Current as of: July 12, 2023
ABOUT OUR TRANSPARENCY REPORT
Zendesk, like many technology companies, occasionally receives requests from law enforcement agencies in the United States and elsewhere, seeking customer information. Such requests may take the form of a subpoena, court order, search warrant, or National Security Process Letter. Zendesk must comply with valid governmental requests for personal information.
At the same time, Zendesk cares deeply about maintaining our customers’ trust. One way it does so is to inform Zendesk customers and the public about governmental requests to which it responds. To do so, we have prepared this Transparency Report.
This Transparency Report provides information relating to law enforcement requests for customer information that we received during the first half of 2023 (from January 1, 2023, through June 30, 2023). Zendesk will provide updated reports approximately every six months for the prior six-month period.
For more information regarding Zendesk’s approach to responding to requests for information from law enforcement and other government agencies, please see our Government Data Request Policy here.
Requests from United States Law Enforcement and Governmental Entities
|Type of Request||Number of Requests||Content Data Disclosed||Non-Content Data Disclosed|
National Security Process
Under United States law, 50 U.S.C. § 1874, Zendesk is prohibited from providing certain details regarding requests issued under FISA or 18 U.S.C. § 2709 (National Security Letters or NSLs). Zendesk may only report the aggregate number of NSLs it receives in statutorily-specified bands, subject to a six-month delay. The following table provides information regarding national security process received by Zendesk in bands as permitted by the law subject to a six-month delay in reporting.
|Reporting Period||National Security Process||Number of Customer Accounts Affected|
|2023 - First Half||0||0|
Requests from Non-U.S. Law Enforcement and Governmental Entities
Although Zendesk is located in the United States, we have a corporate presence in several other countries. When we receive requests from non-U.S. governments, we work with U.S. and non-U.S. counsel to determine the validity of the request and our obligation to respond under United States and other applicable laws.
|Type of Request||Number of Requests||Number of Data Disclosures|
|Non-U.S. Governmental Requests Pursuant to an MLAT||1||1|
- Content Data: Includes the contents of End-Users’ communications with an Account such as the contents of Zendesk Support Tickets and Zendesk Chats. Content data is generally considered Service Data as defined in Zendesk’s Master Subscription Agreement.
- Non-Content Data: All data that is not Content Data. It can include Account Information as defined in Zendesk’s Privacy Notice (such as Account Owner name and contact information, Account billing information, length of Service, types of Services utilized, and account login information). This type of information is also called “Basic Subscriber Information” and must be produced in response to a valid government subpoena. Additionally, in response to a court order, Zendesk may also have to produce Non-Content metadata related to End-Users’ communications with an Account.
- Subpoena: A compulsory legal demand for the production of documents.
- Court Order: An order issued by a judge upon a finding that there are reasonable grounds to believe that the information sought is relevant and material to an ongoing criminal investigation.
- Search Warrant: An order issued by a court at the formal request of law enforcement and upon a finding of probable cause. A search warrant is required to obtain Content Data.
- MLAT: Stands for “mutual legal assistance treaty.” Zendesk requires that non-U.S. government entities use appropriate international legal process to obtain data processed by Zendesk on behalf of a customer.
- National Security Letters: A national security letter issued under 18 U.S.C. § 2709.
- FISA Orders: An order or request issued under the Foreign Intelligence Surveillance Act (50 U.S.C. § 1801, et seq.) for user information issued in the U.S.