[packetslave]

Google has been pretty explicit about the circumstances in which it will hand user data over to governments or law enforcement. Even if it is required to be done in secret (e.g. a NSL or FISA request), it still requires a valid court order or other legal process.

http://www.google.com/transparencyreport/userdatarequests

If you think any U.S.-based company is able to do better, I'd love to hear how.

[workhere-io]

Snowden mentioned Google as one of the companies that provides direct access to its backend to NSA - meaning that NSA can access information on Google users without needing a court order.

http://www.youtube.com/watch?v=ZLrPquNK1Mc

[moultano]

Which Google repeatedly vehemently denied.

>I’m not sure I can say this more clearly: we’re not in cahoots with the NSA and there’s is no government program that Google participates in that allows the kind of access that the media originally reported. Note that I say "originally" because you'll see that many of those original sources corrected their articles after it became clear that the PRISM slides were not accurate. Now, what does happen is that we get specific requests from the government for user data. We review each of those requests and push back when the request is overly broad or doesn't follow the correct process. There is no free-for-all, no direct access, no indirect access, no back door, no drop box.

We’re not in the business of lying and we’re absolutely telling the truth about all of this. Our business depends on the trust of our users. And I’m an executive officer of a large publicly traded company, so lying to the public wouldn’t be the greatest career move.

http://www.theguardian.com/technology/blog/2013/jun/19/googl... http://googleblog.blogspot.com/2013/06/what.html

[workhere-io]

Which Google repeatedly vehemently denied.

Probably because they're forced to do so by the authorities, like Lavebit was. So it becomes a question of who you are going to trust: Snowden (who has nothing to gain by lying) or Google (who is required by law to lie about it and risks losing a lot of money if their customers lose faith in them). I know who I trust in this case.

[DannyBee]

Can you please state what law you believe would force them to lie about it?

As i've pointed out in a few discussions, the law does not (and generally cannot constitutionally) require you to actively lie about something (IE compelled inaccurate speech). It can require you to not speak about something, compel you to speak truthful things (as a disclosure or otherwise), and require you to not tell someone something, but cannot require you to tell them something that is a lie.

AFAIK, Lavabit was forced to not disclose something to their customers, which fits in with what I said.

There are actually fairly important distinctions, legally, between different types of speech, and important legal distinctions between compelled speech and lack of disclosure. So you can't really paint all of these things with the same brush.

(note: The above is about the US, someone asked me privately, and I have no idea, about other countries)

[michaelt]

According to 18 USC § 2709 (C)(1) it is illegal to "disclose to any person" [1] you have received a National Security Letter. Likewise, the FISA court order used to gather all Verizon call data bars Verizon from disclosing its existence [2].

I don't have the legal expertise to say whether one would be forced to lie about it, and the legislation doesn't explicitly use the word lie. However, according to someone who received one and received legal advice: "Under the threat of criminal prosecution, I must hide all aspects of my involvement in the case -- including the mere fact that I received an NSL [...] When clients and friends ask me whether I am the one challenging the constitutionality of the NSL statute, I have no choice but to look them in the eye and lie." [3]

[1] http://www.law.cornell.edu/uscode/text/18/2709 [2] http://www.theguardian.com/world/2013/jun/06/nsa-phone-recor... [3] http://www.washingtonpost.com/wp-dyn/content/article/2007/03...

[DannyBee]

1. As I mentioned, non-disclosure is very different from compelled speech. Compelled accurate speech is even held to a different standard than compelled lies. I have the legal expertise to tell you they are different. :)

2. This person seems to have missed choice b: "Do not comment". They are not compelled to lie, by the very law you cite. They are only required not to disclose. No court has ever held this to mean "lie when asked", rather than "say nothing when asked". If the government went after someone for not saying anything, that would be ... a tough case.

3. I am happy to admit the distinction between compelled lying and non-disclosure is, for some people, no distinction at all, but the law does make such a distinction.

[chadwickthebold]

They could get attempt to fight the court orders in a court more open than the FISC? I'm not sure how this could practically be accomplished, but it would be a good first step towards protecting the rights of users, instead of blindly complying with court orders that Google would hopefully have some moral problems with. I always find it so fascinating that tech giants will lobby for increased access to their services worldwide, but not more secure services here at home.

[tptacek]

No they can't. They can fight the court order in FISC, but once the FISC process resolves, they will be required by law to honor the terms of the court order; they could then fight in other courts --- as I understand them to be doing to some extent --- but that would be a post-facto effort.