Cyrus Farivar, Ars Technica:
While relatively few tech companies publicly disclose how many government requests they get, Google appears to be one of the few e-mail providers that is challenging law enforcement agencies to produce a warrant to access users’ e-mail.
I grump at Google’s ad-driven business practices for being at least indirectly invasive; it’s good to call them out in a positive way when they stand against something that’s directly invasive.
I’m not sure how many people know how low the legal standard for obtaining email actually is. The Electronic Communications Privacy Act only requires a subpoena, not a search warrant, for email that’s been on a server for more than 180 days, or if the email has been “opened” and is still on the server. This sounds Orwellian now, but it was written before the days of webmail and even IMAP—and when you only had a megabyte or two of space on the server in your “mail spool.” It was a (mostly) valid assumption that mail you’d read wouldn’t be left on the server, and that if it had been sitting there for six months it was the cyberspace equivalent of an abandoned post office box. The problem isn’t that ECPA was badly written, but that it didn’t keep up with technology—and now, of course, the problem is that some in law enforcement would like to keep this loophole open. Google is trying to keep it closed on their end.