Throughout 2022, Google received 6,335 requests from Australian authorities, for information regarding the activities of 7,183 accounts. Google ended up agreeing to 5,525 requests including law enforcement and online safety agencies.
Google’s most recent biannual transparency report on user information disclosures comes after the earlier release of data this year regarding government content removal requests.
The earlier report unveiled that the eSafety Commissioner’s actions resulted in the de-indexing of thousands of websites and blogs from Google’s search engine results in 2022.
Google’s “Global Requests for User Information” report states that the company permits government agencies worldwide to submit requests for information for purposes related to civil, administrative, criminal, and national security matters.
According to Google, the Global Requests report aims to provide insights into the number and nature of requests received from government agencies, in compliance with applicable laws and regulations.
Among these requests, Google ultimately approved 5,525 of them, which were likely from Australian authorities, potentially including law enforcement and online safety agencies.
Requests are classified into various categories depending on the type of company involved. For instance, “legal requests” refer to general data requests from law enforcement agencies, “emergency requests” are made in urgent situations, and “preservation requests” involve data preservation.
Moreover, the company also handles requests from “enterprise cloud” customers, which typically encompass large organisations and businesses, as well as requests for diplomatic purposes.
Tech Giant Transparency Reports Share Similarities
Both Meta and TikTok’s transparency reports share similarities. Last year, Meta disclosed that it complied with 3,563 requests from Australian agencies, whereas TikTok complied with 91 requests during the same period. However, the reports lack detailed information about the agencies making these requests.
The limited information available regarding agencies obtaining end-user information from these platforms primarily comes from the agencies themselves. Some authorities publish the number of requests they make for end-user information when required to do so by the Acts used for these requests.
For instance, the eSafety Commissioner’s 2021-2022 annual reports indicated that it utilized the Online Safety Act to obtain end-user identity information or contact details four times during the period while investigating crimes involving non-consensually shared images.
The Australian Federal Police’s annual report also revealed that its account-takeover powers were used twice during the 2021-22 financial year to investigate child abuse.
In the 2021-2022 period, thirty (30) technical assistance requests were sent to the industry, including four from the Australian Criminal Intelligence Commission, two from the AFP, three from Victoria Police, and twenty-one from NSW Police.
However, neither eSafety’s annual reports nor the reports issued by law enforcement agencies provide a breakdown of actions taken against digital service providers categorised by company concerning requests for their users’ data.
User Data Requests Reaches New Heights
Over the years, there has been a noticeable increase in data requests, especially since 2014 when there were only 1,711 such requests. However, in subsequent years, the numbers rose significantly, with data requests reaching 5,914 in 2020 and further increasing to 6,484 in 2021.
A similar upward trend is evident in the United States and the United Kingdom, where requests for user data experienced a rise and then plateaued during the pandemic years.
In 2014, U.S. authorities made 22,520 data requests, but by 2022, this number had soared to 111,608.. On average, Google complies with approximately 75 to 85 percent of these requests.
Meta received merely 1,439 requests in 2014 for user information in Australia. However, this figure surged to 2,965 in 2020 and further to 4,287 by 2022.
Meta assures that each request they receive is meticulously reviewed and they may reject or seek more information for overly broad or vague requests,.
Google “Compelled” To Provide Mobile Phone Data
During the January 6 U.S. Capitol riots, Google handed over location data for 5,723 cellular devices using a “geofence dragnet.” The company was compelled to provide mobile phone data for a four-acre area surrounding the Capitol between 2 p.m. and 6:30 p.m.
This action has faced criticism as it raises concerns about potential violations of the First and Fourth Amendments of the U.S. Constitution.
Meanwhile Australia’s the federal government has been actively pursuing measures to regulate “misinformation” through the Communications Legislation Amendment (Combatting Misinformation and Disinformation) Bill 2023.
Under this bill, the Australian Communications and Media Authority (ACMA), which is the media regulatory body, will be granted new powers to address mis- or disinformation on online platforms using a two-step approach.
In the first step, ACMA will request social media companies to develop a code of practice, known as industry codes, which will be registered and enforced by the authority.
Breaching this code will result in substantial penalties, such as a fine of $2.75 million (US$1.85 million) or two percent of global turnover, whichever is greater.
Should the industry codes prove ineffective, the second tier of regulation will empower ACMA to create and enforce an industry standard, a more stringent form of regulation.
Violating this standard will incur even higher penalties of $6.8 million or five percent of global turnover, with significant sums for companies like Twitter and substantially larger amounts for entities like Meta (formerly Facebook).
Additionally, ACMA will possess the authority to request social media platforms, including Google, Twitter, and Meta, to provide records of social media posts.
