Number of requests for information and most frequent reason for rejection
In 2025, a total of 74 official requests for information were sent to mailbox. As in previous years, the most common reason for rejection remains the unencrypted transmission of the request: "Data protection and information security are a priority for mailbox. We also adhere to the strict requirements of the Federal Network Agency (Bundesnetzagentur) for requests for information from authorities, which stipulate that requests must be encrypted," explains Balint Gyemant, Chief Product Officer at mailbox.
Of the 63 requests sent to mailbox by email, however, 27 were unencrypted. A further six were unlawful for other reasons, and mailbox received five requests by post. "It is encouraging that we received no more enquiries by fax in 2025. This was still the case until 2024, although requests for information by fax have actually been prohibited since 2021," says Balint Gyemant.
Unlawful requests for information are consistently rejected by mailbox. In 2025, unencrypted requests were corrected by the investigating authorities in 15 cases, meaning that we responded to a total of 56 requests. 18 requests were not corrected and were rejected by us due to various deficiencies.
Who submits which requests for information?
The majority of requests for information in 2025 came from German authorities. Only three requests came from authorities in other EU countries and one request from an authority outside the EU. 72 requests for information were made in the context of criminal prosecution, two by intelligence services. Inventory data requests were the most common type of request, with only two relating to the seizure of mailboxes.
Data protection developments and geopolitical conditions
We are publishing our transparency report at a time when data protection is under threat of weakening in the EU and worldwide. Twenty-five years ago, the European Data Protection Convention recognised the highest priority of protecting personal data and regulating its cross-border exchange. Today, these achievements are under attack like never before in the last 25 years: Anti-democratic forces and the EU's Digital Omnibus are threatening to weaken data protection. Chat control and data retention are being pushed forward again. In addition, the US CLOUD Act could become a gateway for data access in Europe. We are monitoring these developments closely and critically. Data protection and information security remain our priority.
In a nutshell: requests compared to the previous year
- The total number of requests fell again in 2025: by 10.84 % from 83 (2024) to 74.
- In 2025, 75.7 % of requests were ultimately submitted correctly – in some cases only at the second attempt. In 2024, the final figure was 69.9 %.
- As in the previous year, we received the majority of enquiries by email in 2025, encrypted with PGP.
An overview of the specific figures for 2025
Number of requests to mailbox
Total: 74
of which German authorities: 70
of which foreign EU authorities: 3
of which foreign non-EU authorities: 1
Type of authority
Criminal investigative authorities: 72
Intelligence services: 2
Customs authorities: 0
Type of request
Contact data requests: 72
Inbox confiscations: 2
Traffic data requests: 0
Telecommunications interceptions: 0
The reports from recent years can be found at Transparency reports.
