Total Pageviews

Wednesday, June 12, 2013

Google Offers Some Detail About How It Transfers Data to the Government

Google has offered a few more details about how it shares user data with the government, including in response to national security requests.

As The New York Times reported on Tuesday, when Google is legally required to hand over data about its users, it usually delivers it using a file-transferring technology called secure FTP, David Drummond, Google’s chief legal officer, said in an interview on British television.

FTP is a simple way to upload and download files sent between parties â€" like an online file folder. Either party can operate the FTP server that the files flow through. In an interview on PBS NewsHour, Mr. Drummond indicated that the FTP server is on the government’s machines and not on Google’s.

“We deliver it to them, we push it out to them,” said Mr. Drummond, who was speaking from Amsterdam. “They don’t come access it through any machines at Google.”

The New York Times reported on Friday that the National Security Agency‘s secret Internet surveillance program, Prism, involved electronically transmitting data â€" though not automatically or in bulk â€" in compliance with the Foreign Intelligence Surveillance Act. While the government asked the companies to make a secure lockbox, the article said, the companies responded in different ways.

Mr. Drummond’s statement on Tuesday provides some clarity on how Google electronically transfers data in response to government requests, including national security requests.

Some lawyers who respond to national security requests for tech companies described the systems as nothing more than a 21st-century way to transfer files. Every government request is reviewed by a person, they said, but once it is time to hand over the data, it is more efficient to use the Internet than to print pages and mail them or burn a CD, for instance. (FTP, however, is hardly new, having existed in some form for about four decades.)

Mr. Drummond spoke publicly about the issue for the first time as part of a day of damage control to quell the criticisms after the Prism revelations.

Though Google and the other tech companies have repeatedly said they do not provide the government with direct access to their servers and only comply with lawful government requests, many questions remain about how the government surveillance program works.The companies have said they are restricted from saying more by government gag orders.

“There are a lot of misimpressions that are out there,” Mr. Drummond said on British television. “We feel very strongly that we’ve got to set the record straight.”

He also published a letter on Tuesday asking the government for permission to reveal more information about the number and scope of national security requests, and Microsoft and Facebook followed suit.

The delivery mechanism, people at tech companies have said, is not as important as the data that governments ask the companies to turn over, which is why they asked to reveal more information about the data requests.