Security Experts:

Amazon Details Government Data Requests in First Transparency Report

Amazon has received nearly 1,000 information requests from government agencies in the first five months of 2015, according to the electronic commerce company’s bi-annual information request report.

A majority of tech giants have been keeping their customers informed on the number of information requests they receive and how many of them they comply with. Amazon hasn’t done so until Friday, when it released its first transparency report.

Amazon said it had received a total of 813 subpoenas between January 1, 2015, and May 31, 2015. The company provided all of the information requested for 542 of these subpoenas, it provided partial information in 126 cases, and no information in 145 cases.

As far as search warrants are concerned, Amazon received 25 and provided full or partial information in response to 21 of them. The company said it got 13 court orders and provided information in response to nine of them.

Information requests received by Amazon didn’t come only from U.S. government agencies. The company received a total of 132 non-US requests. Many of them appear to have been valid since the e-commerce giant provided full information in 108 cases and partial information in seven cases.

The transparency report shows that Amazon only received one removal request in the first five months of 2015 and the company complied with it.

Organizations are not allowed to disclose the exact number of national security requests they get, but Amazon says it has received between 0 and 249 such requests. Christopher Soghoian, principal technologist at the American Civil Liberties Union (ACLU), believes Amazon “almost certainly” received a National Security Letter (NSL) or Foreign Intelligence Surveillance Act (FISA) order.

Stephen Schmidt, VP of security engineering and CISO at Amazon Web Services, explained in a blog post that the company only discloses customer information when it’s required to comply with a legally valid and binding order.

Schmidt has also pointed out that Amazon has never taken part in the NSA’s controversial PRISM program, and the company repeatedly challenged subpoenas it viewed as being overbroad.

“While we recognize the legitimate needs of law enforcement agencies to investigate criminal and terrorist activity, and cooperate with them when they observe legal safeguards for conducting such investigations, we oppose legislation mandating or prohibiting security or encryption technologies that would have the effect of weakening the security of products, systems, or services our customers use, whether they be individual consumers or business customers,” said Schmidt.

Related: Microsoft Opens Transparency Center in Europe to Allow Governments to Examine Source Code

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.