For those curious, the spike in National Security takedown requests in 2016-2017 seems to have been largely driven by requests from the Russian government (which have since petered out), not the United States.
Somewhat interestingly, the biggest takedown requests in the U.S. seems to be due defamation lawsuits, and they come from the judicial (not executive) branch.
And for email that's only looking for Opportunistic Encryption.
On the deliver-to-Google side that's only checking if they bothered doing TLS, and doesn't try to guess whether they'd fall back to insecure delivery if it was blocked, whether they check certificates, whether they allow archaic old ciphersuites and other configuration that's unsafe or anything like that.
On the accept-mail-from-Google side that's not penalising them if they don't have plausibly trustworthy certificates, or they don't speak any modern ciphersuites or protocol versions, only if they literally can't accept TLS.
Google offers an envelope versus postcard analogy, and that's exactly appropriate. Opportunistic encryption, like the envelope, means probably a postal delivery worker didn't bother reading your letter, it'd be a hassle. But anyone who is in the snooping business, like an intelligence agency or a direct adversary, OE doesn't stop them.
It seems very poorly written to me and more likely to confuse the lay audience it appears to be aimed at. If you read it carefully, you can see where it neatly checks off the things a technical person might complain about but the overall impression it gives is that encryption is something like forest fires or vaccinations, requiring a universal effort. The actual privacy implications are not really explained.
The political advertising section is fascinating. You can see exactly what ads each entity ran, when, and how many impressions they received. Surprising to see the GOP dominate the spending overall!
I think it's kind of funny that China has tried to get over 10,000 items removed, with the majority of government takedown requests happening in the past two years it seems[0], given that Google is officially banned in the country.
archgoon|6 years ago
https://transparencyreport.google.com/government-removals/by...
Somewhat interestingly, the biggest takedown requests in the U.S. seems to be due defamation lawsuits, and they come from the judicial (not executive) branch.
https://transparencyreport.google.com/government-removals/by...
Not sure what to make of this; but it's interesting. :)
judge2020|6 years ago
0: https://transparencyreport.google.com/safer-email/overview?h...
tialaramex|6 years ago
On the deliver-to-Google side that's only checking if they bothered doing TLS, and doesn't try to guess whether they'd fall back to insecure delivery if it was blocked, whether they check certificates, whether they allow archaic old ciphersuites and other configuration that's unsafe or anything like that.
On the accept-mail-from-Google side that's not penalising them if they don't have plausibly trustworthy certificates, or they don't speak any modern ciphersuites or protocol versions, only if they literally can't accept TLS.
Google offers an envelope versus postcard analogy, and that's exactly appropriate. Opportunistic encryption, like the envelope, means probably a postal delivery worker didn't bother reading your letter, it'd be a hassle. But anyone who is in the snooping business, like an intelligence agency or a direct adversary, OE doesn't stop them.
nwellnhof|6 years ago
pvg|6 years ago
gundmc|6 years ago
I could spend hours here.
hadrien01|6 years ago
Edit: It's far from perfect; if you filter by France you get only belgian, german, and spanish advertising.
lawrenceyan|6 years ago
[0]: https://transparencyreport.google.com/government-removals/by...
lern_too_spel|6 years ago
ypcx|6 years ago
joeblau|6 years ago