Google admits Patriot Act requests; Handed over European data to U.S. authorities

Google is the next major company to admit Patriot Act issues, as it admits to handing over data held in a European datacenter back to U.S. intelligence.
Written by Zack Whittaker, Contributor

Google has become the latest company to admit the vulnerabilities of an insecure European cloud due to the USA PATRIOT Act.

Google has handed EU data stored in European datacenters back to U.S. law enforcement, by using the Safe Harbor framework to transport data across the Atlantic.

Specifically, U.S. intelligence, according to one source, asked Google to hand over data stored in a European datacenter.

Admitting to complying with Patriot Act requests, it follows Microsoft's admission earlier this year, proving that EU-based data is insecure and at risk from U.S. inspection, if local subsidiaries are linked to a U.S. based headquarters.

Google confirmed this to German media group WirtschaftsWoche.

The search giant had received numerous requests -- the total number is unknown -- for which it complied with, compelled to under U.S. law.

Because of National Security Letters, companies can be 'gagged' from disclosing such facts to the press and the public, if information is deemed to pertain to national security.

It should come as no surprise that Google has complied with Patriot Act requests.

After the news broke a few months ago, exclusively by ZDNet, that Microsoft would hand over EU-stored data back to U.S. law enforcement, it set a precedent that other U.S. based companies operating in Europe would also have to comply.

The European Parliament, shortly afterwards, cited these issues in the Civil Liberties and Justice committee, and demanded an explanation from U.S. authorities asking why EU data was not safe from U.S. inspection; sparking a diplomatic outrage between the two continents.

It is likely that in the coming months, after the European Parliament resume after the summer break, that an official inquiry will explore avenues raised by the European insecure cloud.

What is clear, however, is that any U.S. company -- whether it be Google, Microsoft, Amazon, Apple or any other cloud service provider -- operating in Europe, cannot protect European data against U.S. inspection.

Background reading:

Also read ZDNet’s Patriot Act series:

Editorial standards