Released: August 9, 2021
We are pleased to offer our transparency report for the period of December 13, 2020 through June 30, 2021. This report is designed to offer insight into how Zoom Video Communications, Inc. (Zoom) responds to requests for user data from law enforcement agencies and government authorities globally. Zoom believes that transparency is critical to building trust and fostering the free and open exchange of ideas.
As detailed in our Privacy Statement, Zoom is committed to protecting user privacy and only produces user data to governments in response to valid and lawful requests in accordance with our Government Requests Guide and relevant legal policies.
We have a streamlined approach to handle government requests. Our legal staff evaluates and processes requests efficiently, and our Government Requests Guide enables law enforcement agencies and government authorities to submit tailored requests. We require government and law enforcement requests to be submitted through our new Trust Form. In the future, Zoom will have a portal that enables verified authorities to submit and track their requests.
We categorize the data associated with each request in our case management system. We have a standardized set of policies and a centralized system for tracking requests, as well as internal guidelines and quality controls processes. All of these features were implemented with an eye towards transparent reporting.
We will not update the transparency report for this reporting period other than as required by law. The dates of this transparency reporting period are non-standard because our first transparency report also had non-standard dates; going forward, we will publish our transparency reports semi-annually, with reporting periods from January to June and July to December.
Here is a summary of the requests we’ve processed from December 13, 2020 through June 30, 2021, and how we responded to them:
U.S. requests to Zoom can come in the form of search warrants, subpoenas (grand jury, trial and administrative), court orders, preservation requests, emergency requests and national security requests.
Zoom receives law enforcement requests from around the globe. We screen each international (non-U.S.) request carefully to ensure that we only respond to ones that are legally valid and appropriately scoped. We do not provide any content internationally without process under MLAT, the CLOUD Act or letters rogatory.
If a jurisdiction or type of request is not listed in the chart’s drop-down menus, it means we did not process any requests of that type or from that jurisdiction in this reporting period.
For more information about how we review international requests, please see our Government Requests Guide.
We use a number of terms in this report that have specific legal meanings in this context. Wherever you don’t see a particular kind of request or outcome noted in the charts, that means that there weren’t any of that type. Civil litigation requests are not reflected in this report.
- CLOUD Act Request - a request made pursuant to the CLOUD Act. Can demand content.
- Content - can include video content, chat logs, transcripts or profile pictures; essentially, any media that depicts what a person spoke, wrote or did. When we report disclosing “content,” that means we disclosed both content and non-content.
- Emergency Request (U.S. or international) - a request for user data without standard legal process, on the grounds that there is a danger of death or serious physical injury to a person.
- General information means we provided general information about the law enforcement request process, but not content or non-content.
- MLAT Request (International only) - a request made by a foreign country through the U.S. Department of Justice pursuant to a Mutual Legal Assistance Treaty. Can demand content.
- Non-content - non-content refers to metadata, or information about content. Non-content can include things like the dates and times of meetings, the IP address of a user, or information about their platform. When we report disclosing “non-content” that means we disclosed non-content only.
- Order (U.S. only) - any other type of order issued by a court. Cannot demand content.
- Other - Any other kind of request or resolution. For example, if a law enforcement officer seeks user data but without a subpoena, search warrant, or court order, or where the data owner gives written authorization to disclose their data to law enforcement.
- Preservation Request (U.S. or international) - a request to preserve (but not disclose) user information for a period of time, usually 90 or 180 days.
- Rejected - includes rejections for invalid service, legal invalidity, instances where there was no responsive data, or where the agency did not provide enough information for us to locate data.
- Search Warrant (U.S. only) - a request for a search, signed by a judge, in which a prosecutor alleges that there is “probable cause” to believe that a crime has taken place, or is about to. May demand content or non-content.
- Subpoena (U.S. only) - a request made by a government entity with investigative powers, such as a grand jury. Need not be signed by a judge, cannot demand content.
- U.S. National Security Requests - requests under the Foreign Intelligence Surveillance Act (FISA) for non-content or content information, or National Security Letters (NSLs) to request limited information about a user’s identity.
- Withdrawn means that the requester withdrew the request before we made a determination on it.
- Withhold Access Request - a governmental request to restrict an individual’s access to any aspect of Zoom’s product, or to prevent or terminate a particular meeting.
A note about Withhold Access Requests: Zoom does business in more than 80 countries and counting. Many countries have laws that may restrict one of its residents from participating in or hosting particular Zoom Meetings or Webinars. If Zoom receives a legally valid and appropriately scoped request from a legitimate government agency demanding that Zoom restrict one of its residents from using Zoom, we will carefully review it.
In no event will Zoom restrict the access of users to the platform who are outside the requesting country and/or the jurisdiction of the requesting government agency or who are otherwise not subject to applicable local law. If the meeting is hosted outside the requesting jurisdiction, we are able to employ a geoblock to restrict the access of a jurisdiction’s users from a particular meeting based on geography. This means that we can comply with valid requests from local authorities while protecting access to the meeting in question for participants outside those borders.
We comply with Withhold Access Requests selectively, as we balance our commitment to promoting the free and open exchange of ideas against our legal obligations.