Government Demanding More And More Info On Google Users Without Any Oversight

from the ecpa-reform-now dept

Google's latest transparency report, once again, highlights why we need ECPA reform in the US as soon as possible. ECPA -- the Electronic Communications Privacy Act -- is an outdated law that was supposed to be about protecting user privacy, but was written nearly three decades ago and now does exactly the opposite. Beyond being complex in ridiculous and unnecessary ways, things that were true decades ago are no longer the case. For example, the idea that emails left for 180 days on a server no longer need a warrant because under ECPA they are considered "abandoned." Whereas in the real world, where all email lives on servers for quite some time, that idea makes no sense.

Either way, the report makes clear that US government agencies are well aware that they can go trolling through Google to get information on people with little oversight. Requests -- especially requests that are purely a subpoena (with no judicial oversight) appear to continue to rise:
The largest part of that chart is the government subpoenas, meaning no judge had to look them over first:
68 percent of the requests Google received from government entities in the U.S. were through subpoenas. These are requests for user-identifying information, issued under the Electronic Communications Privacy Act (“ECPA”), and are the easiest to get because they typically don't involve judges.
Unfortunately, Congress had a chance to reform ECPA last year, and the Senate Judiciary Committee even approved it. But, right at the end of the year, Congress passed a separate bill that had been attached to ECPA reform by itself... and left ECPA reform to rot.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: data, ecpa, government, privacy, subpoenas, transparency
Companies: google


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • This comment has been flagged by the community. Click here to show it
    identicon
    Anonymous Coward, 23 Jan 2013 @ 8:21pm

    Google's latest transparency report, once again, highlights why we need ECPA reform in the US as soon as possible.

    But wouldn't you have to live in a world that didn't have the ECPA before you could make that call? I mean, how do you know for sure until you have a world with the ECPA and a world without? Surely you need lots more data first, right?

    Sigh.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 23 Jan 2013 @ 9:39pm

      Re:

      Mike said "we need ECPA [b]reform[/b]" because of this, not saying "we need ECPA".

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Jan 2013 @ 9:08pm

    Weird accounts

    180 days and emails are classified as "abandoned"? Hmm.

    Makes no sense now that Google offers something crazy like 10GB of storage.

    Also, what about ACCOUNTS that are abandoned? over the years, I think I have about 10 or 15 email accounts I don't know the password to. Some created back when Hotmail only had a 50 or 100mb limit per account. If someone requests the emails from those accounts, does this mean the Government can read emails from them?

    There's likely very little there, my guess is mostly spam and such. But if an ex sent an email to an account setup while in gradeschool or college, I'd have issue with Government being able to read it and not myself!

    So that said, how can I use the same backdoors to an account I can't remember the password to; for legitimate purposes, of course.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 23 Jan 2013 @ 10:10pm

      Re: Weird accounts

      I still have emails from 1999 in my Yahoo mailbox that I currently using.

      I always keep emails of importants intact in mailbox for my own historical record, and I don't think they're qualified as "abandoned".

      link to this | view in chronology ]

  • icon
    Jesse (profile), 23 Jan 2013 @ 9:27pm

    Any action by government that doesn't require a warrant should be permissible to the public at large.

    The warrant is the special step that government takes to get a seal of approval on an otherwise unacceptable action. If no warrant is needed, that is because the government is not doing something that would otherwise break the law.

    If it is illegal for me to get the emails-older-than-180-days of your everyday politician, then government officials should need to get a warrant to read my emails. Ditto for warrantless wiretapping warrantless tracking devices.

    link to this | view in chronology ]

    • icon
      bigpallooka (profile), 24 Jan 2013 @ 12:32am

      Re:

      If only democracy actually worked this way. Accountability, oversight, government representing the citizenry and equality are supposed to be the cornerstone of a democracy. I agree wholeheartedly with your sentiment but fail to see it practised rigorously in any democracy anywhere. The overwhelming attitude of politicians and government seems to be that they "know better" than the general populace and are therefore somehow entitled to behave in a manner that would not be acceptable in the "common man".

      link to this | view in chronology ]

  • icon
    Ninja (profile), 24 Jan 2013 @ 3:11am

    It's interesting. I have some sort of group e-mail where we exchange messages anonymously with each other for fun. The address is something close to "bloody dismemberment" or whatever you say that in English. It's amusing, even Oprah has visited my mailbox a while back. And we had a spree recently where everybody started using Google Translator to post stuff in Arabic (Allah and Mohamed were there! There were bombs and so on), Chinese, Russian and others. I'm telling this story because I try to guess who is online at a given time by checking the IPs from the sessions Google registers and suddenly I saw a session from the United States. I asked my friends if they used some VPN or if their companies have something in the US or whatever that could explain it. We were all puzzled and just logged that session out and changed the password. Notice that none of us is the dumb type that will compromise the password... Very weird.

    In any case, this article is yet another evidence that the US Govt has run out of control.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 24 Jan 2013 @ 6:00am

      Re:

      "bloody dismemberment" or whatever you say that in English.

      Mayhem.
       

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 24 Jan 2013 @ 6:23pm

        Today I Learned

        TIL why I want to be protected from that guy in the GEICO commercials.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 24 Jan 2013 @ 6:26pm

          Re: Today I Learned

          *Allstate, not GEICO. I get all the insurance companies mixed up.

          link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Jan 2013 @ 4:30am

    From US Gov.

    We the government need to know everything you say or do so the we can imprison anyone who annoys us, which protects you from terrorists, child molesters and other nasty people.

    link to this | view in chronology ]

  • icon
    orbitalinsertion (profile), 24 Jan 2013 @ 7:16am

    Considering emails left for 180 days made no sense decades ago, either. Particularly considering that decades ago, you were probably paying for it directly or almost directly.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Jan 2013 @ 7:38am

    Because Congress is rotten to the core. Do nothing Congress.

    link to this | view in chronology ]

  • identicon
    Gregg, 24 Jan 2013 @ 10:07am

    we have it too in Canada

    Yep, our government is ignoring peoples rights and privacy up here in Canada too.

    I encourage everyone to send 100 emails with 4-5 mb of crap in it for 1 week and see how they like it. They go through them all.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Jan 2013 @ 10:09am

    For example, the idea that emails left for 180 days on a server no longer need a warrant because under ECPA they are considered "abandoned."

    Oh wow, that takes me back. SMTP servers! Man, it's been, what, five, ten years? Do ISPs still run those? I know they stopped running newsgroup servers a while back.

    link to this | view in chronology ]

  • identicon
    Matt, 24 Jan 2013 @ 10:31am

    Could be interesting

    I don't know too much about this, but does this include things like corporate email as well? Can law enforcement just come in without a subpoena and take emails from my work account? Its all hosted on a server we own in our own data center.

    It could be interesting if email services like gmail and yahoo started implementing a system where after 180 days, it would automatically make a copy of the email and delete the original, essentially restarting the day count.

    link to this | view in chronology ]

  • icon
    btrussell (profile), 24 Jan 2013 @ 7:40pm

    Shouldn't they need permission from the copyright holder before making copies or before reading e-mails? I don't cc/reply all.

    They can read mine 50+ years after my death.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.