Google admits Patriot Act requests; Handed over European data to U.S. authorities

Google admits Patriot Act requests; Handed over European data to U.S. authorities

Summary: Google is the next major company to admit Patriot Act issues, as it admits to handing over data held in a European datacenter back to U.S. intelligence.

SHARE:

Google has become the latest company to admit the vulnerabilities of an insecure European cloud due to the USA PATRIOT Act.

Google has handed EU data stored in European datacenters back to U.S. law enforcement, by using the Safe Harbor framework to transport data across the Atlantic.

Specifically, U.S. intelligence, according to one source, asked Google to hand over data stored in a European datacenter.

Admitting to complying with Patriot Act requests, it follows Microsoft's admission earlier this year, proving that EU-based data is insecure and at risk from U.S. inspection, if local subsidiaries are linked to a U.S. based headquarters.

Google confirmed this to German media group WirtschaftsWoche.

The search giant had received numerous requests -- the total number is unknown -- for which it complied with, compelled to under U.S. law.

Because of National Security Letters, companies can be 'gagged' from disclosing such facts to the press and the public, if information is deemed to pertain to national security.

It should come as no surprise that Google has complied with Patriot Act requests.

After the news broke a few months ago, exclusively by ZDNet, that Microsoft would hand over EU-stored data back to U.S. law enforcement, it set a precedent that other U.S. based companies operating in Europe would also have to comply.

The European Parliament, shortly afterwards, cited these issues in the Civil Liberties and Justice committee, and demanded an explanation from U.S. authorities asking why EU data was not safe from U.S. inspection; sparking a diplomatic outrage between the two continents.

It is likely that in the coming months, after the European Parliament resume after the summer break, that an official inquiry will explore avenues raised by the European insecure cloud.

What is clear, however, is that any U.S. company -- whether it be Google, Microsoft, Amazon, Apple or any other cloud service provider -- operating in Europe, cannot protect European data against U.S. inspection.

Background reading:

Also read ZDNet’s Patriot Act series:

Topics: Google, Government, Government US, Government UK

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

19 comments
Log in or register to join the discussion
  • Message has been deleted.

    Your Non Advocate
    • I thought Google wouldn't do evil

      hoho, how many more emperor's new cloth slogans do they have?
      LBiege
      • What evil?

        @LBiege Google was lawfully providing information. I would expect no less of them, or any company. I would have a problem with Googile if it willfully broke the law.
        Your Non Advocate
    • RE: Google admits Patriot Act requests; Handed over European data to U.S. authorities

      @facebook@...
      I do have to wonder, though, whether Google challenged the Patriot Act requests in court or whether they just gave up the data. I'd at least like the company holding my data to fight the request until it is ordered by a judge. No indication whether Google did or did not do that.
      swmace
  • RE: Google admits Patriot Act requests; Handed over European data to U.S. authorities

    It isnt just US ccompanies with EU subsidiaries. All companies - being they service providers or customers - with a significant US presence are subject to US law and therefore to the US Patriot act. <br><br>Disclaimer: I am the Chief Security Advisor for Microsoft Switzerland and blog at www.retohaeni.net. My opinions do not necessarely represent Microsoft.
    retohaeni.net
    • RE: Google admits Patriot Act requests; Handed over European data to U.S. authorities

      @retohaeni.net You are right, of course. You can see this clarified and built upon in the previous articles I have written -- handily added to the end of this article. Thanks very much for your comment Reto, it's very much appreciated.
      zwhittaker
  • I'll say it again

    Multinational corporations are bound to follow the laws of the jurisdictions in which they do business, especially the ones that issued their charters and in which they are headquartered (US corporations, as a practical matter, have to give US law precedence). People should keep that in mind when deciding whether to entrust their data to such organizations.<br><br>To that extent, it doesn't matter whether you're talking about MS, Google, Lenovo, or anyone else.
    John L. Ries
    • RE: Google admits Patriot Act requests; Handed over European data to U.S. authorities

      @John L. Ries

      +1. A fairly basic concept to grasp.
      Your Non Advocate
  • So Google now has egg on face and foot in mouth

    After lambasting China's laws and trying to sneak past them, Google now admits that they have already conceded to US law.

    What a bunch of F$&#in' hypocrits!
    Joe_Raby
  • Hmm...

    [i]EU-based data is insecure and at risk from U.S. inspection, [b]if local subsidiaries are linked to a U.S. based headquarters[/b][/i]

    What happens if HQ is outside the US, but there is a smaller US office?

    Does it really matter anyway? There are massive network interconnects between the hemispheres and most run through some kind of US-run company. Who is to say that the US gov't won't just mandate packet filters on a company like Level3?
    Joe_Raby
  • Just a thought...

    Are US Conservatives isolationists? Seems that way.

    Quick, put them all in a plastic bubble where they want to be. Don't forget to put an airhole in it.... ;)
    Joe_Raby
  • Ad FAIL

    I get an ad for a Canadian bank with an immigrant savings plan. FAIL!
    Joe_Raby
  • RE: Google admits Patriot Act requests; Handed over European data to U.S. authorities

    Zack<br>Weren't you cursing Microsoft for doing such thing and praising Google not honoring Chinese request? What happened all of a sudden did you get divorse notice from Google? <img border="0" src="http://www.cnet.com/i/mb/emoticons/grin.gif" alt="grin">
    Ram U
    • RE: Google admits Patriot Act requests; Handed over European data to U.S. authorities

      @Rama.NET Citation needed.
      zwhittaker
  • Great spy tool!

    [i]"What is clear, however, is that any U.S. company ? whether it be Google, Microsoft, Amazon, Apple or any other cloud service provider ? operating in Europe, cannot protect European data against U.S. inspection."[/i]

    And what's to stop some Middle Eastern country from passing similar laws to get at sensitive U.S. or E.U. data--"under our laws, if you are providing services to our citizens you must provide information we request on national security grounds" ...?
    Rick_R
  • RE: Google admits Patriot Act requests; Handed over European data to U.S. authorities

    These comments appear to be missing the point.

    Of course all companies follow national laws. The problem arises when national law restricts your ability to do 'honest' business.

    Amazon, Google, Microsoft and the rest will be denied the opportunity to do any Colo, hosting or 'cloud' based business with European public sector organizations.

    That's not very patriotic or good for business..
    tom.musgrave@...
  • Errr....

    We'll see how much people complain about Microsoft compared to when Microsoft had the same issue - or I'm sure Apple will have [if not already].
    Gisabun
  • RE: Google admits Patriot Act requests; Handed over European data to U.S. authorities

    Use the cloud at your peril. i am so surprised just how many cannot see its a bad idea entrusting your data to an organisation - there's a reason that want to look after your data.......
    deaf_e_kate
  • It dont matter!

    The US builds a back door into all companies that have control over networks for matters of national security. This is not different than any other country overseas. If they forgot to require the information they just use one of their hired guns to hack the info they need anyway. This is not secrete that most of the EU countries steal info via hacking but if the US makes a law to take it legally than everyone is upset. Not that I am not saying it is right but that they are calling the kettle black.
    jgustafson@...