The email service mailbox.org from Berlin, which specializes in data protection and data security, has published its annual transparency report on official requests for information for 2023 and is taking stock.
The total number of government information requests to mailbox.org rose sharply last year, to a total of 133 compared to 55 the previous year. And the number of requests rejected by mailbox.org due to illegality also rose sharply, from 14 in 2022 to 45 in 2023. This means that around a third (33,8 percent) of all government requests made to mailbox.org were rejected because they contained errors or were legally inadmissible.
Of the 133 requests, all come from law enforcement authorities, including 130 from German authorities, two from foreign EU authorities and one foreign non-EU authority. Every request, whether for inventory data, mailbox seizures or telecommunications surveillance, is checked, evaluated and answered or rejected accordingly by mailbox.org's data protection officer and lawyer. Mailbox.org will only release data if the request is legitimate and error-free.
Illegal unencrypted requests
Since January 01, 2023, investigative authorities have been obliged to submit inquiries via email ESB secured or PGP encrypted channels. Requests for information via fax and email in plain text are no longer permitted. Accordingly, mailbox.org only responds to appropriate inquiries or those sent by post. Although most requests for information were made accordingly in 2023, mailbox.org still received 27,1 percent of all requests by plain text email and six percent by fax.
mailbox.org has a standardized process for processing and responding to requests for information from the authorities. Every request is extensively checked, evaluated and answered or rejected accordingly by our data protection officer and lawyer. In the event of a rejection, the authority can correct your application. In any case, we will only release data if the request is legitimate and error-free.
Data requested from mailbox.org
- Inventory data queries: Among other things Telephone number, name and address of the owner, details of the contract and tariff features.
- Mailbox confiscations: Seizure of all emails in the account's mailbox.
- Traffic data queries: Among other things IP addresses from which logins to the mail server take place or from which emails were sent.
- Telecommunications monitoring: Permanent monitoring of all received and sent emails and the entire account.
Via mailbox.org
The German e-mail specialist mailbox.org shows that digital sovereignty, security and data protection can also be combined with convenience and extensive features. In addition to classic e-mail core functions, security-conscious private and business customers also receive a calendar, address book, task management, online word processing and cloud storage based on an open source solution.