If you’re worried that the information you have stored on Google‘s servers – including e-mail, photos, documents, and so on – can be revealed to the police as soon as they come knocking on Google’s door, well, you should. But at least in some cases, Google demands that a probable-cause warrant be shown to them first before they hand over any data. This is what the search giant revealed earlier this month through a recent post on its public policy blog titled, “Transparency Report: What it takes for governments to access personal information.”
The fact that Google requires a probable-cause warrant from the police before handing over user data is a small privacy win for users of its services. However, according to Google’s own records, more than two-thirds of all the user data it does hand over are given without the need for any probable-cause warrants whatsoever.
This is because of the existence of the Electronic Communications Privacy Act or ECPA, which was passed nearly three decades ago in 1986. Because of the ECPA, Google has to hand over certain kinds of user data as part of investigations if the data has been stored on its servers for more than 180 days. U.S. Senator Patrick Leahy is currently trying to pass an ECPA revision that will make warrants mandatory, but his attempts have still not yielded any fruit.
It may be unfortunate that the much-needed update to the ECPA is still pending, but at least Google is trying to do what it can to keep user data private. Other companies such as Yahoo!, Microsoft, and Facebook, have also taken similar approaches when it comes to handing over user data to government agencies.
Until the pertinent ECPA revision pushes through, it’s up to policies made by companies like Google to ensure that the data its users store on its servers are kept safe and private, as it should be.