Seven hundred and seventy percent.

That’s how much US government requests for your data have increased over the past decade, according to a new report from Proton published in April 2026. The research analyzed public transparency reports from Apple, Google, and Meta — and the number isn’t just large. It tells a story about the quiet normalization of government access to the most intimate details of your digital life.

In 2014, government data requests were a relatively rare occurrence. By 2024, they had become industrial-scale routine. More than 3.5 million accounts have been shared with the US federal government through disclosed transparency requests alone. When FISA requests — the classified ones — are included, that number jumps to 6.7 million accounts.

For context: 6.7 million is more than the entire population of Denmark.

The Company-by-Company Breakdown

Proton’s researchers analyzed transparency reports going back to 2014 across the three largest data holders:

Apple: Disclosed accounts jumped 927% — nearly a tenfold increase in a decade.

Google: Accounts shared with government up 557%.

Meta (Facebook, Instagram, WhatsApp): Up 668%.

These are the numbers the companies chose to publish. What they don’t fully capture is the classified FISA tier — and that’s where the numbers get more disturbing.

FISA content requests soared by 2,486% at Meta between 2014 and 2024. At Google, the increase was 649%. These aren’t legal orders the companies can tell you about in real time — FISA requests come with gag orders, meaning the company can’t notify the user whose data was handed over.

What Is a “Government Data Request”?

The term sounds abstract, but it represents something specific: law enforcement or intelligence agencies asking a tech company to hand over information about a user without that user’s knowledge.

There are several flavors:

Subpoenas and court orders — The most common. Law enforcement submits a legal demand for account records. This typically captures metadata: login timestamps, IP addresses, device information, account details.

Search warrants — Higher legal threshold, but grants access to content: actual messages, emails, photos, posts.

National Security Letters (NSLs) — FBI-issued administrative subpoenas that require no judicial approval and come with a permanent gag order. The recipient cannot tell anyone they received one.

FISA orders — Issued by the Foreign Intelligence Surveillance Court, a secret court. FISA requests can compel disclosure of content. The targets don’t know. The public doesn’t know until years later (if ever), through transparency statistics.

The 3.5 million disclosed accounts figure comes from the first two categories. The 6.7 million figure adds in FISA. The full picture — including NSLs, which are only partially disclosed — is larger still.

What Kind of Data Gets Handed Over?

The answer depends on the type of request, but can include:

  • Who you communicate with (contact lists, follower/following relationships)
  • When you were active (login timestamps, session durations)
  • Where you were (location data attached to posts, check-ins, IP geolocation)
  • What you searched for (search history if on Google, Bing, or similar)
  • What you said (actual message content under search warrant or FISA)
  • Who you are (name, email, phone, payment methods attached to account)

Meta’s platforms — Facebook, Instagram, and WhatsApp — present a particular risk because they hold all of these simultaneously, across platforms that span your professional life, personal relationships, and private conversations.

The “Soaring” Problem

The 770% increase is not simply a reflection of a growing internet. The US population didn’t increase 770% in ten years. The number of criminal investigations didn’t grow nearly that fast. What grew is the normalization of requesting data, the reduction of barriers to doing so, and the expansion of what counts as investigable.

Privacy advocates have raised three specific concerns:

1. Scope creep — What began as a tool for investigating serious crimes is now routinely used for immigration enforcement, civil investigations, and — in some documented cases — monitoring of political activists and journalists.

2. Incidental collection — When the government requests data on a target, it often receives information about everyone that person communicated with. Those people haven’t been investigated. They haven’t been notified. Their data is now in a federal database.

3. Retention and reuse — Once obtained, data doesn’t disappear. There are minimal legal constraints on how long collected data can be retained or how it can be used in future investigations unrelated to the original request.

The FISA Problem Within the Problem

Of the 6.7 million accounts, roughly half are in FISA territory — meaning they’re classified, the subjects can never be told, and the oversight is conducted by a court that has approved the vast majority of requests it has received throughout its history.

Section 702 of FISA — currently the subject of a fierce congressional renewal fight — allows the government to collect communications of foreign nationals located outside the US. But if those foreign nationals communicate with Americans, the Americans’ data gets swept in too. No warrant. No individualized judicial approval.

The program currently covers nearly 350,000 targets. Each of those targets communicates with multiple Americans. The math compounds quickly.

What the Companies Say

The tech companies do publish transparency reports — that’s how Proton compiled this data. Apple, Google, and Meta all have legal teams that push back on overbroad requests, and all three companies have fought some government demands in court.

But transparency reports are a lagging indicator. They tell you what happened last year. They don’t tell you what’s being requested today, and they don’t cover the classified tier at all until years later, in aggregate statistics that strip out all identifying information.

The companies are also in a structurally compromised position: they hold the data, the government wants the data, and their ability to push back is limited by law. Refusing a valid legal order isn’t an option.

The Practical Privacy Calculus

If you use any major US tech platform — Apple, Google, Meta, Microsoft, Amazon — your data is potentially accessible to the US government through legal process. The question isn’t whether the channels exist. They do. The question is whether you’re doing anything to limit what’s accessible.

Practical steps that actually matter:

Use end-to-end encrypted messaging. Signal, for example, cannot hand over message content because it doesn’t have it. When the government subpoenaed Signal in 2021, Signal could only provide two pieces of data: the date an account was created and the date it last connected to Signal’s servers. That’s it.

Turn on disappearing messages. Even in apps with encryption, if messages persist indefinitely, they’re there to be served with a warrant. Set messages to expire.

Understand that metadata is content. Even if a company can only produce metadata — who you called, when, for how long — that data reveals an extraordinary amount about your life, relationships, health, and beliefs.

Be skeptical of “private” features. Story views. Disappearing posts. Archive features. These exist on company servers unless specifically deleted, and deletion doesn’t guarantee it’s gone from backups.

The 770% figure represents a decade-long trend that has not reversed. There is no sign it will. The tools that protect your privacy need to be built into your digital life now — not after something goes wrong.