Exclusive: in some cases Google did not necessarily ban users who were often threatening violence or expressing extremist views
By Kenzo Tribouillard
A little-known investigative unit inside search giant Google regularly forwarded detailed personal information on the company’s users to members of a counter-terrorist fusion center in California’s Bay Area, according to leaked documents reviewed by the Guardian.
But checking the documents against Google’s platforms reveals that in some cases Google did not necessarily ban the users they reported to the authorities, and some still have accounts on YouTube, Gmail and other services.
The users were often threatening violence or otherwise expressing extremist views, often associated with the far right.
The documents come from the so-called “Blueleaks” trove, which hackers acquired from the servers of a hosting company in Texas which had been used by several law enforcement agencies. It contains hundreds of thousands of documents from more than 200 agencies, dated between 1996 and June 2020.Advertisement
The leak has been authenticated by cybersecurity experts.
The Google documents containing subscriber information are signed by the company’s CyberCrime Investigation Group (CIG). CIG has been mentioned in coverage of criminal proceedings based on their reports, but its raw output to law enforcement agencies has never been exposed to public view.
In the Blueleaks trove, the documents are associated with the Northern California Regional Intelligence Center, part of a nationwide network of fusion centers, which were created after 9/11 to facilitate information sharing between state, federal, local and tribal law enforcement agencies.
Steven Renderos, executive director of MediaJustice, a nonprofit campaigning for a more just and participatory media wrote in an email: “In a moment of reckoning on the failure of police to keep people safe, it is reckless for Google to hand off private user information to law enforcement.”
Renderos added: “While the prevalence of hateful activities across Google owned platforms is a real problem, deflecting responsibility to police is not the solution.”
The Google documents retained by NCRIC highlight the activities of individual users, providing detailed subscriber information, which often includes real names, street addresses, credit card numbers, Gmail and recovery email addresses, YouTube channel addresses and the time and IP addresses of recent logins.
Many of the documents also include copies of comments users have made on Google services like YouTube.
One user whose comments Google passed onto police appeared to threaten racist and terrorist violence.
On a now-deleted video on the mass shootings in El Paso and Dayton by Canadian white nationalist, Stefan Molyneux (whose channel YouTube has now banned), the user wrote: “Hi guys, i need your help, i cant help but look at those shooters and think, that could be me.
I watch Stefan, and black pilled and many others on the right. I think i should do the same thing they are doing.”
The user then went on to discuss methods of making explosive devices.
But the same user also discussed making explosives in other comments which were still visible on YouTube at the time of reporting, along with the user’s account.
On a video alleging acts of brutality by local police, the user appended comments urging others to “kill them, when you go to trial i wouldn’t find you guilty for shooting these criminals. Kill them all”.
According to Google’s reports, the same user appended racial slurs to videos reporting crimes which Google has since removed.
A second user who still has an account on the site made threats of racist and anti-police violence on a number of videos.
On a video of an incident where police appear to run a woman down with their car in Tulsa, Oklahoma, the second user writes, “Thats vehicular homicide. Need to walk into his house inhis sleep amd shoot his children” (sic).
On another video, a report from Russian outlet RT on the coronavirus, the same user writes: “I want the name of the Asian doctor that let the coronavirus outbreak happen. Im going to shoot his daughter in the face”.
Google also reported three videos by a third user – who is identified by name, address, phone number, email address, IP address and alternate account – all of which remain on YouTube.
The reports contain detailed descriptions of the three videos, including “At around 1:10, the words ‘Muskets would be glowing RED” appear on the screen.
Assault weapons are visible in the background. At 3:28, subject asks: “Where is your line in the sand? When is enough, enough?’”, and “Video is titled ‘A Toast to the Few & the BooGaLoo.’”
While many of the comments appear to threaten other users, law enforcement, or Google employees, and many of the users appear to share far right extremist ideologies, many of those users and their comments remain on Google’s services.
Other users are identified by more sophisticated methods, and while some are banned from YouTube, they appear to retain access to other Google services.
One user was identified by matching two separate Gmail addresses to a single Android device, which yielded the user’s name, age, address and phone number.
That user had posted YouTube comments making anti-Jewish comments, praising white supremacist terrorists, including mass killers, and suggesting he may emulate them.
But the report indicates that the user still has two Gmail accounts.
While many of the reports sent by Google feature violent or racist threats, some are more indicative of thoughts of suicide or self harm, or simply mental distress.
Google did not immediately respond to detailed questions about its reporting system, user privacy and the company’s relationship to law enforcement.
Mike Sena, the Executive Director of NCRIC, said in a telephone conversation that the Google reports came through a common reporting facility on the site’s front page that “the public, law enforcement, and any other organization” can use to pass information to the fusion center.
Asked about how such reports are used, Sena said that any action from reliable reports “is usually in the form of a welfare check”, and that “our role is to find the best resources to help that person”.
Sena said that reports that meet criteria like reliability “in triage” are stored for 12 months.
But equality and privacy advocates were concerned about Google’s role in voluntarily passing on user data to law enforcement.
Saira Hussein, a staff attorney at the Electronic Frontiers Foundation, said in a phone conversation that EFF was concerned about the “vast amounts of user data” Google appeared to be voluntarily passing on to law enforcement, but questioned Google’s goal in doing so extremist views.
“Are they expecting law enforcement to do something, or is this just a way of covering themselves? Does Google see its responsibility as simply reporting this to law enforcement and moving on?” Hussein said.
Originally published at The guardian