The revelations of a leak investigation started in the Trump administration are a reminder that Big Tech companies often hand over information about their users.
June 14, 2021, 6:57 p.m. ET
The Justice Department, starting in the early days of the Trump administration, secretly sought data from some of the biggest tech companies about journalists, Democratic lawmakers and White House officials as part of wide-ranging investigations into leaks and other matters, The New York Times reported last week.
The revelations, which put the companies in the middle of a clash over the Trump administration’s efforts to find the sources of news coverage, raised questions about what sorts of data tech companies collect on their users, and how much of it is accessible to law enforcement authorities.
Here’s a rundown:
What data do the big tech companies collect and store about their users?
All sorts. Beyond basic data like users’ names, addresses and contact information, tech companies like Google, Apple, Microsoft and Facebook also often have access to the contents of their users’ emails, text messages, call logs, photos, videos, documents, contact lists and calendars.
Is all of that data available to law enforcement?
Most of it is. But which data law enforcement can get depends on the sort of request they make.
Perhaps the most common and basic request is a subpoena. U.S. government agencies and prosecutors can often issue subpoenas without approval from a judge, and lawyers can issue them as part of open court cases. Subpoenas are often used to cast a wide net for basic information that can help build a case and provide evidence needed to issue more powerful requests.
With subpoenas, the authorities typically can get basic user data from tech companies, such as when an account was opened; the account holder’s name, address, email address and billing information; and a user’s internet-protocol or IP address. That can show their approximate location when the address was recorded.
The Justice Department subpoenas sought phone records. What about that sort of data?
Investigators often also seek logs of calls, text messages and emails. Such logs include details on who sent and received a call or message and when. Obtaining such data sometimes requires a higher-level request, such as a court order, which is issued by a judge.
The Justice Department used a court order to seek email logs from Google for four New York Times reporters as part of its investigation into leaks of classified information several years ago. The Times successfully resisted the order after Google informed it of the request.
In late 2017 and early 2018, the Justice Department also requested call records, as well as other basic information, from Apple and Microsoft related to people who work in Congress.
Apple and Microsoft complied with those subpoenas in part, but the companies did not send any call records to the Justice Department, according to two people familiar with the companies’ responses.
Apple said that it turned over call records only when the authorities have a warrant and that in 2019 it stopped collecting call logs.
Law enforcement officials are more likely to obtain call logs from telecommunications companies like Verizon and AT&T.
What can the authorities get with a warrant?
A warrant is a much more powerful investigative tool and can yield all sorts of sensitive, private data about tech companies’ users.
Investigators can get a warrant by submitting an application to a judge that lays out evidence suggesting the subject of the warrant committed a crime. The judge can then issue the warrant for specific information.
With a warrant, officials can get access to far more data than with a subpoena, including the contents of emails, text messages, photos, documents, calendars and contact lists.
Apple, Google and Microsoft store such data on their servers as part of their cloud services for consumers. Those cloud services are frequently used by customers to retrieve information if a phone needs to be replaced.
Facebook also turns over similar private information to authorities with warrants, including messages, photos, videos, posts and location data, it said.
Law enforcement authorities can also use warrants in other ways. Police have issued warrants to Google for any devices that were near where a crime was committed.
The companies say they sometimes work with law enforcement officials to narrow their requests so the companies turn over only information that is relevant to a case.
How often do the authorities obtain such data from the tech companies?
Apple said that in the first half of 2020, the latest period available, it received more than 5,850 requests from U.S. authorities for data related to 18,600 accounts. It turned over basic data in 43 percent of those requests and actual content data, such as emails or photos, in 44 percent of requests.
Microsoft said that it received 5,500 requests from U.S. law enforcement over the same period, covering 17,700 accounts, and that it turned over basic data to 54 percent of requests and content to 15 percent of requests.
Google said that it received 39,500 requests in the United States over that period, covering nearly 84,700 accounts, and that it turned over some data in 83 percent of the cases. Google did not break down the percentage of requests in which it turned over basic data versus content, but it said that 39 percent of the requests were subpoenas while half were search warrants.
Facebook said that it received 61,500 requests in the United States over the period, covering 106,100 accounts, and that it turned over some data to 88 percent of the requests. The company said it received 38,850 warrants and complied with 89 percent of them over the period, and 10,250 subpoenas and complied with 85 percent.
In these cases, U.S. authorities include any federal, state or local law enforcement office.
Do the companies ever resist these requests?
Yes. The companies say they sometimes push back on subpoenas, court orders and warrants if they believe the officials lack appropriate legal authority or if the requests are too broad.
In response to requests from U.S. authorities in the first half of 2020, Apple said it challenged 4 percent of requests and Microsoft said it rejected 15 percent. Google and Facebook did not disclose how often they challenged requests.
Is any data off-limits?
Yes. Tech companies — and law enforcement officials — can’t access data that is end-to-end encrypted. Such encryption means that only the account owner, or the sender and receiver of a message, can see the contents of the information.
For Apple, iMessages, which are text messages sent between two iPhones, as well as FaceTime calls are end-to-end encrypted. Still, if a user backs up their text messages to Apple’s iCloud service, iMessages then become accessible to Apple and can be turned over to the authorities with a warrant.
Apple’s iPhones and some Android smartphones are also encrypted, which has at times led to fights with the F.B.I. over access to criminals’ devices. But law enforcement authorities across the country also regularly use tools that can effectively hack into phones and extract their data.