Government Requests Transparency Report

 
Fiscal Year 2018
(December 1, 2017 - November 30, 2018)

 

Last Updated: January 7, 2019

 

Adobe, like all hosted service providers, is obligated to disclose customer data when we receive valid legal process from a government agency with jurisdiction. In this – our fifth annual transparency report -- we disclose information about all government requests seeking access to Adobe customer data that we received during our fiscal year 2018 (FY 2018), the services to which they relate, the country of origin, and how we responded. Every request we receive is carefully scrutinized by the Adobe Trust & Safety team to ensure law enforcement is entitled to the data they seek with the type of process they have obtained, and is managed in accordance with our law enforcement response policies, which you will find here.
Government Requests by Service: During FY 2018, most government requests we received related to customer Adobe ID accounts or Adobe subscriptions (37 requests), our Photoshop Mix app (19 requests), and Lightroom cloud storage (16 requests).  The remaining government requests received sought information about users of the following apps or services: Adobe Acrobat (3 requests), Creative Cloud (3 requests), Export PDF (1 request), and Adobe Sign (1 request).
Government Requests by Country of Origin: We received thirteen requests from international governments this year.  Most of the international requests were received from Japan (5 requests) and Spain (3 requests).  We received a single request each from France, Great Britain, Hong Kong, Italy, and Sweden.
Some Additional Interesting Facts:
  • No Enterprise Customer Data Disclosed: As in previous years, all disclosures made in FY 2018 related to individual consumer accounts and not enterprise customer accounts.
  • No Customer Content Disclosed Without A Search Warrant: Adobe does not disclose customer content stored in our cloud services (such as photos, videos or documents) unless we receive a search warrant issued upon a showing of probable cause under relevant state or federal law.  We received search warrants in all 30 matters where we disclosed customer content.
  • No National Security Requests Received: As of the end of FY 2018, Adobe still has not received any form of national security process, such as a National Security Letter (NSL) or Foreign Intelligence Surveillance Act (FISA) order.
  • No Delaying Customer Notice Unless We Are Legally Obligated To Do So: As we did in previous years, this year we rejected a number of requests from governments to delay notice to our users because the requests were made informally. We only delay notice to our customers where we are legally obligated to do so -- for example, when we receive a delayed notice order (DNO) issued by a court. We then notify our customer of the government request for their data after the DNO expires.
  • No Permanent Gag Orders: Sometimes, Adobe receives DNOs that are permanent (i.e., they expressly never expire) or indefinite (i.e., they say they will expire 'on further order of the court').  Permanent or indefinite gag orders are unconstitutional prior restraints on speech and we challenge them in court whenever we receive them.   Please make sure any DNO you serve has an expiration date.
  • No Backdoors: Adobe has not built ‘backdoors’ for any government – foreign or domestic – into our products or services.  All government requests for user data need to come through the front door (i.e., by serving valid legal process upon the appropriate Adobe legal department). Adobe vigorously opposes legislation in the US and overseas that would in any way weaken the security of our products or our users’ privacy protections.
 

Government Requests Received

Type of Request Received
Number of Requests
Number of user accounts impacted
Subpoenas 31
34
Search Warrants
32
36
International Requests
13
11
National Security Requests 0 0
Imminent Harm Requests
2
2
Court Orders 1
1
Total 79
84
     
Delayed Notice Orders 48
57

 

Adobe Response

Type of Request Received
Number of Requests
Number of user accounts impacted
Account Doesn't Exist
5 0
Customer Registration or Transactional Information Disclosed
31
39
Customer Content Disclosed 30
33
Request Rejected/No Information Provided 13
12
Total 79
84
 
You can access Adobe’s FY 2014 and FY 2015 Transparency Reports here.