Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Tracking & Law Enforcement

Web Hosting Firm DreamHost Publishes Transparency Report

Web hosting provider DreamHost has issued its first ever transparency report to show off how frequently the company did not comply with government requests.

Web hosting provider DreamHost has issued its first ever transparency report to show off how frequently the company did not comply with government requests.

DreamHost legally rejected 57 percent of combined information requests in 2014, according to a report released Tuesday. “A majority of other tech companies don’t even come close to this!” Art Elizarov, DreamHost’s vice-president of legal affairs, wrote in the report.

Unsurprisingly, most of the requests came from the United States with 1,145 requests (not including FISA/NSL requests) in 2014. DreamHost complied with only 46 percent of the requests, affecting 1,352 accounts. Germany was the second most common, with 39 requests. DreamHost complied with 64 percent of the requests, which affected 50 user accounts. The United Kingdom rounded out the top three, with 35 requests. DreamHost complied with 40 percent of the requests, affecting 48 accounts.

“If anything looks fishy, or if the request doesn’t meet every single requirement issued by the appropriate body of law, we reject it!” Elizarov wrote.

There is growing trend towards technology and Internet companies releasing transparency reports to show they are taking customer privacy seriously. The Electronic Frontier Foundation even rates companies on how well they protect user data by tracking who publishes transparency reports. Apple, AT&T, Comcast, Dropbox, Facebook, Google, LinkedIn, Twitter, Verizon, and Yahoo are among the companies who currently release these reports. This report is DreamHost’s first.

Because it is a Web host, most of the requests DreamHost fields are related to allegations of copyright infringement, defamation complaints, and DMCA takedown requests. The company received 873 total DMCA/trademark requests in 2014 and rejected most of them, according to the report. The requests to remove or censor materials posted on the Website were usually related to defamation or invasion of privacy lawsuits. The company claimed to reject over 80 percent of these requests. However, the company removed infringing content if the takedown notice included proof of copyright ownership.

With that said, DreamHost claimed to actively identify and flag “patent trolls” that routinely send out warrantless copyright infringement notices.

DreamHost also received 466 “government requests,” or queries for user account information from various law enforcement and government organizations. These requests were typically part of a criminal investigation and DreamHost complied with them for the most part. However, it’s worth noting that for majority of the requests, DreamHost successfully narrowed the scope so only critical user information was sent to the government. Two thirds of the requests were subpoenas, with the remaining third split between court orders and search warrants.

Advertisement. Scroll to continue reading.

“Every single request in this report is screened and routinely rejected for running afoul of procedural and substantive laws,” the company said. “We only accept requests that are legally sound.”

DreamHost received between 0 to 999 National Security Letters/FISA requests in 2014. As is the case for other companies who publish transparency reports, federal laws prevent DreamHost from disclosing the exact number of these letters.

Web hosting providers have a tricky balance to navigate—maintain user privacy for its Web hosting customers while still not running afoul of the government. DreamHost rejects over 60 percent of information requests due to procedural violations, such as not filling in required information on state forms, getting the subpoena from the wrong court, and other mistakes. And over 80 percent of subpoena requests are modified to include only limited data in the responses, according to the report.

“In other words, we don’t freely hand out customer data to anyone who simply asks for it!” the company said in its report.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

Daniel Kelley was just 18 years old when he was arrested and charged on thirty counts – most infamously for the 2015 hack of...

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

CISO Strategy

The SEC filed charges against SolarWinds and its CISO over misleading investors about its cybersecurity practices and known risks.

Cybercrime

A global cyber espionage campaign has resulted in the networks of many organizations around the world becoming compromised after the attackers managed to breach...

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...