2014 Transparency Report

2014
Transparency
Report
We take your privacy seriously.
DreamHost has logged the number and type of
government requests we have received in 2014. Here’s
our promise to keep our work transparent, and to uphold
your privacy as our priority.
We’re happy to announce our first annual DreamHost
Transparency Report!
DreamHost’s core values include shameless honesty and
transparency. We strive to apply these values in every
way possible.
As an ICANN-accredited Registrar, we uphold all
applicable rules and procedures that apply to our customers. This doesn’t mean that we bend
over backwards for just anyone, though! With the help of our Legal and Abuse teams, every
single request in this report is screened and routinely rejected for running afoul of procedural
and substantive laws.
While you can see all of the statistics on the next few pages, I love stressing this particular
number: DreamHost legally rejected 57% of combined information requests in 2014. A
majority of other tech companies don’t even come close to this!
DreamHost complies with all legitimate law enforcement, DMCA, Trademark, and information
requests. That said, we only accept requests that are legally sound. If anything looks fishy, or if
the request doesn’t meet every single requirement issued by the appropriate body of law, we
reject it!
While we’re excited about our first time (who isn’t?), we promise to continue this trend of
reporting statistics by publishing annual transparency reports.
We value your privacy and continue to set a high bar for information requests. Rest assured that
DreamHost will always protect your privacy to the fullest extent of the law.
Art Elizarov
VP Legal Affairs
2
1
2
Total DMCA /
Trademark
Requests
1093
Total FISA/NSL
Requests
0-999*
*Subject to US Department of
Justice Reporting Delays and
Reporting Restrictions
2014 Statistics
Total
Government
Requests
Percentage of
Total Requests
Rejected
466
57%
+ Transparency:
The customer always wins.
At DreamHost, we’re all about helping
In an effort to stay true to our roots and
people get online. With more than a decade
practice “shameless honesty,” DreamHost
of experience, 1.3 million hosted domains,
logs every single government request we
and 375,000 customers, we’re still just as
receive, and now, we’re turning our data
excited today as we were when the
into publicly accessible information.
company started in 1997.
In our first annual Transparency Report,
Of course, as our customer base expands,
we’ve broken down various requests by
so does our interaction with government
their respective types and have provided
and law enforcement agencies.
detailed information regarding the number
Like other web hosting and technology
companies, DreamHost regularly receives
of requests accepted, complied with,
rejected, and so on.
requests from courts and agencies from all
Our legal team works hard, day and night,
over the world. These include subpoenas
to keep customer data secure and private.
and warrants for user data, copyright
We reject quite a few requests on both
infringement notices dealing with website
procedural and substantive grounds, and
content, defamation complaints, hate speech
usually disclose information with certain
allegations, and many others.
limitations.
Rest assured, we’ve got your back!
Summary of
Requests
+ Every single request we’ve
received, along with what we
decided to disclose.
DreamHost receives a number of government
requests that can be bundled into three distinct
Government Requests
categories: search warrants, subpoenas, and
court orders.
In an effort to minimize inappropriate requests
17%
and maximize your privacy, DreamHost goes
Subpoenas
through a vigorous process for each request.
16%
Court Orders
1. Government Request? Whoosh! Send it
right over to the DreamHost HandyDandy Legal and Abuse teams, which
split the work depending on the type of
order.
2. Are there any issues with the request,
either procedurally or with content it’s
requesting? For example, has the
agency requesting information followed
all federal process service laws? If not,
Fire back!
3. If the issue is legitimate and warrants
action, we comply and send only critical
information (and nothing else)!
4.
If the request does not comply with all
laws and DreamHost policies, we reject
it. Done.
5. Allegations of hate speech, invasion of
privacy, defamation, and criminal
speech are directed to the site owners. If
the matter cannot be resolved between
the parties, we encourage them to take
action as the law affords them. We work
expediently with any court orders
received from courts with proper
jurisdiction.
Overall Categories
Trademark
Hate Speech
Invasion of Privacy
Government Requests
Defamation
ICANN Disputes
DMCA / Copyright
Criminal
Other
0
Complied
4
Search Warrants
67%
300
Partially Complied
600
Rejected
Breakdown of
Request
Types
Government
Requests to
Access Data
What are they?
These are worldwide
government requests that ask
for user account information.
Why do we get them?
Agencies typically request
such information during a
criminal investigation.
Do we have to comply?
Requests to
Remove Content
Copyright and
DMCA Takedown
Notices
What are they?
What are they?
These are requests to remove
or censor content located on
our servers.
Takedown notices ask for
copyrighted information to
be removed.
Why do we get them?
Why do we get them?
These requests are usually
related to defamation or
invasion of privacy suits.
They’re utilized to remove
content that belongs to the
copyright owner, such as
photos or videos.
Do we have to comply?
It depends. DreamHost
Typically, yes. DreamHost will
analyzes every single
always fight to keep your data
complaint in order to decide
private. Sometimes, though, we
whether compliance is
are legally required to allow
necessary. We typically are
access to account data.
able to reject most data
removal requests (over 80%)!
Do we have to comply?
Typically, we will only
comply with copyright
infringement takedown
requests upon receipt of a
proper DMCA notification.
+
Breakdown
by Country
Number of
Requests
Percentage of
requests
complied
Number of
Accounts
Affected*
Australia
3
33%
5
Austria
1
0%
1
Bulgaria
1
100%
2
Canada
15
27%
38
Chile
3
33%
5
China
2
0%
5
Czech Republic
1
0%
3
Denmark
5
0%
5
France
23
61%
34
Germany
39
64%
50
Hong Kong
13
10%
39
we produce only partial
India
2
50%
4
information and keep pertinent
Italy
4
25%
4
Japan
15
12%
56
Here is a list of the number of
Netherlands
2
50%
2
requests we received in 2014,
Poland
1
0%
1
Portugal
2
0%
2
Singapore
3
0%
3
South Korea
1
0%
1
Spain
9
33%
10
Switzerland
2
0%
4
Taiwan
12
25%
16
United Kingdom
35
40%
48
United States**
1365
47%
1572
A number of requests DreamHost
receives are from international
governments or private parties.
International requests are more
time consuming and involve a
lengthy analysis. Our Legal and
Abuse teams triple-check both
national and international laws in
order to ensure proper
compliance. In many situations,
user data private.
along with the percentage of
requests we complied with where
partial data was produced.
* Estimation based on accounts specified in
initial requests
** Does not include FISA/NSL Requests
6
Morbi sodales tortor quis velit.
General,
Good-to-know
Information
•
Over 60% of DreamHost’s rejections for information requests are due to
procedural violations (i.e. not having the correct court issue a subpoena, failing to
state required information in claims, etc.). In other words, we don’t freely hand
out customer data to anyone who simply asks for it!
•
Over 80% of our subpoena responses include only limited data; we fight to keep
our private customer data just that: private.
•
DreamHost actively identifies and flags copyright trolls that routinely send out
warrantless copyright infringement notices. We never carry out a request without
conducting a full investigation into the complaint and the respective parties.
359
331
284
Government Requests
(Not including FISA/NSL)
122
1
145
103
96
2
3
2014 Breakdown by Quarter
119
4
Trademark / DMCA
Requests