Most of us share and store huge amounts of personal data online, from our names and addresses to photos of our loved ones. In many ways, firms like Apple, Google, and Meta are the gatekeepers of this sensitive information. But what happens when the authorities come knocking? It appears that Silicon Valley often rolls over and complies.
Over the last 10 years, Apple, Google, and Meta have handed over data on 3.1 million accounts to the US government, according to a new report by Swiss software company Proton.
The number of times officials have requested user data from Big Tech has skyrocketed by an average of 600% over the same timeframe, Proton found. Meta’s data sharing surged by 675%, marking the largest increase, followed by Apple at 621% and Google at 530%.
Apple, Google, and Meta comply with between 80-90% of US government data requests, according to Proton. This potentially includes handing over user emails, files, messages, and other highly personal information.
While data requests also saw an uptick from countries including Germany, France, and the UK, the US took the lion’s share.
“All that’s required for the government to find out just about everything it could ever need is a request message to Big Tech in California,” said Raphael Auphan, COO of Proton. “And as long as Big Tech refuses to implement widespread end-to-end encryption, these massive, private data reserves will remain open to abuse.”
Government desires for data
Proton — best known for its products ProtonMail, ProtonVPN, and ProtonDrive — has long positioned itself as a privacy-first alternative to Big Tech firms. However, the company also complies with its fair share of government requests for user data.
According to Proton’s own transparency report, it received 13 data requests from Swiss authorities back in 2017, soaring to 6,378 by 2024. Of those, it complied with 5,971 of the requests. That’s 93% — higher than the Big Tech companies highlighted in the new report.
However, unlike Silicon Valley’s giants, Proton encrypts emails, files, and VPN traffic in a way that even the company itself cannot read or access. So, even if authorities demand data, there’s very little it can provide.
“In no circumstances can we share emails, files, contact lists, calendar entries or other personal content,” a Proton spokesperson told TNW. “We cannot share what we do not have.”
Moreover, Proton operates under strict Swiss privacy laws, which means foreign governments cannot request data from it without first going through Swiss courts, adding an extra layer of security for users.
But under specific circumstances, the company can hand over metadata about the account, including IP address, email address, and recipient emails.
“Proton is dedicated to protecting user privacy but that does not mean it’s a safe haven for illegal activity,” the spokesperson said. “Proton is subject to national laws and has legal obligations, to which we are obliged to comply unless we have legal grounds to contest, which does not happen very often in Switzerland.”