Yahoo has issued its first transparency report. It covers the period January 1, 2013 through June 30, 2013. In its overview to the report, Yahoo’s counsel Ron Bell notes that requests for user data impact “comprised less than one one-hundredth of one percent (<.01%) of our worldwide user base.” Zach Miners of Computerworld recaps the report, but looking at the breakdown in the report:
For the 12,444 requests to Yahoo, Inc., Yahoo provided non-content data only (NCD) in response to 6,798 (55%) of those requests, and content data in 4,604 (37%) cases. They found no data in 801 cases (6%) and rejected 241 requests (2%). The 12,444 requests involved 40,322 user accounts.
Interestingly (to me, anyway), and simply as examples of how different data protection laws may play out when the government comes knocking, Yahoo, UK provided NCD and content data in smaller percentages of requests and rejected 27% of the 1,709 requests it received compared to Yahoo, Inc. In contrast, Yahoo Deutschland provided NCD in response to 66% of its 4,295 requests, while rejecting 19% of them. Yahoo Singapore rejected 41% of the 138 requests it received. You can find statistics on other countries by clicking on the links in the report, here.
I think some people will be surprised at low the overall number of requests are, but I’m still mulling over the low 2% rejection rate for Yahoo, Inc. Either the governments are more careful to comply by submitting lawful requests, or the laws are just too easy compelling Yahoo to turn over information. Or maybe both.