In its latest transparency report, CloudFlare says that the number of subpoenas it has received has remained steady since last year, but the volume of court orders has more than doubled since the second half of last year.
While much of the data from CloudFlare’s report for the first half of 2015 closely mirrors the data from the previous six months, the most noticeable change was in the number of court orders the company received. In the second half of 2014 CloudFlare received 24 court orders and in the first half of this year that number jumped to 50. Those 50 orders affected 96 total accounts and do not include things such as search warrants or trap and trace orders.
CloudFlare, which provides Web acceleration and security services, said in the report that the company is careful to ensure that any requests it receives from law enforcement are supported by the proper legal authority and that it has never taken down any content or terminated a customer at the request of law enforcement.
“CloudFlare’s approach to law enforcement requests is that we are supportive of their work; however, any request we receive must strictly adhere to the due process of law and be subject to judicial oversight. It is not CloudFlare’s intent to make law enforcement’s job harder, nor easier. We respect the work they do and appreciate their assistance in protecting the rights of our customers,” the report says.
“It is our policy to notify our customers of a subpoena or other legal process requesting their customer or billing information before disclosure of information. CloudFlare is not subject to foreign jurisdictions and only accepts requests in English from foreign law enforcement agencies that are issued via U.S. court either by way of a mutual legal assistance treaty (MLAT) or a letter rogatory. We received one MLAT request through the U.S. court system in the first half of 2015.”
As for other requests, CloudFlare said it received three search warrants and one pen register/trap and trace order in the first six months of this year. CloudFlare reported receiving 0-249 National Security Letters. The Justice Department limits companies to reporting NSLs in bands of 250, something that the company said in its report it considers to be “prior restraint on the freedom of speech.”