Transparency at Lookout
We believe privacy is essential for our users to have a truly secure mobile experience, which is why protecting our users’ privacy is perhaps the most important responsibility we have. Lookout ensures that customer data is protected best in class security measures like data encryption . We also support coalitions like the Digital Due Process Coalition to advocate for the reform of legal standards to enhance privacy protections for our users.
In 2013, we provided our first transparency report to provide meaningful insight into the government request landscape for Lookout. We wanted our users to have greater visibility about the types of law enforcement requests that we receive from the government about our users and have included metrics that show the types of requests that we receive, our response rate, and the frequency of non-disclosure orders in such requests.
We hope our transparency report will leave you empowered knowing that Lookout has your back.
*As of the date of this report, Lookout has not received a national security order and we have not been required by a FISA court to keep any secrets that are not in this transparency report.
Federal includes requests from federal law enforcement agencies such as the Federal Bureau of Investigation, Department of Homeland Security, and Department of Justice.
State includes requests from U.S.-based state and local law enforcement authorities (e.g. New York City Police Department).
Types of domestic legal process
Account data requests
From January to December 2017, we received 7 requests for user information and we produced account data in response to 43% of these requests.
From January to June 2018, we received 4 requests for user information and we produced account data in response to 75% of these requests.
From January to December 2019, we received 6 requests for user information and we produced account data in response to 0% of these requests.
From January to December 2020, we received 3 requests for user information and we produced account data in response to 33% of these requests.
From January to December 2017, 43% of account information requests were accompanied by non-disclosure orders, meaning that a court legally prohibited us from notifying our users about the request.
From January to June 2018, 75% of account information requests were accompanied by non-disclosure orders.
From January to December 2019, 0% of account information requests were accompanied by non-disclosure orders.
From January to December 2020, 33% of account information requests were accompanied by non-disclosure orders.
What approach does Lookout use when developing products?
Lookout implements privacy by design which allows us to be the gatekeeper of the information we collect so that we can better scrutinize government requests and detect attempts to access user information.
What is a government request?
For purposes of this report, it’s basically when a government asks us for user information. Governments often make requests of companies for things like a user’s account information to help their investigations. The majority of the requests we receive relate to criminal cases, like mobile phone theft, or when a mobile phone is used in connection with a crime. Most times,the inquiring agency is looking for basic subscriber information, such as a mobile phone number or email address. If you want to learn more about the data we collect and what we do with it, check out our privacy principles and practices here.
So when do you respond to a government request?
Government requests can be formal or informal, but we don't just give out user information anytime a government calls us up. All requests have to be lawful and supported by official documents. We require a subpoena, court order, or other valid legal process before providing information about users. And we'll give users a heads-up before giving that information, unless we can’t by law or if doing so could create a risk of injury or death We have strict guidelines in place to deal with all government requests. You can get more information by going to our law enforcement guide found here.
Does this report really show every government request you’ve ever received?
That’s all of them. This report contains every request for user data we received over the past nine years.
Will you release reports like this in the future?
Maintaining a high level of transparency around government requests is critical to preserving the trust users have in us, and we believe it’s also the right thing to do. So you can count on having access to updated reports regularly.
Where can I learn more?
You can read more about our privacy principles and practices here.
If you want to learn more about law enforcement requests generally, you should read through EFF’s Surveillance Self-Defense site: https://ssd.eff.org. There you can find out how the government can legally access your computer data and communications and what you can do to protect yourself.