Kaspersky this week published its first transparency report to share information on the government and law enforcement agency requests received in 2020 and in the first half of 2021.
During the first half of 2021, the Russian cybersecurity firm received 105 requests from law enforcement and government organizations in 17 countries. Russia made the highest number of requests, at 49 (14 for user data and 35 for technical expertise), followed by South Korea with 12 and Japan with 10.
The company rejected 40% of those requests “due to an absence of data or not meeting legal verification requirements.” Furthermore, Kaspersky says, 89 of those requests were for non-personal technical information and expertise.
In 2020, the company received a total of 160 requests from authorities in 15 countries. Once again, Russia made the highest number of requests, at 93 (27 for user data and 66 for technical expertise), followed by South Korea with 23, and France and Japan with 11 each.
Of the total number of received requests, 28 were for user data and all were rejected. The remaining 132 requests were for non-personal technical information and expertise, the company reveals in its report.
Kaspersky also notes that it doesn’t allow law enforcement or government organizations to access any of the user data that is stored on its infrastructure.
“We provide information on such data upon request, but no third party can directly or indirectly access our infrastructure or data, and all requests go through mandatory legal verification before approving, rejecting or appealing such requests,” Kaspersky says.
User data stored by the company includes the information that individuals share with Kaspersky when using its products and services, and it may differ, depending on the products and features. The cybersecurity company also points out that it does not have access to content data that law enforcement agencies are usually interested in.
Kaspersky says that it also receives requests for technical expertise that includes the information from its researchers and machine learning algorithms, such as indicators of compromise (IoCs), details about threat actors’ modus operandi, MD5 hashes of malware, statistical information, and the like.
The company also reveals that in 2020 it received a total of 503 requests from users to delete data, or share information on where the data is stored. In the first half of this year, Kaspersky received 1,199 such requests.