Dropbox Transparency Report Doesn’t Tell Us Much About Australian Snooping

Dropbox Transparency Report Doesn’t Tell Us Much About Australian Snooping

Like other technology companies, Dropbox issues regular “transparency reports” detailing the number of requests from law enforcement agencies for user data. Its 2013 report offers more detail on requests from US agencies, but remains fairly opaque when it comes to activity elsewhere in the world, including Australia.

For 2013, as well as reporting the number of requests from law enforcement agencies and courts, Dropbox has disclose the number of requests it receives from US national security agencies, though regulations mean it can only reveal those numbers within bands of 250. Hence we’re told that Dropbox received between 0 and 249 of such requests. Whether that means 1 or 199 is anyone’s guess.

The general picture from US legal requests is that lots of agencies ask, but Dropbox doesn’t always offer up actual user files. In 2013, it received 118 search warrants covering 172 separate accounts. In 104 of those cases, content (that is, files) were supplied. It also received 159 subpoenas relating to 401 separate accounts. In 94 of those cases Dropbox confirmed information associated with the account (such as the email used to create and access the account), but it did not disclose content in response to any subpoenas.

But what about overseas? During 2013, Dropbox received 90 legal requests from non-US locations, but its report says no actual accounts were affected. The reason is revealed in a footnote:

At this time, we require non-US governments to follow the mutual legal assistance treaty process or letters rogatory process so that a US court will issue the required US legal process to Dropbox.

The same pattern held true in 2012, when there were less than 20 requests. While the numbers are going up, Dropbox says that ” the number of requests received grew proportionately to Dropbox’s user base” — in other words, there are more requests because there are more Dropbox users, not because the data is being pursued more aggressively.

The lesson here? Dropbox will respond to legal requests for information, but the process of actually gaining access to files as the result of a subpoena isn’t at all common. It also seems few overseas governments have the energy to push requests for information through the US court system.

2013 Transparency Report [Dropbox]


  • I can’t see the Australian government lifting a finger to help us find out more about which tech companies are handing over our data. If anything they would be more likely to stop us finding out.

Comments are closed.

Log in to comment on this story!