Transparency Report Reporting Period: January 1, 2015 to December 31, 2015

Government Demands for User Data

In the Reporting Period, Mozilla did not receive any government demands through Legal Processes for user data.

Legal Processes Received Data Produced
Search Warrants 0 N/A
Subpoenas 0 N/A
Court Orders 0 N/A
Wiretap Orders 0 N/A
Pen Register Orders 0 N/A
Emergency Requests 0 N/A
National Security Requests 1 0 N/A

Government Demands for Content Removal

In the Reporting Period, Mozilla did not receive any government requests for content removal from our services.

Requesting Country Requests Received Data Produced
N/A 0 N/A


Legislative Reform

In the Reporting Period, we mobilized for surveillance reform in the US and pushed back against overbroad intelligence laws from London to Berlin to Paris to Ottawa. We were also active in the realm of cybersecurity, speaking out early against overbroad portions of the Cybersecurity Information Sharing Act (CISA), and convening more than 30 leading cybersecurity experts from a wide variety ofbackgrounds to identify pro­defense Cybersecurity Delphi Project.

Sharing of Cybersecurity Threat Indicators

Cybersecurity Threat Indicator 1

The Cybersecurity Information Sharing Act of 2015 (CISA) provided a framework for companies to voluntarily share cybersecurity threat indicators with each other, as well as with the government, to prevent cyber attacks. We believe this type of sharing is appropriate under some circumstances and encourage companies to be transparent with their users when this occurs.

In the Reporting Period, Bugzilla experienced a security incident, which we reported about on Mozilla’s security blog. As permitted by law, we voluntarily shared IP addresses associated with the security incident with the Federal Bureau of Investigation (FBI). Although this occurred prior to the passage of CISA, the IP addresses are examples of cybersecurity threat indicators and relevant for purposes of transparency reporting.

Specific User Data Disclosures

CyberTipline disclosure 1

Information about possible child sexual exploitation can be voluntarily reported by anyone to the National Center for Missing & Exploited Children’s (NCMEC) CyberTipline. We take this issue seriously. In the Reporting Period, Mozilla disclosed Specific User data to the NCMEC in connection with a Theme that was submitted (but not published) to Firefox Add­ons (“AMO”) and implicated child sexual exploitation.