Transparency Report

As part of Atlassian’s commitment to earning and maintaining our customers’ trust, we have begun publishing an annual Transparency Report with information about government requests for users’ data as well as government requests to remove content or suspend user accounts.


Period for Transparency Report is January 1, 2015 through December 31, 2015

Atlassian responds to government requests in accordance with our Privacy Policy, Customer Agreement, Acceptable Use Policy, and any applicable Service-Specific Terms.  We also provide additional information about our policies and procedures for responding to requests for user data in our Guidelines for Law Enforcement.  In responding to any government request (whether a request for user data or a request to remove content/suspend user accounts), Atlassian follows these guiding principles:

  1. Requesting parties should first attempt to obtain the information directly from the customer or user(s) at issue.  If the requesting party comes to Atlassian for user data, unless prohibited by law, we will notify the customer (so that customer has an opportunity to challenge the legal process) in accordance with our user notice policy.
  2. Atlassian will scrutinize every request for legal validity, and if required to comply by disclosing user data, we will respond in accordance with applicable law (including the federal Stored Communications Act), and will respond as narrowly as possible to the specific request.
  3. Atlassian will continue to advocate for reforms that allow us to provide more transparency to our customers.

US Government Requests for User Data

Requests Received
Accounts Targeted in Requests Received
4 19

 

 

Atlassian’s Response to Requests Received

Response
Number of Requests
Number of Accounts Where Data Disclosed
Produced non-content user data 2 4
Objected 1 0
No responsive data 1 0

 

 

US Government Requests for Account Removal/Content Takedown

Requests Received
Accounts Targeted in Requests Received
1 3

 

 

Atlassian’s Response to Requests Received

Response
Number of Requests
Number of Accounts Affected
Blocked public access to user account 1 3

GLOSSARY

  • “Accounts affected” reflects the total number of user accounts for which Atlassian disclosed user data or suspended.
  • “Accounts targeted” reflects the total number of accounts that were subjects of the total number of legal requests (for example, a single subpoena could request information about two user accounts).
  • “Non-content user data” is subscriber information, such as the name and email address provided when you register for an account, billing information (if applicable), and IP addresses.  This does not include any user-generated content, such as profile pictures or files uploaded by users and stored on Atlassian’s servers.
  • “No responsive data” reflects that Atlassian properly responded to a valid legal request, but did not have any responsive records to disclose to law enforcement.
  • “Number of requests” reflects the number of times that Atlassian received legal process requesting either user data or account suspension.
  •  “Objected” means that Atlassian received a legal request but did not disclose any user data because we believed the request was not legally valid.