Amazon Transparency Report Shows Few Requests For User Data

Amazon has released its first transparency report, and for a company as large as Amazon, there is surprisingly little in the way of detail or explanation in the report.

The company reported that it received 813 subpoenas, 25 search warrants, and 0-249 national security requests. Of the 813 subpoenas Amazon received in the first five months of 2015, the company responded with full or partial data in 668 of those cases. And of the 25 search warrants Amazon received, it provided some or all of the requested data in 21 cases.

Unlike many other Web companies that publish transparency reports, Amazon did not provide much in the way of context for its data and only lumped its requests into two categories: requests from United State law enforcement agencies and requests from non-U.S. agencies. Amazon received 132 requests from non-U.S. agencies between Jan. 1 and May 31 of this year.

The company said it received 0-249 national security requests, which it says comprise National Security Letters and other orders issued by the Foreign Intelligence Surveillance Court. That range is the smallest one that the federal government allows companies to report.

“National security requests include National Security Letters (‘NSLs’) and court orders issued under the Foreign Intelligence Surveillance Act (‘FISA’). Our responses to these requests depend on the nature of the request. Amazon objects to overbroad or otherwise inappropriate national security requests as a matter of course. Amazon is prohibited by law from reporting the exact number of NSLs and FISA orders it receives. Therefore we report the numbers of such requests only within certain ranges set by the government,” the company said in its report.

One of the few interesting tidbits in the Amazon report is the way that the company defines content and non-content information. Companies respond to various requests in different ways, and in some cases, they will respond to them without turning over data that is part of a user’s account. That is a non-content response. However, in its report, Amazon says that its non-content responses may include some customer purchase information.

“‘Non-content’ information means subscriber information such as name, address, email address, billing information, date of account creation, and certain purchase history and service usage information,” Amazon said in its report.

 

Suggested articles

Discussion

  • Aaron on

    ha, that's because the NSA already owns the infrastructure, they don't need to request data :)
07/16/18 7:00
Deceased patient data is being sold on the Dark Web: https://t.co/UMQkYI9qKk

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.