Law Enforcement Guidelines

Legal Guidelines

Like any online service, the Matrix.org Foundation receives requests for information about users. Those requests come from government agencies, law enforcement, individuals, and companies. We aim to be transparent about the data we collect about our users, through our privacy notice. This document describes the steps we take when engaging with law enforcement, and how we safeguard privacy rights. We also set out how law enforcement can send us requests.

Before revealing any non-public information about a site, an account, or a user, we require a valid subpoena, search warrant, or court order. The only exception is when we have a good faith belief that there is an emergency involving imminent danger of death or serious physical injury.

Law Enforcement Requests

To make a request, you will need a warrant issued by a UK authority in compliance with the UK Investigatory Powers Act of 2016 (“the Act”). We respond to requests from the United Kingdom only, in the form of authorisations which comply with article 66 of the aforementioned Act. Law enforcement agencies from outside the UK may obtain these types of authorisations through the Mutual Legal Assistance Treaty (MLAT).

These requests must be sent to abuse@matrix.org, and should include the following:

We will only transfer information using end to end encryption.

Emergency Requests from Government Agencies/Law Enforcement

We may disclose user information to government or law enforcement agencies – without a warrant – if we have a good faith belief that an emergency involving** imminent danger of death or serious physical injury** requires disclosure of information related to the emergency without delay.

Send your emergency request to abuse@matrix.org and include “emergency” in the subject line.

What Information Do We Have?

The data available on Matrix.org users is limited to that which is described in our privacy notice. As per the Matrix protocol, homeserver administrators are unable to view data which is end-to-end encrypted, making this type of data out of scope for these requests.

We do not voluntarily provide governments with access to data about users for any reason, including for the purposes of law enforcement, intelligence gathering, or other surveillance. As noted above, we only provide information to third parties after receiving a valid search warrant.

Notification to Matrix.org Users

We aim for total transparency with our users when legal requests for information or complaints affect their account. It is our policy to notify users and provide them with a copy of any legal requests regarding their account or site, unless we are prohibited from doing so by the warrant. When the prohibition from notifying users expires, we will notify users and provide them with a copy of the legal request at that time.

Preservation Requests by Government and Law Enforcement Agencies

It is our policy to notify users and provide them with a copy of any legal requests regarding their account, unless we are prohibited from doing so by a valid warrant issued in the UK, as described in the sections below. Our policy of notifying users about requests to preserve their information is meant to protect user privacy and promote transparency, while also avoiding interference with legitimate investigations of criminal activity.

Preservation requests may only be submitted by government and law enforcement agencies conducting a criminal investigation in which the information sought is relevant. We will preserve records for 90 days in response to a valid request, which the government or law enforcement agency can extend upon request.

We will act upon requests from non-UK law enforcement agencies only when these originate via the Mutual Legal Assistance Treaty process (MLAT).

Send your preservation requests to abuse@matrix.org.

Other types of requests

Reporting Terms of Service Violations

If you believe that a user or room is violating our Terms and Conditions, please report this information via abuse@matrix.org providing as much information as possible, and we will take action as appropriate.

We do not remove content based on disagreements, allegations or breaches of rules related to specific communities. Removal of content will only occur when it breaches our Terms. We may refer information about accounts sharing illegal content to the relevant authorities.

Requests for Takedown of Copyrighted Content

Matrix.org complies with properly formatted notices sent in accordance with the Digital Millennium Copyright Act. More information about our process and a DMCA takedown notice submission form can be found here.

Our stances

Who Is Liable for Content Hosted on Matrix.org?

We do not control or endorse the materials or message content found in any rooms or communities. To the maximum extent permitted by law, Matrix.org will have no liability related to user materials arising under intellectual property rights, libel, privacy, publicity, obscenity or other laws. Matrix.org also disclaims all liability with respect to the misuse, loss, modification or unavailability of any user messages or files.

On Back Doors and Encryption

We are strong advocates for encryption as a tool to support everyone’s human right to privacy. Matrix.org will never support encryption backdoors and will only share information which is requested following the above guidelines.

For more information on our approach to encryption and abuse management, please read through this blog post.