27, according to Wikipedia). In honor of Data Privacy Day 2013, Google SVP and Chief Legal Officer David Drummond wrote for the official Google blog about how Google handles government requests for data. We're reposting the text from his post, Google's approach to government requests for user data.
Today, January 28, is Data Privacy Day, when the world recognizes the importance of preserving your online privacy and security.
If it's like most other days, Google—like many companies that provide online services to users—will receive dozens of letters, faxes and emails from government agencies and courts around the world requesting access to our users' private account information. Typically this happens in connection with government investigations.
It's important for law enforcement agencies to pursue illegal activity and keep the public safe. We're a law-abiding company, and we don't want our services to be used in harmful ways. But it's just as important that laws protect you against overly broad requests for your personal information.
To strike this balance, we're focused on three initiatives that I'd like to share, so you know what Google is doing to protect your privacy and security.
First, for several years we have advocated for updating laws like the U.S. Electronic Communications Privacy Act, so the same protections that apply to your personal documents that you keep in your home also apply to your email and online documents. We’ll continue this effort strongly in 2013 through our membership in the Digital Due Process coalition and other initiatives.
Second, we'll continue our long-standing strict process for handling these kinds of requests. When government agencies ask for our users’ personal information—like what you provide when you sign up for a Google Account, or the contents of an email—our team does several things:
- We scrutinize the request carefully to make sure it satisfies the law and our policies. For us to consider complying, it generally must be made in writing, signed by an authorized official of the requesting agency and issued under an appropriate law.
- We evaluate the scope of the request. If it's overly broad, we may refuse to provide the information or seek to narrow the request. We do this frequently.
- We notify users about legal demands when appropriate so that they can contact the entity requesting it or consult a lawyer. Sometimes we can’t, either because we’re legally prohibited (in which case we sometimes seek to lift gag orders or unseal search warrants) or we don’t have their verified contact information.
- We require that government agencies conducting criminal investigations use a search warrant to compel us to provide a user's search query information and private content stored in a Google Account—such as Gmail messages, documents, photos and YouTube videos. We believe a warrant is required by the Fourth Amendment to the U.S.Constitution, which prohibits unreasonable search and seizure and overrides conflicting provisions in ECPA.
And third, we work hard to provide you with information about government requests. Today, for example, we've added a new section to our Transparency Report that answers many questions you might have. And last week we released data showing that government requests continue to rise, along with additional details on the U.S. legal processes—such as subpoenas, court orders and warrants—that governments use to compel us to provide this information.
We're proud of our approach, and we believe it’s the right way to make sure governments can pursue legitimate investigations while we do our best to protect your privacy and security.
Posted by David Drummond, Senior Vice President and Chief Legal Officer
No comments :
Post a Comment