Electronic Frontier Foundation+Discloses policies on data retention
2

Discloses policies on data retention

Does the company disclose policies on data retention?
Company
Industry
Project
search
Year
Answer
Filtered answers
24 Known
+ 0 Unknown
= 24 Total results
Companies Values
Comcast+image
Comcast
Pennsylvania (United States)
Yes
Yes,No,steps in the right direction 2015
Sonic+image
Sonic
Yes
Yes,No,steps in the right direction 2015
Wikimedia+image
Wikimedia
Yes
Yes,No,steps in the right direction 2015
Twitter+image
Twitter
Ireland
Yes
Yes,No,steps in the right direction 2015
Credo+image
Credo
Massachusetts (United States)
Yes
Yes,No,steps in the right direction 2015
Wordpress+image
Wordpress
Yes
Yes,No,steps in the right direction 2015
Dropbox+image
Dropbox
California (United States)
Yes
Yes,No,steps in the right direction 2015
reddit+image
reddit
California (United States)
Yes
Yes,No,steps in the right direction 2015
Yahoo+image
Yahoo
California (United States)
Yes
Yes,No,steps in the right direction 2015
Apple Inc.+image
Apple Inc.
California (United States)
Yes
Yes,No,steps in the right direction 2015
slack+image
slack
California (United States)
Yes
Yes,No,steps in the right direction 2015
Adobe Systems+image
Adobe Systems
California (United States)
Yes
Yes,No,steps in the right direction 2015
LinkedIn+image
LinkedIn
California (United States)
Yes
Yes,No,steps in the right direction 2015
Snapchat+image
Snapchat
Yes
Yes,No,steps in the right direction 2015
Wickr+image
Wickr
Delaware (United States)
Yes
Yes,No,steps in the right direction 2015
Facebook Inc.+image
Facebook Inc.
California (United States)
Yes
Yes,No,steps in the right direction 2015
Microsoft Corporation+image
Microsoft Corporation
Washington (United States)
No
Yes,No,steps in the right direction 2015
Pinterest+image
Pinterest
California (United States)
No
Yes,No,steps in the right direction 2015
Tumblr+image
Tumblr
No
Yes,No,steps in the right direction 2015
Amazon.com, Inc.+image
Amazon.com, Inc.
Washington (United States)
No
Yes,No,steps in the right direction 2015

Export: csv / json

Metric Type
Researched
Designed By
Topics
Research Policy
Community Assessed
Report Type
Value Type
Category
Options:

Yes , No and steps in the right direction


About

In 2015, Electronic Frontier Foundation evaluated companies on whether they were transparent about what deleted data they stored. Often, users may not realize that data they delete from an email service provider or off a social network is still stored and available to law enforcement agencies upon request. Transparency is the first step to educating users about what happens to their deleted data, so we are evaluating companies on their transparency practices in this category. Note that EFF aren’t making specific requirements about a company deleting data after a certain time. Indeed, some companies publicly state that they maintain deleted data and server logs indefinitely—a practice we think is terrible for users. However, for this report, they’re just asking companies to be clear about retention periods for data collected that may not be easily viewable to the user (including IP addresses and DHCP data) as well as content that users deleted.

Methodology

We live digital lives—from the videos shared on social networks, to location-aware apps on mobile phones, to log-in data for connecting to our email, to our stored documents, to our search history. The personal, the profound, and even the absurd are all transcribed into data packets, whizzing through the fiber-optic arteries of the network.

While our daily lives have upgraded to the 21st century, the law hasn’t kept pace. To date, the U.S. Congress hasn’t managed to update the 1986 Electronic Communications Privacy Act to acknowledge that email stored more than 6 months deserves identical protections to email stored less than 6 months. Congress also dragged its feet on halting the NSA’s indiscriminate surveillance of online communications and has yet to enact the strong reforms we deserve. Congress is even on the precipice of making things far worse, considering proposals that would mandate government backdoors into the technology we rely on to digitally communicate.

In this climate, we increasingly look to technology companies themselves to have the strongest possible policies when it comes to protecting user rights. Which companies will stand by users, insisting on transparency and strong legal standards around government access to user data? And which companies make those policies public, letting the world—and their own users—judge their stances on standing up for privacy rights?

For four years, the Electronic Frontier Foundation documented the practices of major Internet companies and service providers, judging their publicly available policies, and highlighting best practices. Over the course of those first four reports, we watched a transformation take place among the practices of major technology companies. Overwhelmingly, tech giants began publishing annual reports about government data requests, promising to provide users notice when the government sought access to their data, and requiring a search warrant before handing over user content. Those best practices we identified in early reports became industry standards in a few short years, and we’re proud of the role our annual report played in pushing companies to institute these changes.

But times have changed, and now users expect more.

The criteria we used to judge companies in 2011 were ambitious for the time, but they’ve been almost universally adopted in the years since then. Now, users should expect companies to far exceed the standards articulated in the original Who Has Your Back report. Users should look to companies like Google, Apple, Facebook, and Amazon to be transparent about the types of content that is blocked or censored in response to government requests, as well as what deleted data is kept around in case government agents seek it in the future. We also look to these companies to take a principled stance against government-mandated backdoors.

In this, our fifth annual Who Has Your Back report, we took the main principles of the prior reports and rolled them into a single category: Industry-Accepted Best Practices. We’ve also refined our expectations around providing users notice and added new categories to highlight other important transparency and user rights issues.

We think it’s time to expect more from Silicon Valley. We designed this report to take the basic principles of Who Has Your Back up a notch and see which companies were still leading the pack. Already, our newest report has had a similar effect on the industry as a whole, encouraging companies large and small to strive for more when it comes to standing by their users. In the months since we first told the companies what this year’s criteria would be, we’ve seen significant improvement in company practices. And we hope—and expect—that over the next year, we’ll see even more.

Download the complete Who Has Your Back? 2015: Protecting Your Data From Government Requests report as a PDF.

Bulk Import