Google asks DOJ if it can release details on government data requests

The lack of information on FISA orders is fueling speculation, misperceptions Internet search giant says

Google has sent a letter to U.S. Attorney General Eric Holder and FBI director Robert Mueller seeking permission to disclose specific details about the information it is required to provide to the government in response to requests for user data from U.S. intelligence agencies.

The letter, by Google's chief legal officer David Drummond, is part of an attempt by the company to correct what it says are misperceptions about the nature of the data it provides under Foreign Intelligence Surveillance Act (FISA) orders.

"We have always made clear that we comply with valid legal requests," Drummond said in a blog post today. "Assertions in the press that our compliance with these requests gives the U.S. government unfettered access to our users' data are simply untrue."

A recent report published by The Washington Post had identified Google as one of nine Internet companies from whom the government is directly collecting user data under a secret program called PRISM.

The story described PRISM as an anti-terror effort under which the NSA and the FBI were intercepting data directly from servers at Google, Microsoft, Facebook, YouTube, Skype and other Internet companies.

Though details of PRISM program are new, the FBI and other intelligence agencies have in the past made no secret of their desire to monitor real-time traffic on Facebook and other sites for signs of terrorist activity. For example, in a request for information last year, the FBI said it was seeking technology that would help it quickly gather and analyze data posted on sites such as Facebook, Twitter and on blogs using simple keyword searches and phrases such as "bomb," "suspicious package," "white powder," "active shoot" and "school lock down."

The FBI has noted that such technology is vital to helping it monitor real-time communications by terrorists and suspected terrorists on these sites.

The Post report came just one day after The Guardian published a dramatic story about a secret NSA phone call records collection program. The stories have sparked considerable concern about extensive domestic surveillance by U.S. intelligence agencies.

Google, Facebook, Microsoft and the others have categorically denied that they have ever voluntarily provided any user data to the government. Though a slide from a classified document obtained by the Post appeared to show that the government was collecting user data directly from servers at these companies, all the firms named in the document have flatly denied this is happening.

The apparent disconnect between the information in the slides and the denials by the companies has fueled speculation on the nature of PRISM technology and how exactly it is being used.

In his letter, Drummond noted that Google has been able to do little to address the speculation because it is barred from speaking about the FISA requests it gets under government nondisclosure agreements.

FISA basically is a statute that gives broad authority for U.S. agencies to conduct surveillance -- including electronic wiretapping -- of people inside the U.S and overseas who are believed to pose a security risk to the country. A specially established, non-public court called the Foreign Intelligence Surveillance Court handles all government requests for search warrants under FISA. The court prohibits companies that receive its requests from disclosing any information about the requests.

Drummond noted that because of the NDA requirements, the company has been unable to talk about how many FISA requests it receives and the number of user accounts they cover.

"We therefore ask you to help make it possible for Google to publish in our Transparency Report aggregate numbers of national security requests, including FISA disclosures -- in terms of both the number we receive and their scope," Drummond said. "Google's numbers would clearly show that our compliance with these requests falls far short of the claims being made. Google has nothing to hide."

This is not the first time that Google has pushed the government on this issue. The company's quarterly Transparency Report already provides a detailed breakdown of all the user data requests it gets from U.S. law enforcement agencies in connection with various criminal investigations. The company has also begun publishing some broad details of the number of National Security Letters it gets for user data from the FBI.

"Google has worked tremendously hard over the past fifteen years to earn our users' trust," Drummond said. "We have consistently pushed back on overly broad government requests for our users' data."

This article, Google asks DOJ if it can release details on government data requests, was originally published at

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His e-mail address is

See more by Jaikumar Vijayan on

Read more about privacy in Computerworld's Privacy Topic Center.

Join the CSO newsletter!

Error: Please check your email address.

Tags Government ITwashington postInternet Searchintelfbiinternetsearch enginesprivacyyoutubeFacebookskypeGoogleMicrosoftsecurity

More about DOJFacebookFBIGoogleMicrosoftNSASkypeTopic

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jaikumar Vijayan

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts