WebFaction
Community site: login faq

I've read the webfaction privacy policy, tos and acceptable use policy, and I searched this QA site, but I couldn't find the relevant information.

What exactly is webfaction's approach to requests from the government for information belonging to its users? If I were to use my webfaction shared hosting account to store some of my email (currently it's being enjoyed by the NSA right on Google's servers ;) what measures are taken by webfaction to keep my email on their premises? Which governments are able to subpoena webfaction for such information?

I don't have anything to hide (yet), but this is becoming a matter of principle. Also see this recent Google+ post of mine: https://plus.google.com/102438662851504788261/posts/cQrLQwA4zLk (the FBI +1d it).

I know that there have been many retractions and corrections during the recent #prismgate events, but as a non-US (paying) user of services such as GMail and Dropbox, I have no guarantees as to the privacy and whereabouts of my data. I also realise that storing my data somewhere on a server is inherently insecure, but I'm still curious as to the different gradations of insecurity.

asked 10 Jun '13, 09:20

cpbotha
313
accept rate: 0%

Is the PRISM scenario applicable to non US companies ? Webfaction is a UK based company with servers in US, Amsterdam and Singapore.

(11 Jun '13, 01:44) epqrs

That is exactly what I'm after. I hope that webfaction can clarify exactly which governments can get at my information, how difficult it is made for them, and what exactly the procedure is.

(11 Jun '13, 01:46) cpbotha

Hello,

Servers are under the jurisdiction of the country/state they are physically in. In addition, since WebFaction is a UK company, UK law applies too. In practice we haven't received any request to hand over data (I guess that not being as big as Google or Facebook has its perks). If we ever do we'll have to examine each request on a case by case basis to verify its validity.

Update following a comment asking for more clarification:

Unfortunately given the number of countries where we have servers and the various datacenters that we work with it's almost impossible to list all the possible cases of data requests that we may receive in the future and which laws would apply in each case.

All we can do is provide general principals that we will follow if we ever receive a data request:

our legal team will examine each request to make sure that it complies with the laws in the various jurisdictions that apply for that specific request

whenever possible we will challenge the request so that we don't have to hand over any data

if we do have to hand over data then we will try to narrow down the request to as little data as possible

if we do have to hand over data then we will notify the affected customer unless legally prevented from doing so

Remi.

permanent link

answered 11 Jun '13, 09:50

remi
1973
accept rate: 26%

edited 18 Jun '13, 04:04

Thanks for your comment, I appreciate the extra information.

However, in the light of everything that's been going on around prism, don't you think that webfaction could put something a little more formal and specific online?

For example, "we'll have to examine each request" is extremely broad. Shouldn't it be when a UK judge hands you a subpoena, or something similarly specific?

(12 Jun '13, 10:13) cpbotha

Unfortunately given the number of countries where we have servers and the various datacenters that we work with it's almost impossible to list all the possible cases of data requests that we may receive in the future and which laws would apply in each case.

All we can do is provide general principals that we will follow if we ever receive a data request:

  • our legal team will examine each request to make sure that it complies with the laws in the various jurisdictions that apply for that specific request

  • whenever possible we will challenge the request so that we don't have to hand over any data

  • if we do have to hand over data then we will try to narrow down the request to as little data as possible

  • if we do have to hand over data then we will notify the affected customer unless legally prevented from doing so

(13 Jun '13, 05:52) remi

That sounds reasonable, thanks! :)

  1. If you have time to add this comment to your answer, I will accept it. ;)
  2. I would still suggest that you add the 4 general principles above to the webfaction website.
(17 Jun '13, 13:29) cpbotha
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×261
×69
×5
×1
×1

question asked: 10 Jun '13, 09:20

question was seen: 3,615 times

last updated: 18 Jun '13, 04:04

WEBFACTION
REACH US
SUPPORT
AFFILIATE PROGRAM
LEGAL
© COPYRIGHT 2003-2019 SWARMA LIMITED - WEBFACTION IS A SERVICE OF SWARMA LIMITED
REGISTERED IN ENGLAND AND WALES 5729350 - VAT REGISTRATION NUMBER 877397162
5TH FLOOR, THE OLD VINYL FACTORY, HAYES, UB3 1HA, UNITED KINGDOM