Since the news broke about the so-called PRISM surveillance and data collection program run by the NSA, we’ve seen a lot of questions regarding whether Internet companies can be forced by the government to access and disclose data that is stored by customers in the cloud or in dedicated environments.
It is DigiTar’s policy that we will not access, transfer, or deliver data stored by our customers on DigiTar SaaS systems to any government authorities other than pursuant to a properly issued, lawful request from appropriate law enforcement officials or other order from a competent Legal body of the country in which our systems are physically located. This applies to requests from law enforcement and includes those made under the Patriot Act. By agreement, our customers own the data they store on DigiTar systems.
This includes allowing them full control of the resources, and control of passwords used to access their data. Because of this, we take the view that, in legal terms, DigiTar has no “possession” over customer stored data; and that we are legally prohibited from accessing that data on our own.
DigiTar has not participated in any data mining or collection of customer data located within its hosted environments for U.S. law enforcement or security agencies, including the PRISM program. We are adamant about protecting the privacy rights of our customers and we continue to enforce policies to ensure customer-owned data is secure.
For a more detailed look at our approach to the issue and our view of the law, Please see: