Most of us share huge amounts of personal information online, and Big Tech companies are in many ways the gatekeepers of this data. But how much do they share with the authorities? And how often do governments request user data?
According to new research by VPN provider SurfShark, the answer is a lot, and a lot again.
As detailed in SurfShark’s new report which analysed user data requests that Apple, Google, Meta, and Microsoft received from government agencies of 177 countries between 2013 and 2021, Tech giants get a lot of requests for user data, and the majority of the time, they comply.
Of the four Big Tech companies studied, Apple was the most forthcoming, complying with 82% of requests for user data, compared to Meta (72%), Google (71%), and Microsoft (68%). Interestingly, Big Tech was more compliant in the UK than when compared to global figures, disclosing user data 81.6% of the time.
The report shows that the US and Europe make the most requests for user data, making up 60% of all cases between 2013 and 2021. Germany came in second globally after the US, with 648 requests made per 100k people. The UK government stands at fourth place, requesting seven times more user data from Big Tech companies than the global average. Looking at the top 10, five countries are from the EU, with the US, Singapore, the UK, Australia, and Taiwan comprising the rest.
Governments are requesting this information more and more, presumably in response to the spike in online crime in recent years: the number of accounts requested more than quadrupled from 2013 to 2021, totalling 6.6 million. This data is often used to aid criminal investigations, but it can also help settle civil or administrative cases where digital evidence is needed. This can include specific user information, from IP addresses to locations of devices.
Besides requesting data from technology companies, authorities are now exploring more ways to monitor and tackle crime through online services, says Gabriele Kaveckyte, Privacy Counsel at Surfshark.
Last year, the EU proposed a regulation that would require internet service providers to detect, report, and remove abuse-related content. While a noteworthy cause, some expressed concerns that the new laws would undermine end-to-end encryption and, hence, user privacy.
“On one hand, introducing such new measures could help solve serious criminal cases, but civil society organisations expressed their concerns of encouraging surveillance techniques which may later be used, for example, to track down political rivals,” says Kaveckyte.
Over the past few years, Big Tech has engaged in a tit for tat between each other and the authorities over the confidentiality of data. Fears of state surveillance prevail, as do doubts over tech companies’ ability to keep data safe – especially in light of a number of high profile leaks.
