Our statistics for 2018
Our terms of service state there’s basically no way for anyone to get any access to your data without us also being able to talk about the fact it happened, and further down nested in our legal framework outline do we have a list of 3 general types under which individual requests could be filed.
I recall that some place, we also promise to at least publish the statistics. I don’t recall where, but I seem to remember we have. In any case, here’s our summary for 2018.
Administrative Requests: 0
This type of requests would ask for “who owns this email address?” and “what information do you have about them?”. This is the information you fill out in the registration form and/or dashboard. It is also the information we use when you state you have lost your 2nd authentication factor device (albeit we have tips to prevent that). We tend to desire a phone number to be included so that we can resolve the issue quickly.
Anyway, it’s that type of data about your account.
In 2018, we have received zero such requests.
Retroactive Metadata Requests: 0
This type of requests asks for the metadata for an account, meaning the source IP addresses that may have been used, the senders to and recipients from the account, and such “metadata” — but not the content.
We have received zero such requests in 2018.
Live Interception Requests: 0
This type of request is the digital equivalent of a “wire tap”. Obviously, the metadata is available, but this case is special because it includes content. Not only does it do that, but it also includes near real-time monitoring of what’s going on with the account. As such, it is one of the most intrusive requests.
Again, 2018 has yielded zero such requests to us.
Extrajudicial Requests: 1
This sort of request may include a request for any type of metadata or data or access, retroactive or otherwise, or basically “whatever”. It is the type of request that is extrajudicial, and therefore has little of a barrier put in place compared to something like a burden of proof that is required from law enforcement under some sort of criminal justice system. Suffice it to say it is “different”.
It is therefore also not a duly authorized warrant under the Swiss judicial system. Requests like these may appear to be legitimate, and duly authorized to some or the other extent. These sorts of requests are extra-ordinary, and require extensive evaluation on a case-by-case basis.
While I Am Not A Lawyer (IANAL), may I remind you that when I say “appear to” and “to some or the other extent”, I mean to indicate these sorts of requests may include documentation, possibly properly signed and maybe even notarized, probably all sorts of otherwise legally relevant if not binding documentation, that for any other organization may be sufficient to just give out our customer’s data. Think, if you will, someone offering up a death certificate and last will and testimony, with a request to just inherit the account.
Suffice it to say that, as the title of this section indicates, we have received one such request in 2018. In evaluating whether or not the request and its documentation ultimately amounted to compelling us to comply (legally speaking), we found that in our opinion it did not, held our ground, and declined the request.
Wrapping Up
Now, unless the next 4 hours or so yields a request, which will definitively not be answered today, and it involves your account, which it will not, I can almost assure you an almost entirely worry-free New Year’s Eve for as far as your Kolab Now account is concerned.
Or, in other words, HAPPY NEW YEARS EVE!