Question
Will Digital Ocean Comply With The UK Government If A Request Is Made For Data Or Access To A Server?
- Posted on December 4, 2016
- DigitalOcean
Asked by imageek
Please note that my question does not relate to illegal activities. I’ve been a Digital Ocean customer for a long time and want to protect my privacy.
In the UK the Snoopers Charter is now law. ISP’s have to by law store a users Internet activity for 1 year, and make it available to the Government.
With this in mind a lot of people, myself included, want to retain my privacy and do not want the Government to be able to snoop on what websites I visit, who I communicate with or what I do online.
If I use a Digital Ocean server to set up an SSH tunnel to tunnel Internet traffic and DNS lookups this makes it hard for the ISP to see what I’m accessing. But, this still doesn’t stop the Government or it’s agencies from requesting this data to store for whatever purposes.
If the UK Government makes a request for access to the server, or data from the server, in relation to the Snoopers Charter will Digital Ocean comply with the request?
Here’s a link to the bill if it’s any help: https://en.wikipedia.org/wiki/Investigatory_Powers_Act_2016
Also, does DO allow their servers to be used in this way to protect privacy?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Want to learn more? Join the DigitalOcean Community!
Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.
I am going to share the answer I provided to another user here the other day:
Thanks for reaching out. I am not a lawyer or a member of our security team (but I will check with the security team to see if someone can provide more information here). I would recommend the best place to start is with our Law Enforcement Guidelines this document, intended for law enforcement agencies (and those concerned about privacy) details what information we collect and can provide to agencies and under what circumstances it is provided. Should the Investigatory Powers Bill require any substantive changes in our policy they would be documented there. I am not aware of any changes to this policy being worked on at present with respect to the new UK laws.
A member of our security team also provided some additional details:
Thanks for your question. At this time we do not anticipate any changes as we are not classified as an ISP. We are also a US entity and require that foreign law enforcement go through the MLAT process. So, as of now, no impact, but the IPA was only signed recently and more in-depth due diligence will be conducted to determine any applicable requirements. (Security Team)