Bowing to pressure to reveal its government-related data practices, Amazon today released information outlining US government requests for information about its customers and users.
Stephen Schmidt, chief information security officer for Amazon Web Services, said in a blog post that Amazon does not disclose customer information to the government unless it complies with a “legally valid and binding order,” and notifies customers about requests unless prohibited or there is clear criminal activity in evidence.
Schmidt further states that Amazon has never participated in the NSA’s controversial PRISM program, and in fact has challenged government subpoenas and even won decisions protecting customer privacy. It has also lobbied Congress to update privacy laws.
Amazon offers customers strong encryption so they can manage their own encryption keys. Said Schmidt:
…we oppose legislation mandating or prohibiting security or encryption technologies that would have the effect of weakening the security of products, systems, or services our customers use, whether they be individual consumers or business customers.
The biannual report covers six months from January 1 through May 31. During that time, it received 813 subpoenas, 35 search warrants, 13 other court orders, 132 foreign requests, and one removal order. It also received between zero and 249 national security requests.
The next report will be issued late this year or early next year.
➤ Amazon Web Services Privacy and Data Security