Requests for user information
Summary
577
Total requests processed
1,435
Accounts affected
500
Total requests where information was disclosed
87%
Percentage of requests where information was disclosed
Background
GitHub’s Guidelines for Legal Requests of User Data explain how we handle legally authorized requests, including law enforcement requests, subpoenas, court orders, and search warrants, as well as national security letters and orders.
In short, we follow the law while requiring adherence to the highest legal standards for user requests for data. We carefully review all requests to disclose user data to ensure they adhere to our policies and satisfy all appropriate legal requirements, and we push back where they do not. When we do disclose information, we never share private content data, except in response to a search warrant, and we notify users when we disclose their information in response to a legal request, unless a law or court order prevents us from doing so.
Legal requests received
Access the complete data set on our GitHub repo or download the individual CSV files.
Legal request disclosures
Access the complete data set on our GitHub repo or download the individual CSV files.
User notifications of legal request disclosures
Access the complete data set on our GitHub repo or download the individual CSV files.
Proportion of civil requests vs. proportion of users notified
Access the complete data set on our GitHub repo or download the individual CSV files.
National security letters and orders
750-999
National security letters and orders received
1500-1749
Affected accounts
Access the complete data set on our GitHub repo or download the individual CSV files.
We're very limited in what we can legally disclose about national security letters and Foreign Intelligence Surveillance Act (FISA) orders. We report information about these types of requests in ranges of 250, starting with zero.
Cross-border data requests
Access the complete data set on our GitHub repo or download the individual CSV files.
Governments outside the US can make cross-border data requests for user information through the DOJ via a mutual legal assistance treaty (MLAT) or similar form of international legal process. Our Guidelines for Legal Requests of User Data explain how we handle user information requests from foreign law enforcement. Essentially, when a foreign government seeks user information from GitHub, we direct the government to the DOJ so that the DOJ can determine whether the request complies with US legal protections, and if it does, the DOJ would send us a subpoena, court order, or search warrant, which we would then process like any other request we receive from the US government.