Google acknowledges that they should have given notice per their own policy and that they violated it. In this case, they said that they violated it because they had failed to respond to the subpoena within ICE's 10-day deadline:
> On November 20, 2025, Google, through outside counsel, explained to the undersigned why Google did not give Thomas-Johnson advanced notice as promised. Google’s explanation shows the problem is systematic: Sometimes when Google does not fulfill a subpoena by the government’s artificial deadline, Google fulfills the subpoena and provides notice to a user on the same day to minimize delay for an overdue production. Google calls this “simultaneous notice.” But this kind of simultaneous notice strips users of their ability to challenge the validity of the subpoena before it is fulfilled.
At what point does Google’s incompetence imply organizations that use its services are liable for negligence?
What if this were a bogus subpoena for a lawyer’s privileged conversations with a client? A doctor’s communications about reproductive health with a patient? A political consultant working for the democrats?
A gag order would be from a judge. There would be severe penalties if a party breaks a gag order. A request not to notify is just a request; it has zero legal standing and there would be zero repercussions to ignoring it.
Google knows users care about their privacy, and it made the promise in its terms precisely for that reason. People pay attention to this stuff, as the popularity of this story shows.
Therefore, it's generally not going to be in Google's interest to break its own terms.
So what's going on? Did a Google employee simply mess up? Is the reporting not accurate or missing key details, e.g. Google truly is legally prohibited? Or is there some evidence that the Trump administration was putting pressure on Google, e.g. threatening to withhold some contract if this particular person were notified, or if Google continued notifying users belonging to some particular category of subpoenas?
Because Google isn't breaking its own terms just for funsies. There's more to this story, but unfortunately it's not clear what.
> Therefore, it's generally not going to be in Google's interest to break its own terms.
It is also not in Google’s interest to resist this administration. I would not be surprised if they decided to kiss the ring and be by internal policy more cooperative than what the law strictly says.
I guess we’ll get a better idea if more cases show up.
Previous administrations weren't easier to resist. Look up Joseph Nacchio's story. Short version: refuse to install https://en.wikipedia.org/wiki/MAINWAY without a warrant, go to jail.
>Google knows users care about their privacy, and it made the promise in its terms precisely for that reason. People pay attention to this stuff, as the popularity of this story shows.
Do Google users care about their privacy? I'd expect not, given that Google is (and hasn't been shy about telling us about it) reading all their emails in order to provide more targeted advertisements.
And, as I mentioned, Google hasn't been shy about saying that's exactly what they do (prioritizing their ad revenue over their users' privacy), so I have to assume that Google users don't care about their privacy.
If they did care about their privacy, they'd self-host their email on hardware they physically control.
That's orthogonal to Google giving up data to the government, with or without notifying the user(s) in question, except that the above makes clear what we already know: Google doesn't respect the privacy of their users.
> given that Google is (and hasn't been shy about telling us about it) reading all their emails in order to provide more targeted advertisements.
That hasn't been the case since 2017. Nearly a decade ago. They stopped precisely because Google users do care about privacy -- and tracking is one thing, but scanning the content of your e-mails is another.
And what you're linking to is NOT what you described, "in order to provide more targeted advertisements".
Your links are describing Gemini integration. If you ask Gemini a question about your e-mails, obviously it needs to look at them. If Google is suggesting a smart reply, obviously it needs to process your e-mail to do so. But these are features designed to benefit the user.
You were talking about target advertising. That's not what your links have anything to do with.
[0]: "Google publicly announced in 2017 it would stop using Gmail content for ad targeting but continued to scan emails for spam, malware, and other non-ad functionality, which leaves room for ambiguity about downstream uses of metadata or other signals"
Who cares why Google is reading your emails? Not me.
Oh, it's just for non-ad functionality? In that case, go right ahead!
> Google knows users care about their privacy, and it made the promise in its terms precisely for that reason. People pay attention to this stuff, as the popularity of this story shows.
Does it know? And do users really care? Popularity on HN isn't popularity everywhere.
I'd wager most people don't care enough to move away from Gmail.
But even if they did, unfortunately this isn't the only variable a business is solving for. Corporations will generally just pick between the least unprofitable of two evils, not the lesser of.
> On November 20, 2025, Google, through outside counsel, explained to the undersigned why Google did not give Thomas-Johnson advanced notice as promised. Google’s explanation shows the problem is systematic: Sometimes when Google does not fulfill a subpoena by the government’s artificial deadline, Google fulfills the subpoena and provides notice to a user on the same day to minimize delay for an overdue production. Google calls this “simultaneous notice.” But this kind of simultaneous notice strips users of their ability to challenge the validity of the subpoena before it is fulfilled.