Steps we take to transfer your information securely


NOV 17, 2023

We take a number of steps to protect your data. These include:

  • Encryption and security: We take a range of measures to protect your data. We implement a comprehensive security program, including measures such as encryption when data is in transit, to protect user data at all times. We adapt and improve our security to keep ahead of the evolving risks and security threats that we face.

  • No “back door” governmental access: We do not provide any government with direct access or encryption “back doors.” We believe that intentionally weakening our services in this way would undermine the security that is necessary to protect people who use our global service.

  • Robust policies: For a long time, we have had comprehensive policies in place governing how we evaluate and respond to government requests for user data. We review each request and only provide information in response to requests that we determine are valid, producing only information that is narrowly tailored to respond to that request.

  • Standing up for our users: Where government requests are deficient (e.g. overbroad or legally deficient), we push back and engage governments to address any apparent deficiency. Where necessary, we will challenge or reject unlawful government requests. We would also challenge any order seeking to require us to redesign our systems in a way that would undermine the security we provide to protect people’s data, or that attempted to gag us from disclosing the existence of such an order and our efforts to fight it.

  • Providing transparency: We strive to be open and proactive about the way we safeguard people’s privacy, security and access to information online. For this reason, it is our policy to notify users of requests for their information prior to any disclosure, unless we are prohibited by law from doing so or in exceptional circumstances when notice would be counterproductive such as when a child is at risk of harm. Since 2013, we’ve published biannual transparency reports concerning the nature and extent of government requests we receive for user data. These reports give our community visibility into how many requests we receive, and how we apply our policies and respond to data requests.