We’re pleased to publish our first ever transparency report about the government data requests we receive and how we handle those inquiries. Although transparency reports are among US tech companies, besides some examples, such as Posteo, Threema, ProtonMail, or Cyon, they are relatively rare in Europe.
The reason we are now publishing our summary is that we wanted to provide more details on how we operate and what data we can and cannot provide in case of Swiss or international requests. Besides using end-to-end encryption technology to protect our user’s files and privacy, we’re also committed to earning and maintaining our community’s trust by being transparent in how we handle user data in case of such requests.
What do we say in this report?
- Tresorit is based on the principle that privacy is a fundamental human right of individuals. To pursue our mission of making privacy and security available to people and businesses, we use end-to-end encryption to protect files in the cloud. This technology makes it impossible for us to read and thus provide the contents of user files in a readable, unencrypted format to any third parties, including government authorities.
- As a Swiss company, Tresorit is primarily subject to Swiss jurisdiction regarding data protection. Due to Swiss data protection and criminal process laws, we can only hand data over to international authorities in line with the Swiss Federal Act on International Mutual Assistance in Criminal Matters (IMAC) and with international legal assistance treaties. Without an official decision by a Swiss cantonal or federal authority, no information can be provided to foreign requests.
- During the period covered (from September 24, 2013, to November 30, 2017), we received one informal request from a Swiss police authority to retain certain user data, however, as there was no official decision by Swiss authorities on this case, we didn’t hand over any data.
UPDATE: Since the publication of the report (specifically during the period between December 1, 2017 until December 31, 2018) we have received zero requests from the Swiss authorities.