Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Tracking & Law Enforcement

Web Hosting Firm DreamHost Publishes Transparency Report

Web hosting provider DreamHost has issued its first ever transparency report to show off how frequently the company did not comply with government requests.

Web hosting provider DreamHost has issued its first ever transparency report to show off how frequently the company did not comply with government requests.

DreamHost legally rejected 57 percent of combined information requests in 2014, according to a report released Tuesday. “A majority of other tech companies don’t even come close to this!” Art Elizarov, DreamHost’s vice-president of legal affairs, wrote in the report.

Unsurprisingly, most of the requests came from the United States with 1,145 requests (not including FISA/NSL requests) in 2014. DreamHost complied with only 46 percent of the requests, affecting 1,352 accounts. Germany was the second most common, with 39 requests. DreamHost complied with 64 percent of the requests, which affected 50 user accounts. The United Kingdom rounded out the top three, with 35 requests. DreamHost complied with 40 percent of the requests, affecting 48 accounts.

“If anything looks fishy, or if the request doesn’t meet every single requirement issued by the appropriate body of law, we reject it!” Elizarov wrote.

There is growing trend towards technology and Internet companies releasing transparency reports to show they are taking customer privacy seriously. The Electronic Frontier Foundation even rates companies on how well they protect user data by tracking who publishes transparency reports. Apple, AT&T, Comcast, Dropbox, Facebook, Google, LinkedIn, Twitter, Verizon, and Yahoo are among the companies who currently release these reports. This report is DreamHost’s first.

Because it is a Web host, most of the requests DreamHost fields are related to allegations of copyright infringement, defamation complaints, and DMCA takedown requests. The company received 873 total DMCA/trademark requests in 2014 and rejected most of them, according to the report. The requests to remove or censor materials posted on the Website were usually related to defamation or invasion of privacy lawsuits. The company claimed to reject over 80 percent of these requests. However, the company removed infringing content if the takedown notice included proof of copyright ownership.

With that said, DreamHost claimed to actively identify and flag “patent trolls” that routinely send out warrantless copyright infringement notices.

DreamHost also received 466 “government requests,” or queries for user account information from various law enforcement and government organizations. These requests were typically part of a criminal investigation and DreamHost complied with them for the most part. However, it’s worth noting that for majority of the requests, DreamHost successfully narrowed the scope so only critical user information was sent to the government. Two thirds of the requests were subpoenas, with the remaining third split between court orders and search warrants.

Advertisement. Scroll to continue reading.

“Every single request in this report is screened and routinely rejected for running afoul of procedural and substantive laws,” the company said. “We only accept requests that are legally sound.”

DreamHost received between 0 to 999 National Security Letters/FISA requests in 2014. As is the case for other companies who publish transparency reports, federal laws prevent DreamHost from disclosing the exact number of these letters.

Web hosting providers have a tricky balance to navigate—maintain user privacy for its Web hosting customers while still not running afoul of the government. DreamHost rejects over 60 percent of information requests due to procedural violations, such as not filling in required information on state forms, getting the subpoena from the wrong court, and other mistakes. And over 80 percent of subpoena requests are modified to include only limited data in the responses, according to the report.

“In other words, we don’t freely hand out customer data to anyone who simply asks for it!” the company said in its report.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

DARPA veteran Dan Kaufman has joined Badge as SVP, AI and Cybersecurity.

Kelly Shortridge has been promoted to VP of Security Products at Fastly.

After the passing of Amit Yoran, Tenable has appointed Steve Vintz and Mark Thurmond as co-CEOs.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.