The Justice Department is defending the government's refusal to discuss—or even acknowledge the existence of—any cooperative research and development agreement between Google and the National Security Agency.

The Washington based advocacy group Electronic Privacy Information Center sued in federal district court here to obtain documents about any such agreement between the Internet search giant and the security agency.

The NSA responded to the suit with a so-called “Glomar” response in which the agency said it could neither confirm nor deny whether any responsive records exist. U.S. District Judge Richard Leon in Washington sided with the government last July.

A three-judge panel of the U.S. Court of Appeals for the D.C. Circuit is scheduled to hear the dispute March 20.

EPIC filed a Freedom of Information Act request in early 2010, noting media reports at the time that the NSA and Google had agreed to a partnership following the cyber attacks in China that year against Google.

EPIC asked for, among other things, communication between the NSA and Google about Gmail and Google’s “decision to fail to routinely encrypt” messages before Jan. 13, 2010.

The NSA’s response to the request for records noted that the agency “works with a broad range of commercial partners and research associations” to ensure the availability of secure information systems. The agency, however, refused to confirm or deny any partnership with Google.

The security agency said it routinely monitors vulnerabilities in commercial technology and cryptographic products because the government relies heavily on private companies for word processing systems and e-mail software.

“If NSA determines that certain security vulnerabilities or malicious attacks pose a threat to U.S. government information systems, NSA may take action,” DOJ Civil Division lawyers Catherine Hancock and Douglas Letter said in a brief in the D.C. Circuit in January.

DOJ’s legal team said that acknowledging whether NSA and Google formed a partnership from a cyber attack would illuminate whether the government “considered the alleged attack to be of consequence for critical U.S. government information systems.”