Feeds

Google cuts data deal with DoJ

Everyone's a winner

SANS - Survey on application security programs

In a 90-minute court hearing in San Jose, a Judge has said that Google must hand over some search data to the Department of Justice, but less than Federal lawyers had originally wanted. Judge James Ware said he'd produce a definitive written list shortly.

Google was fighting a subpoena from the US Department of Justice as part of its attempt to revive COPA, a Clinton-era anti-smut law, which was deemed unconstitutional by the Supreme Court three years ago. The probe had originally asked for a month's worth of search queries in anonymized form, and the URL of every website that robots from MSN Search, Yahoo!, AOL and Google trawled.

The request was narrowed in scope to a million random queries and a million random URLs. While Microsoft, AOL and Yahoo! complied, Google has fought the request, resulting in today's hearing.

Judge Ware said that the public needed to be safe in the "delusion ..." Sorry, we'll start that again. Judge Ware wanted to banish the "perception by the public that [Googling] is subject to government scrutiny."

Judge Ware said he also wanted to protect Google, should "a slew of trial attorneys and curious social scientists ... follow suit", with similar fishing expeditions. It's very difficult to picture roving gangs of sociologists, armed with criminal subpoenas, terrorizing internet companies - but they clearly exist in the Judge's imagination.

And it all added to the unreality of the event.

For the hearing today was a charade in several ways. Google and Justice department attorneys had already agreed on the scope of the data to be transferred, in private negotiations before today's hearing - for which the Judge complemented both parties.

So why hold it at all?

Because the hearing allows both parties to clean up their tarnished public reputations.

The DoJ's revised request is equivalent to what a visitor to the Googleplex can see displayed on a twenty-high foot electronic screen in its foyer. Philip Stark, a statistician at UCB who is preparing the data for the Feds, recently wrote, "The government seeks less information about queries than Google voluntarily publishes in Google Zeigteist" - a list of the most popular search queries. This information doesn't compromise anyone's privacy - not even Google's.

Meanwhile, with protestors taking to the streets to highlight the company's capitulation to the Chinese government's censorship requests - and some clumsy attempts of its own to grab the data on user's personal hard drives - Google can once again pose as the people's champion, standing up to authority.

The Feds, meanwhile, are embroiled in a data mining scandal which saw the National Security Agency, with the connivance of large telecoms operators, bypass Congress and the judiciary and in violation of the constitution, conduct secret, warrant-less surveillance operations on US citizens. The same DoJ argues that such operations are authorized by the Patriot Act - "under the authorization to use military force and his inherent authority as Commander-in-Chief in a time of war," as Attorney General Alberto Gonzales phrased it. This came as news to most representatives and judges.

The DoJ's Google request is so sweet and reasonable, and the "cause" so worthy, who but a raving privacy fanatic could possibly object?

Under the PATRIOT Act, Federal officials can undertake wide ranging data mining requests on Google's treasure trove of information. And not only is Google unable to refuse such requests - it can't even talk about them. ®

Top three mobile application threats

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.