mailbox.org transparency report 2024: 30.1 % of requests were inadmissible

In our transparency report, we disclose the type and scope of requests for information that mailbox.org has received from public authorities. In the previous year 2024, the total number of requests decreased. However, almost one-third of all requests had errors.

A total of 25 out of the 83 requests we received from public authorities in 2024 were rejected because of errors that made them legally inadmissible. Compared to the previous year, the proportion of unlawful requests that were ultimately rejected did slightly decrease: from 33.8 % in 2023 to 30.1 % in 2024.

The most common reason for rejection

Not much has improved on the part of the authorities since last year. The most common reason for rejection continues to be the transmission of the request on an unencrypted channel, such as by fax, and by e-mail in plain text. In 2024, almost a quarter (24.1 %) of all requests for information were received by fax or plain text email. We consistently reject these requests.

Although the total number of enquiries has decreased, the enquiries have caused more work, as we had to explain to some authorities how encrypted emails work with PGP.

A brief comparison to the year before

  1. The total number of enquiries decreased from 133 (2023) to 83 (2024).
  2. Only 69.9 % of requests were submitted correctly, compared to 66.2 % in 2023.
  3. We received most requests by email, encrypted with PGP.

Requests sent to mailbox.org in the year 2023

Total number of requests: 83
From German authorities: 82
From foreign authorities: 0
From foreign non-EU authorities: 1

Organisations
Criminal investigative authorities: 81
Customs authorities: 1
Intelligence services: 1

Request type
Contact data requests: 79
Inbox confiscations: 3
Traffic data requests: 0
Telecommunications interceptions: 1

Our reports from previous years can be found in the section transparency reports.

 

 

How we deal with requests

mailbox.org follows a standardised process when dealing with requests for information from official authorities. Each request will be comprehensively reviewed and assessed by our data protection officer and a lawyer, and then either processed or rejected accordingly. When a request gets rejected, the submitting authority may correct any errors and then resubmit for another review. Data will only be released by us if a related request is actually lawful and formally correct.

Data that authorities may be interested in
  1. Contact data: This includes the name, address and phone number of the account holder, as well as details about their contract with us.
  2. E-mail data: Access to all e-mails currently held in an account's mailbox.
  3. Traffic data: The IP addresses associated with mail server logins when fetching, reading, or sending e-mails.
  4. Telecommunications interception data: Obtained through the temporary surveillance of all ongoing e-mail communication of an account.
  • zurück
  • nach Oben