Apple, Google, and Meta Handed Over 3 Million User Accounts to U.S. Authorities

The Numbers

Research published by Proton analyzed transparency reports from Apple, Google, and Meta spanning from late 2014 to early 2024. The findings are stark: these three companies handed over data from 3.16 million user accounts to U.S. law enforcement in that period. When Foreign Intelligence Surveillance Act (FISA) orders are included, the total reaches 6.9 million.

The growth rate is what stands out. Government data requests have increased by 770% overall since companies began publishing transparency reports. The breakdown by company:

• Apple: 621% increase in disclosed accounts
• Meta: 675% increase in disclosed accounts
• Google: 530% increase in disclosed accounts

In the first half of 2024 alone, nearly 500,000 data requests were made by the U.S. government to Google and Meta, exceeding all other Five Eyes and 14 Eyes alliance member nations combined.

FISA Surveillance Is Accelerating Fastest

The most dramatic increases are in FISA content requests, the secret court orders that compel companies to hand over the actual contents of communications, not just metadata.

• Meta: FISA content requests increased 2,171% since 2014
• Google: FISA content requests increased 594% since 2014
• Apple: FISA content requests increased 274% since 2018 (earlier data not published)

These are not metadata requests for subscriber names and IP addresses. FISA content orders can compel companies to hand over the full text of messages, emails, photos, files, and other stored communications. The 2,171% surge at Meta means the U.S. government is reading far more Facebook and Instagram messages today than it was a decade ago.

FISA Section 702 Expires April 20

This data arrives at a critical moment. Section 702 of FISA, the legal authority that permits warrantless surveillance of foreign targets' communications (which routinely sweeps up Americans' data in the process), is set to expire on April 20, 2026.

The FBI has used Section 702 collected data to search for communications of Black Lives Matter protestors, U.S. government officials, journalists, political commentators, and 19,000 donors to a single congressional campaign, according to declassified court opinions. A bipartisan reform bill, the Government Surveillance Reform Act, has been introduced but faces an uncertain path to passage.

We covered the last FISA 702 reauthorization, which passed without meaningful reform. The same dynamic may play out again: expiration deadline pressure used to push through a clean extension rather than adding warrant requirements or other safeguards.

Europe Is Following the Same Path

The trend is not uniquely American. EU government data requests to Apple, Google, and Meta have increased by 1,377% over the same period. Germany leads with 77,000 accounts requested in the second half of 2024 alone, a 2,484% increase from roughly 3,000 accounts in late 2014. France follows with approximately 26,000 accounts per reporting period.

The expansion of government surveillance infrastructure on both sides of the Atlantic suggests this is a structural trend, not a policy anomaly. As more of daily life moves onto platforms controlled by a few companies, the incentive and capability for governments to demand access to that data grows in lockstep.

Why Compliance Rates Matter

Apple, Google, and Meta comply with between 80% and 90% of U.S. government data requests. That compliance rate has remained remarkably stable even as the volume has surged. These companies are not meaningfully pushing back on the requests themselves; they are processing more of them, faster, at scale.

As Proton's analysis puts it: if a company holds the keys to your data, it can read your data. And if it can read your data, it can be compelled to hand it over. The architecture of centralized data collection is itself a surveillance enabler, regardless of any individual company's privacy policies or stated intentions.

What You Can Do

• Use end to end encrypted services. Messages sent through Signal or services with zero access encryption cannot be read by the provider, making them impossible to hand over even under a court order.
• Minimize data stored on centralized platforms. The less data Google, Meta, and Apple hold about you, the less there is to disclose. Review what each service stores and delete what you do not need.
• Understand metadata. Even encrypted communications generate metadata: who contacted whom, when, and from where. Metadata is often disclosed even when content is protected, and it can reveal as much about your life as the messages themselves. Read more about how government apps track your metadata.
• Support reform efforts. The FISA Section 702 reauthorization debate is happening now. Organizations like the EFF and ACLU are tracking the legislation and providing resources for contacting representatives.

The Bigger Picture

A 770% increase over a decade is not a sudden change. It is the steady expansion of a surveillance apparatus that grows with each new platform, each new data type, and each new legal precedent. The infrastructure exists. The legal authorities exist. The compliance mechanisms exist. The only variable is scale, and scale is going in one direction.

What these numbers reveal is not a conspiracy but a system operating exactly as designed. Governments request data because they can. Companies hand it over because they must. And users remain largely unaware of the volume because transparency reports are published in formats that most people never read.

Proton's analysis serves as a reminder that privacy is not a feature that exists by default on platforms built around data collection. It requires deliberate choices about which services you use, how much data you share, and what technical protections you put in place.