This is a court-authorized search warrant authorized by a aitting judge. It doesn't get any more legal than that, and it's Google or any other company's legal duty to comply.
It certainly can get more legal than that -- Google (or the target, if they somehow found out) could appeal against the warrant, which would result in another round in the courts.
More optimally Google could decline to collect this information and would thereby be immune to any such requests.
When it comes to Gmail they could take an approach like password managers where the user's password is instrumental to decrypt the data and Google lacks any manner to circumvent the encryption - they just choose not to.
I would be all for Google not collecting this info -- that's what I've always done in my startups. Privacy by design is a great thing.
However, my point was that the comment I replied to was factually wrong -- there is legal action Google could choose to take instead of immediately complying.
I agree and didn't mean to directly go against what you said - but I wanted to make sure it's highlighted and known that Google exposed themselves to this risk voluntarily.
