power

Civil rights groups demand data from Google on intrusive warrants

Advocates want to know exactly how many location- and keyword-based warrants Google is receiving and responding to each year.

Civil rights groups demand data from Google on intrusive warrants

In a letter to Google CEO Sundar Pichai, civil liberties groups seek answers about geofence and keyword warrants.

Image: Protocol

More than 60 civil liberties groups sent a letter to Google CEO Sundar Pichai Tuesday, asking him to disclose the number of so-called geofence or keyword warrants Google receives every month. Unlike warrants specific to individuals, these warrants seek data on anyone in a certain location or who searched a certain term, techniques that privacy advocates argue are ripe for abuse. Last year, for example, the Manhattan district attorney demanded Google hand over information on any devices that were in a certain area on the Upper East Side when a fight broke out during protests against the far-right Proud Boys.

"These blanket warrants circumvent constitutional checks on police surveillance, creating a virtual dragnet of our religious practices, political affiliations, sexual orientation, and more," the letter reads. It was drafted by the Surveillance Technology Oversight Project and includes signatures from Amnesty International, the Electronic Frontier Foundation and dozens of other groups, who are asking Google to share data on geofence and keyword warrants in its regular transparency report.

According to figures Google has released in court filings, law enforcement has been flooding the company with these warrants in recent years. In a case brief filed regarding a man whose Google location data was used to tie him to a bank robbery, Google reported seeing a 1,500% spike in geofence warrant requests between 2017 and 2018, with another 500 percent spike between 2018 and 2019.

This summer, as lawmakers in New York pushed legislation that would prohibit the use of geofence warrants by police, Google's director of law enforcement and information security, Richard Salgado, told Protocol, "We're encouraged to see lawmakers discussing legislation that acknowledges smartphones' crucial role in today's world and the need for rules to govern untargeted access to data by law enforcement."

But Google has yet to disclose proactively the number of warrants it receives in the same way it discloses statistics on U.S. national security requests and other demands. In the letter to Pichai, the groups say they're grateful for Google's disclosures in court, but they ask Google to do more to assist civil liberties groups in fighting back against these warrants. "As a leading recipient of geofence and keyword warrants, Google is uniquely situated to provide public oversight of these abusive practices," the letter reads. "By providing this semiannual breakdown of requests, tracking the growth of these abusive tactics over time, you'll provide us and other civil society organizations vital ammunition in the fight for privacy."

Here's the letter:

Dear Mr. Pichai,

We, the undersigned civil rights, labor, and civil society organizations, call on Google to aid us in opposing the alarming growth in law enforcement searches of Google user data. While law enforcement agencies have sought Google account data for years, we write in response to the increasing reports of novel warrants and other court orders that demand far more data than in the past.

This includes the use of so-called "geofence warrants," which compel disclosure of all devices in a geofenced area, and so-called "keyword warrants," which identify every user who searched for a specific keyword, phrase, or address. These blanket warrants circumvent constitutional checks on police surveillance, creating a virtual dragnet of our religious practices, political affiliations, sexual orientation, and more.

Reports indicate that Google has complied with an increasing number of these non-traditional warrants in recent years. For example, according to Google's submission in United States v. Chatrie, you received a 75-fold increase in geofence warrant requests from 2017 to 2019. This limited reporting has been indispensable in building public awareness about this unconstitutional surveillance tactic. While we are grateful that Google made the limited disclosures that it did in United States v. Chatrie, we urge you to do more.

As a leading recipient of geofence and keyword warrants, Google is uniquely situated to provide public oversight of these abusive practices. We ask you to do just that by expanding your industry- leading transparency report to provide monthly data on the number of non-traditional court orders received, including granular information on geofence warrants, keyword warrants, and any analogous requests. By providing this semiannual breakdown of requests, tracking the growth of these abusive tactics over time, you'll provide us and other civil society organizations vital ammunition in the fight for privacy.

We look forward to working with your staff on this matter. Please contact Surveillance Technology Oversight Project Executive Director Albert Fox Cahn with any questions, comments, or concerns.

S.T.O.P. - The Surveillance Technology Oversight Project
Access Now
Advocacy for Principled Action in Government
Alternate ROOTS
Amnesty International - USA
Asian American Legal Defense and Education Fund (AALDEF)
Asian Americans Advancing Justice - Asian Law Caucus
Brennan Center for Justice
Brooklyn Defender Services
CAIR-Minnesota
California LGBT Arts Alliance
Center for Human Rights and Privacy
Center on Race, Inequality, and the Law at NYU Law
Community Alliance for Global Justice Council on American-Islamic Relations, New York (CAIR-NY)
Cypurr Collective
Defending Rights & Dissent
Demand Progress
Due Process Institute
Electronic Frontier Foundation (EFF) Emonyo Yefwe International
Empire State Indivisible
Encode Justice
Equal Justice Under Law
Ethics in Technology a 501 c 3
Fight for the Future
Freedom of the Press Foundation FreedomWorks
Government Accountability Project Hacking//Hustling
Islamophobia Studies Center
Legal Action Center
Media Alliance
National Coalition Against Censorship
New America's Open Technology Institute New York Civil Liberties Union (NYCLU) New York County Defender Services Nicaragua Center for Community Action Northern New Jersey Jewish Voice for Peace Oakland Privacy
Occupy Bergen County (N.J.)
OCF @ U.C. Berkeley
PDX Privacy
Policing and Social Justice Project
Project South
Restore The Fourth
Reviving the Islamic Sisterhood for Empowerment (RISE)
TechActivist.Org
Technology for Liberty Program, ACLU of Massachusetts
Tenth Amendment Center
The Bronx Defenders
The Calyx Institute
The Legal Aid Society of NYC
The Project On Government Oversight TKE
United Voices of Cortland
Urban Justice Center
Visionary V
Wolfson Cybersecurity Club
X-Lab
Issie Lapowsky

Issie Lapowsky ( @issielapowsky) is Protocol's chief correspondent, covering the intersection of technology, politics, and national affairs. She also oversees Protocol's fellowship program. Previously, she was a senior writer at Wired, where she covered the 2016 election and the Facebook beat in its aftermath. Prior to that, Issie worked as a staff writer for Inc. magazine, writing about small business and entrepreneurship. She has also worked as an on-air contributor for CBS News and taught a graduate-level course at New York University's Center for Publishing on how tech giants have affected publishing.

google sundar pichai privacy power
cybersecurity
Enterprise

Why CrowdStrike wants to be a broader enterprise IT player

The company, which grew from $1 billion in annual recurring revenue to $2 billion in just 18 months, is expanding deeper within the cybersecurity market and into the wider IT space as well.

CrowdStrike is well positioned at a time when CISOs are fed up with going to dozens of different vendors to meet their security needs.

Image: Protocol

CrowdStrike is finding massive traction in areas outside its core endpoint security products, setting up the company to become a major player in other key security segments such as identity protection as well as in IT categories beyond cybersecurity.

Already one of the biggest names in cybersecurity for the past decade, CrowdStrike now aspires to become a more important player in areas within the wider IT landscape such as data observability and IT operations, CrowdStrike co-founder and CEO George Kurtz told Protocol in a recent interview.

Keep Reading Show less
Kyle Alspach

Kyle Alspach ( @KyleAlspach) is a senior reporter at Protocol, focused on cybersecurity. He has covered the tech industry since 2010 for outlets including VentureBeat, CRN and the Boston Globe. He lives in Portland, Oregon, and can be reached at kalspach@protocol.com.

crowdstrike microsoft security xdr cybersecurity
sponsored content
Sponsored Content

Great products are built on strong patents

Experts say robust intellectual property protection is essential to ensure the long-term R&D required to innovate and maintain America's technology leadership.

Every great tech product that you rely on each day, from the smartphone in your pocket to your music streaming service and navigational system in the car, shares one important thing: part of its innovative design is protected by intellectual property (IP) laws.

From 5G to artificial intelligence, IP protection offers a powerful incentive for researchers to create ground-breaking products, and governmental leaders say its protection is an essential part of maintaining US technology leadership. To quote Secretary of Commerce Gina Raimondo: "intellectual property protection is vital for American innovation and entrepreneurship.”

Keep Reading Show less
James Daly
James Daly has a deep knowledge of creating brand voice identity, including understanding various audiences and targeting messaging accordingly. He enjoys commissioning, editing, writing, and business development, particularly in launching new ventures and building passionate audiences. Daly has led teams large and small to multiple awards and quantifiable success through a strategy built on teamwork, passion, fact-checking, intelligence, analytics, and audience growth while meeting budget goals and production deadlines in fast-paced environments. Daly is the Editorial Director of 2030 Media and a contributor at Wired.
sponsored sponsored content
markets
Fintech

Election markets are far from a sure bet

Kalshi has big-name backing for its plan to offer futures contracts tied to election results. Will that win over a long-skeptical regulator?

Whether Kalshi’s election contracts could be considered gaming or whether they serve a true risk-hedging purpose is one of the top questions the CFTC is weighing in its review.

Photo illustration: Getty Images; Protocol

Crypto isn’t the only emerging issue on the CFTC’s plate. The futures regulator is also weighing a fintech sector that has similarly tricky political implications: election bets.

The Commodity Futures Trading Commission has set Oct. 28 as a date by which it hopes to decide whether the New York-based startup Kalshi can offer a form of wagering up to $25,000 on which party will control the House of Representatives and Senate after the midterms. PredictIt, another online market for election trading, has also sued the regulator over its decision to cancel a no-action letter.

Keep Reading Show less
Ryan Deffenbaugh
Ryan Deffenbaugh is a reporter at Protocol focused on fintech. Before joining Protocol, he reported on New York's technology industry for Crain's New York Business. He is based in New York and can be reached at rdeffenbaugh@protocol.com.
election bets cftc kalshi elections futures contracts fintech policy markets
cybersecurity
Enterprise

The Uber verdict shows why mandatory disclosure isn't such a bad idea

The conviction of Uber's former chief security officer, Joe Sullivan, seems likely to change some minds in the debate over proposed cyber incident reporting regulations.

Executives and boards will now be "a whole lot less likely to cover things up," said one information security veteran.

Photo: Al Drago/Bloomberg via Getty Images

If nothing else, the guilty verdict delivered Wednesday in a case involving Uber's former security head will have this effect on how breaches are handled in the future: Executives and boards, according to information security veteran Michael Hamilton, will be "a whole lot less likely to cover things up."

Following the conviction of former Uber chief security officer Joe Sullivan, "we likely will get better voluntary reporting" of cyber incidents, said Hamilton, formerly the chief information security officer of the City of Seattle, and currently the founder and CISO at cybersecurity vendor Critical Insight.

Keep Reading Show less
Kyle Alspach

Kyle Alspach ( @KyleAlspach) is a senior reporter at Protocol, focused on cybersecurity. He has covered the tech industry since 2010 for outlets including VentureBeat, CRN and the Boston Globe. He lives in Portland, Oregon, and can be reached at kalspach@protocol.com.

sec cisa regulations uber cybersecurity policy
aviation
Climate

Delta and MIT are running flight tests to fix contrails

The research team and airline are running flight tests to determine if it’s possible to avoid the climate-warming effects of contrails.

Delta and MIT just announced a partnership to test how to mitigate persistent contrails.

Photo: Gabriela Natiello/Unsplash

Contrails could be responsible for up to 2% of all global warming, and yet how they’re formed and how to mitigate them is barely understood by major airlines.

That may be changing.

Keep Reading Show less
Michelle Ma

Michelle Ma (@himichellema) is a reporter at Protocol covering climate. Previously, she was a news editor of live journalism and special coverage for The Wall Street Journal. Prior to that, she worked as a staff writer at Wirecutter. She can be reached at mma@protocol.com.

aviation contrails delta flight emissions mit net zero
Latest Stories
Bulletins