Here’s What a Google Subpoena Response Looks Like, Courtesy of the Epstein Files
Last month, the The Justice Department has released more than 3 million documents related to convicted sex offender Jeffrey Epstein. While the releases shed light on Epstein’s social circle and activities, they also provide a rare window into the inner workings of a federal investigation, including how tech companies like Google respond to government requests for information.
WIRED found several grand jury subpoenas issued to Google in the DOJ’s most recent release, as well as files that appear to be Google-produced data on specific users and letters on Google letterhead responding to specific subpoena requests.
Google declined to comment on the specific documents included in the releases, but spokeswoman Katelin Jabbari said in a written statement that the company’s “processes for handling law enforcement requests are designed to protect user privacy while meeting our legal obligations. We review all legal requests for legal validity, and object to those that are overbroad, including objecting to some altogether.”
The documents show how much the government sometimes tries to obtain without a judge’s approval, how Google pushes back on requests that it says go beyond what is required by law, and what types of information the company has provided about its users.
Secret by design
Subpoenas are normally shrouded in secrecy. A 2019 letter signed by the then-U.S. Attorney for the Southern District of New York and addressed to Google’s legal department legally barred the company from revealing the existence of the letter to Ghislaine Maxwell, Epstein’s co-conspirator, the subject of the subpoena, for 180 days from the date of the order. The letter also asked Google to alert prosecutors if it planned to notify Maxwell of the order’s existence after the 180-day deadline expired, “in case the investigation remains ongoing and the order needs to be renewed.”
Even when the law doesn’t require it, prosecutors have asked for Google’s silence. A 2018 letter asking Google to preserve all emails (including those in draft and trash folders) and Google Drive content associated with four Gmail accounts also asked Google not to disclose the existence of the letter to anyone, including the people who own the accounts. The letter also asked Google to notify federal prosecutors if the company intended to make a disclosure, so prosecutors could “obtain a nondisclosure order if necessary.”
It is unclear whether Google notified account holders of the redacted emails after the 180-day period outlined in the 2019 letter expired. Google’s Privacy and Terms state that when it receives a request from a government agency, it will send an email about that request before disclosing that information, unless prohibited by law.
Back to basics
Many of the files included in Epstein’s dumps were titled “GOOGLE SUBSCRIBER INFORMATION” and contained the account name, recovery email address and phone numbers, Google services the account can access, the date the account was created, the “Terms of Service” IP address, and a log of IP address activity.
Mario Trujillo, senior attorney at the Electronic Frontier Foundation, says subscriber information requires government access to the lowest legal bar under the Stored Communications Act, a 1980s law that lays out many rules about the type of information the government can access from electronic service providers like Google.
While certain types of information, such as emails contentrequire a search warrant under the law, “at the opposite end of the spectrum is basic subscriber information,” Trujillo says. The law explicitly allows the government to obtain this information with a simple subpoena, which does not necessarily require judicial approval.
