Cooperation or Resistance? How Big Tech Handles Data Requests from Governments

At the beginning of June 2021, The New York Times reported that the Justice Department secretly sought data from some of the largest tech companies regarding journalists, Democratic lawmakers, and White House officials as part of a broad investigation into leaks and other matters that started in the early days of the Trump administration.

These discoveries raised concerns about the kind of data collected by these companies and how much of it is available to law enforcement.

By now, we all know that Big Tech collects and stores all sorts of information on us. Corporations like Google, Apple, Microsoft, and Facebook typically have access to the contents of user emails, call logs, text messages, contact lists, calendars, images, videos, and other documents, in addition to basic information such as names and addresses.

According to Techrobot, the United States is the country that requests the most data from tech companies and is also the country that is granted the most access. This was shown through a study that examined transparency reports from Apple, Facebook, and Twitter in 15 major countries between 2019 and 2020.

In the first quarter of 2020, the United States made 66,598 data requests, up 21% from the same period the previous year. Tech companies complied with 76% of those requests, which amounts to about 50,000 pieces of user information shared with the government.

Many Americans are still wary of tech companies sharing personal data with third parties, including the government.

Does the Government Have Access to All Our Data?

Almost all of it. It depends on the type of request. A subpoena is perhaps the most common and simple request. Subpoenas can be issued by government agencies and prosecutors in the United States without the approval of a judge, and lawyers can issue them in open court cases. If you’re looking for basic facts that can help build a case and provide evidence for more powerful requests, subpoenas are an effective tool.

Authorities frequently use subpoenas to get basic user information from tech companies. This could mean IP address, email address, the date when the user created their account, the account holder’s name, and their billing information.

In addition, investigators often request call, text, and email logs. Details on who made and received a call or message, as well as when, are included in such logs. A higher-level request, such as a judge-issued court order, may be required to obtain this information.

A warrant is a far more powerful investigation tool that can reveal a wealth of sensitive and private user information.

To get a warrant, investigators must submit a formal application to a judge, laying forth evidence suggesting that the warrant’s subject committed a crime. They can access significantly more information with a warrant than they can with a subpoena. This includes the contents of emails, text messages, contact lists, calendars, images, and other documents.

As part of their consumer cloud services, Apple, Google, and Microsoft store such information on their servers. Customers regularly use cloud services to retrieve information when they need to replace their phones. Facebook said it also provides similar sensitive information to authorities upon receiving warrants.

Does Big Tech Ever Resist These Requests?

The short answer is yes. Tech companies do sometimes contest these requests if they’re too broad and they believe that officials are acting without proper legal authority. We can see evidence of this in the lawsuits tech giants file against the government over such requests.

Still, they comply with most of them. In the first half of 2020, Apple claimed it contested 4% of requests from US authorities, while Microsoft said it refused 15%.

As we already mentioned in the introduction, Apple, Facebook, and Twitter complied with 76% of government requests in the US.

Is Any of Our Data Off-Limits?

Actually, yes. End-to-end encrypted data is inaccessible both to tech companies and law enforcement officials. This type of encryption ensures that the information is only accessible to the account owner or to the sender and receiver of a communication.

Apple uses end-to-end encryption for iMessages, which are text messages exchanged between two iPhones, as well as FaceTime calls. However, if users back up their messages using iCloud, the contents of these messages become accessible to Apple and, therefore, subject to official data requests.

Apple’s iPhones and some Android smartphones are likewise encrypted, which has resulted in legal battles with the FBI over access. However, police enforcement agencies all around the country routinely employ equipment that can effectively hack into digital devices to extract data.

As Congress and the courts consider how to regulate technology companies through antitrust laws, they may also consider how these companies act as surveillance intermediaries. The fact that private companies wield so much power in defining the appropriate balance between privacy and security may not be ideal since the way these companies handle their role can vary dramatically.

On the other hand, there’s no denying that law enforcement agencies also benefit greatly from the type of data these tech companies can collect and supply. Evidence provided by tech companies is often vital in national security investigations and criminal cases.

While some have seen this as a drawback, stating that the Facebooks of the world make it uncomfortably easy for the government to transform into a dystopian surveillance state, there are multiple reasons to regard this benefit for law enforcement agencies as a public good. The information gathered through Big Tech is invaluable in investigating terrorism, murder, and other major crimes.

Tech companies have access to exactly the type of information that investigators need — where people travel, who they speak with, and so on. Furthermore, getting this information through them means that the targets of these official requests have no idea they are being investigated.

Andrew Guthrie Ferguson, a professor at American University Washington College of Law, explains that what most people don’t understand about the digital devices they use is how easily investigators can get access to the data these devices collect on us. The internet leaves very little room for secrets, and our devices are constantly being monitored. This implies that our data is always just a government request away from being revealed.