Google Admits Handing over European User Data to US Intelligence Agencies

[Eugen Leitl]

http://news.softpedia.com/news/Google-Admits-Handing-over-European-User-Data-to-US-Intelligence-Agencies-215740.shtml

Google Admits Handing over European User Data to US Intelligence Agencies

Adjust text size:

August 8th, 2011, 15:43 GMT| By Lucian Constantin

Google admits sharing EU data with US government

Google has admitted complying with requests from US intelligence agencies for
data stored in its European data centers, most likely in violation of
European Union data protection laws.

Gordon Frazer, Microsoft UK's managing director, made news headlines some
weeks ago when he admitted that Microsoft can be compelled to share data with
the US government regardless of where it is hosted in the world.

At the center of this problem is the USA PATRIOT ACT, which states that
companies incorporated in the United States must hand over data administered
by their foreign subsidiaries if requested.

Not only that, but they can be forced to keep quiet about it in order to
avoid exposing active investigations and alert those targeted by the probes.

This situation poses a serious problem for companies like Microsoft, Google
or Amazon, which offer cloud services around the world, because their
subsidiaries must also respect local laws.

For example, European Union legislation requires companies to protect the
personal information of EU citizens and this is clearly not something that
Microsoft, Google, Amazon, or any of their EU customers can do.

This is not only a theoretical problem. According to German-language magazine
WirtschaftsWoche [Google translate], a Google spokesperson confirmed that the
company has complied with requests from US intelligence agencies for data
stored in its European data centers.

The situation is likely to spark an official inquiry from the European
Commission, with some members of the European Parliament already reacting to
the stories. It's hard to foresee what kind of solution can be found at this
point, but one thing's clear - US-based cloud providers operating in EU can
be forced to break the law. European companies and government agencies that
are using their services are also in a tough position.