The First Amendment applies to everyone on US soil, not just citizens. That’s settled law. The government can revoke visas for legitimate immigration violations, but it’s not allowed to use immigration machinery as a pretext to punish political expression. That’s exactly what they are doing. It looks like the courts will eventually put an end to this [0] but it won’t reverse the damage that’s already been done.
I’m generally receptive to point the finger at Google’s intentions but in their defense, administrative subpoenas frequently include non disclosure orders. Google’s own transparency policies have always carved out (industry standard) exceptions for cases where they’re legally prohibited from notifying.
Technically incorrect, Supreme Court precedent has held that aliens are entitled to lesser First Amendment protections while seeking to enter the United States. You could be on US Soil (i.e. entering customs at an airport) and those protections don't apply.
The person in question said he was in Geneva when he received the email from Google. Therefore is a non-US citizen residing outside the country entitled to 1A protections for something they said or did while in the US? I'm not expressing an opinion but I wouldn't take that statement as legal advice.
>We won’t give notice when legally prohibited under the terms of the request.
The post states that his lawyer has reviewed the subpoena, but doesn't mention whether or not it contained a non-disclosure order. That's an important detail to address if the claim is that Google acted against its own policy.
weird everyone's focusing on privacy and google.... Not the actual insanity of a government targeting people who are legally allowed to be in the US.
You can try to find a way to keep things private, and many of the people on HN likely have the capability to do so. But hiding from your government because they are weaponizing your information against you seems to be the wrong approach. I just don't understand the American people just rolling over and letting their country / rights / freedoms just be obliterated.
I still don't understand. Who gave ICE such power, and who is ordering them to do all this? To me, ICE's actions are similar to those of a private army.
> While ICE “requested” that Google not notify Thomas Johnson, the request was not enforceable or mandated by a court
Sounds like Google stopped caring.
But... Why on earth do the people filing an administrative subpoena not have to notify the interested parties too? Why is it Google's responsibility? If they didn't tell you, would you ever find out?
How was Amandla even identified? Stingray at the protest? Then how was the phone number linked to Google? Facial recognition at the protest? I guess his details are on file under terms of the visa? So then the government simply asks Google for all details on the individual by name? Either is pretty disturbing.
This story is the one that finally pushed me to leave google. I moved off my ~20 year old Google account and deleted everything off their services including almost a decade of Google photos. I cancelled my Google one subscription for extra space. I'm now self hosting what I can and paying proton mail for everything else. I refuse to allow a company that will hand over data at the request of an administrative warrant to hold my data.
Privacy, technology and actual freedom overlap massively. Stories like this making it to HN are important since many of the people working at Google that had interactions with this, either by creating the tech or being aware of internal policy changes, read HN. Additionally many founders and decision makers in companies read these stories because it hit HN. Knowing that Google will do this changes your legal calculations. Should I trust them to store my company's data? Will they honor their BAA requirements if they are ditching other promises they made?
People may be tired of seeing stories like this appear on HN, but getting this story exposure to this group is exactly why they need to hit the homepage.
Promises are broken, policies are changed and political regimes vary. You need to make sure that you consider the future and not just now. And that means NEVER handing your data over in the first place.
It's insane to trust a company in the way you trust a person. Companies can change their terms of service, their policies, or even their entire ownership or leadership at any time. We have seen over and over again that companies are seldom held accountable for even explicit breaches of prior agreements unless there's either collective action or someone very powerful affected. The only way to trust a company not to leak your data is for them not to have it. The only way to trust a company not to break their product or exploit you with it is for this not to be possible.
What exactly did the request for information say from DHS? What exactly was the reason for them to look for you specifically (certainly there are many others protesting)? Following up on that, how do others avoid something like this? What red flags should be avoided and how?
There may or may not be a solid answer for any of this. But this article feels like it's made for awareness, when it could also be made for action, with the right details included.
> That notice is meant to provide a chance to challenge the request.
That's the author's interpretation. The promise doesn't indicate anything of the sort (as of this writing). And users cannot challenge these requests -- users don't own the data (in the US). The promise is very clear that Google will provide the data, if the request is compliant.
Now the text of the notification was past tense, that the information was provided, whereas the promise is crystal clear that Google will notify before providing the info, but to me that could amount to a simplification of "we have verified that the request is legally compliant and will be providing the info to them in 250 ms".
Don't get me wrong, I'm not on Google's side. I'm a huge privacy nut. But the fix is to not give your info to Google, not trust that they will abide by any policy. Especially in a case like this where your freedom is at risk. Most people are completely unaware and unthinking but this guy seems that he was fully aware and placed his trust in Google.
Every time this happens the debate goes the same way — trust Google or don't, switch to Proton, self-host everything. But the real issue I believe isn't whether we trust Google. It's that the data existed somewhere it could be taken from in the first place.
I've been thinking about this a lot while working on a side project. I ended up making it work entirely offline — no server, no account, no network calls. Not out of paranoia, just because I couldn't come up with a good reason to ask users to trust me with their data. Turns out the best privacy policy is just not having anyone's data.
We could and should have better privacy laws, though foreigners will always be subject to less protection.
That said, a lot of this comes down to a failure in education around privacy and the cultural norm around folks thinking they have nothing to hide. The intuition most people have around privacy, and security, is incredibly poor.
This incident validates the opinion that for an US citizen, it's better to hand over his private data to a foreign (read Chinese) cloud company than a US one.
It's not just ICE that can abuse subpoena to get your data-- scammers and other fraudsters can file a federal lawsuit against a bunch of John Does and then run around issuing subponea for records to attempt to uncover their identities.
There appears to be no defense against this beyond not allowing companies access to your data in the first place.
The fact that they complied with an administrative subpoena makes it so much worse. "Administrative" anything essentially has about as much value as toilet paper unless it goes to court and the judge agrees with whatever agency wrote it.
Obama set the record for deportation. I wonder if ICE used similar methods when he was president. There might be a roadmap for digital invasion of privacy going back that far.
> ...he briefly attended a pro-Palestinian protest. In April 2025, Immigration and Customs Enforcement (ICE) sent Google an administrative subpoena requesting his data.
It's definitely important to fight all the key battles including against companies like Google, but the root of the problem is the government. I would suggest that it 's worse than any particular government. At a fundamental international level, we don't truly have a civil society. Things operate on a strategic and often criminal basis. And there is a strangely prevalent pervasiveness of ethnic hatred and tribalism. And a fundamental lack of respect for human life.
He was banned from the Cornell Campus for participating in a violent demonstration, inciting violence against Jews.
It's very much not clear whether he is in a legal right or not. And no other country besides Western liberal democracies would allow anything like this. Certainly many Muslim countries do not allow it.
As an aside, a pro-Palestinian African is a laugh. Do you think Palestinians give the slightest damn about black African's plight?
When visiting other countries never take part in protests. Avoid areas where protests are likely to occur, travel advisories sometimes explicitly point out areas. It is probably best to avoid anything political.
"In September 2024, Amandla Thomas-Johnson was a Ph.D. candidate studying in the U.S. on a student visa when he briefly attended a pro-Palestinian protest."
"You either die a hero or you live long enough to see yourself become the villain" - Larry Page, Sergey Brin, Eric Schmidt - chanting to each other after a round of ayahuasca.
It's fascinating to watch the absolute dishonesty/mental gymnastics of all the free speech absolutists who were crying that they could not say what they want on other people's platforms just a few years ago. Now they are justifying actions by the state (against whom the free speech protection was designed), with reasons like there were people at the protests who hurt a police officers feelings by shouting something mean. Let's remember this is the regime which pardoned people actively engaging in violence at the Capitol.
President Trump pressured House Republicans on Wednesday to extend a high-profile warrantless surveillance law without changes, declaring on social media: “I am willing to risk the giving up of my Rights and Privileges as a Citizen for our Great Military and Country!”
Mr. Trump urged the G.O.P. to “unify” behind Speaker Mike Johnson for a critical procedural vote that had been scheduled for late Wednesday night. The vote would clear the way for House approval of a bill extending a major section of the Foreign Intelligence Surveillance Act, or FISA. The law is set to expire on April 20.
The statute, known as Section 702, permits the government to collect the messages of foreigners abroad without a warrant from American companies like Google — even if the targets are communicating with Americans.
Unfortunately, "Google let the government have my private data" is right up there with "President Trump said one thing yesterday, and now he's saying the exact opposite" in the what-did-you-expect hall-of-fame.
I cannot find any promises in that document nor would I expect to find any. It's a policy not an agreement
At best, the policy contains "representations"
The author might claim he was deceived by misrepresentations, and this deception had consequences for him, amounting to measurable harm
But proving these statements about Google's internal operations are false is difficult. Proving Google's intent in making them is even more difficult
It's incorrect to interpret a "policy" comprising statements about what Google allegedly does internally as an agreement to do anything in the future
Promises can be enforced through the legal process. Generally, Silicon Valley's so-called "tech" companies do not make "promises" to users that can be enforced. Imagine what would happen if they did
765 comments
I’m generally receptive to point the finger at Google’s intentions but in their defense, administrative subpoenas frequently include non disclosure orders. Google’s own transparency policies have always carved out (industry standard) exceptions for cases where they’re legally prohibited from notifying.
[0] https://evrimagaci.org/gpt/judge-rebukes-trump-over-student-...
The person in question said he was in Geneva when he received the email from Google. Therefore is a non-US citizen residing outside the country entitled to 1A protections for something they said or did while in the US? I'm not expressing an opinion but I wouldn't take that statement as legal advice.
>We won’t give notice when legally prohibited under the terms of the request.
The post states that his lawyer has reviewed the subpoena, but doesn't mention whether or not it contained a non-disclosure order. That's an important detail to address if the claim is that Google acted against its own policy.
You can try to find a way to keep things private, and many of the people on HN likely have the capability to do so. But hiding from your government because they are weaponizing your information against you seems to be the wrong approach. I just don't understand the American people just rolling over and letting their country / rights / freedoms just be obliterated.
> While ICE “requested” that Google not notify Thomas Johnson, the request was not enforceable or mandated by a court
Sounds like Google stopped caring.
But... Why on earth do the people filing an administrative subpoena not have to notify the interested parties too? Why is it Google's responsibility? If they didn't tell you, would you ever find out?
https://www.theguardian.com/commentisfree/2025/oct/05/palest...
Everywhere you go, if your phone is in your pocket, you are being tracked and stored, and available to the government.
Everywhere your car goes, is tracked and stored and available to the government.
BTW, the J6 protesters were all tracked and identified by their cell phone data.
Now, please tell me that American companies are better at privacy than the Chinese ones.
Btw, some alternative email providers in truly democratic countries:
* ProtonMail (Switzerland)
* TutaMail, Posteo, Mailbox.org and Eclipso (Germany)
* Runbox (Norway)
* Mailfence (Belgium)
People may be tired of seeing stories like this appear on HN, but getting this story exposure to this group is exactly why they need to hit the homepage.
What exactly did the request for information say from DHS? What exactly was the reason for them to look for you specifically (certainly there are many others protesting)? Following up on that, how do others avoid something like this? What red flags should be avoided and how?
There may or may not be a solid answer for any of this. But this article feels like it's made for awareness, when it could also be made for action, with the right details included.
> That notice is meant to provide a chance to challenge the request.
That's the author's interpretation. The promise doesn't indicate anything of the sort (as of this writing). And users cannot challenge these requests -- users don't own the data (in the US). The promise is very clear that Google will provide the data, if the request is compliant.
Now the text of the notification was past tense, that the information was provided, whereas the promise is crystal clear that Google will notify before providing the info, but to me that could amount to a simplification of "we have verified that the request is legally compliant and will be providing the info to them in 250 ms".
Don't get me wrong, I'm not on Google's side. I'm a huge privacy nut. But the fix is to not give your info to Google, not trust that they will abide by any policy. Especially in a case like this where your freedom is at risk. Most people are completely unaware and unthinking but this guy seems that he was fully aware and placed his trust in Google.
I've been thinking about this a lot while working on a side project. I ended up making it work entirely offline — no server, no account, no network calls. Not out of paranoia, just because I couldn't come up with a good reason to ask users to trust me with their data. Turns out the best privacy policy is just not having anyone's data.
That said, a lot of this comes down to a failure in education around privacy and the cultural norm around folks thinking they have nothing to hide. The intuition most people have around privacy, and security, is incredibly poor.
> Am I now a marked individual? Will I face heightened scrutiny if I continue my reporting? Can I travel safely to see family in the Caribbean?
As difficult as it sounds, we need to wait this crazy dude out, and do our best Vance doesn't take over.
The Google policy he linked to says:
> We won’t give notice when legally prohibited under the terms of the request. We’ll provide notice after a legal prohibition is lifted.
There appears to be no defense against this beyond not allowing companies access to your data in the first place.
> ...he briefly attended a pro-Palestinian protest. In April 2025, Immigration and Customs Enforcement (ICE) sent Google an administrative subpoena requesting his data.
incredible.
Was that ever wrong?
It's very much not clear whether he is in a legal right or not. And no other country besides Western liberal democracies would allow anything like this. Certainly many Muslim countries do not allow it.
As an aside, a pro-Palestinian African is a laugh. Do you think Palestinians give the slightest damn about black African's plight?
"In September 2024, Amandla Thomas-Johnson was a Ph.D. candidate studying in the U.S. on a student visa when he briefly attended a pro-Palestinian protest."
> for breaking that promise
eff are a joke "they pinky swore!"
President Trump pressured House Republicans on Wednesday to extend a high-profile warrantless surveillance law without changes, declaring on social media: “I am willing to risk the giving up of my Rights and Privileges as a Citizen for our Great Military and Country!”
Mr. Trump urged the G.O.P. to “unify” behind Speaker Mike Johnson for a critical procedural vote that had been scheduled for late Wednesday night. The vote would clear the way for House approval of a bill extending a major section of the Foreign Intelligence Surveillance Act, or FISA. The law is set to expire on April 20.
The statute, known as Section 702, permits the government to collect the messages of foreigners abroad without a warrant from American companies like Google — even if the targets are communicating with Americans.
Take this as a warning.
https://policies.google.com/terms/information-requests?hl=en...
I cannot find any promises in that document nor would I expect to find any. It's a policy not an agreement
At best, the policy contains "representations"
The author might claim he was deceived by misrepresentations, and this deception had consequences for him, amounting to measurable harm
But proving these statements about Google's internal operations are false is difficult. Proving Google's intent in making them is even more difficult
It's incorrect to interpret a "policy" comprising statements about what Google allegedly does internally as an agreement to do anything in the future
Promises can be enforced through the legal process. Generally, Silicon Valley's so-called "tech" companies do not make "promises" to users that can be enforced. Imagine what would happen if they did