Transparency Report Reporting Period: July 1, 2021 to December 31, 2021
Government Demands for User Data
In the Reporting Period, Mozilla received the following.
| Legal Processes | Received | User Data Produced |
|---|---|---|
| Search Warrants | 0 | 0 |
| Subpoenas | 3 | 0 |
| Court Orders | 0 | 0 |
| Wiretap Orders | 0 | 0 |
| Pen Register Orders | 0 | 0 |
| Emergency Requests | 0 | 0 |
| National Security Requests 1 | 0-249 | 0-249 |
Government Demands for Content Removal
In the Reporting Period, Mozilla received no government requests for content removal from our services.
| Requesting Country | Requests Received | Data Produced |
|---|---|---|
| N/A | 0 | N/A |
Copyright
In the Reporting Period, we received 4 Copyright Takedown Notices and 0 Counter Notices.
| Mozilla Service | Takedown Notices | Counter Notices |
|---|---|---|
| Firefox Add-ons | 3 | 0 |
| 1 | 0 | |
| Other Services | 0 | 0 |
Trademark
In the Reporting Period, we received 9 Trademark Takedown Notices and 1 Counter Notices.
| Mozilla Service | Takedown Notices | Counter Notices |
|---|---|---|
| Firefox Add-ons | 8 | 1 |
| 1 | 0 | |
| Other Services | 0 | 0 |
Personal Data Requests
In the Reporting Period, we received 5,684 requests.
| Service | Received |
|---|---|
| Mozilla | 3,755 |
| 1,929 |
Supplement
Legislative Reform
During the course of this reporting period, Mozilla continued its efforts to defend privacy and security on the open web. In the United States, we submitted comments in response to the California Privacy Protection Agency’s Invitation for Preliminary Comments on Proposed Rulemaking Under the California Privacy Rights Act (CPRA).
In Europe, we engaged on the problematic provisions around web security present in the EU’s recently-proposed draft law on Digital ID and Authentication (eIDAS). In support of deploying limitations on the use of third-party cookies for pervasive web tracking, we contributed to the UK's Competition and Markets Authority (CMA) second round of consultations on Google’s Commitments to the Chrome Privacy Sandbox. We also submitted comments to the public consultation on reforming the UK's data protection regime post Brexit. On encryption, we also helped push back against a concerning Belgium Data Retention proposal that would likely impact encrypted services and possibly mandate greater metadata collection for all online communication providers.
In the African continent, we continued to advocate for strong data protection practices in the region while also serving as the trusted entity to coordinate and manage pooled resources for technical and operational support to assist the Africa Network of Data Protection Authorities. We also developed a curriculum for Lean Data Practices for startups in the Africa region and have held a webinar on Lean Data Practice, in collaboration with AfriLabs, to promote our philosophy on how to apply privacy, security, and transparency to products and practices. We also assisted the African Union Development Agency (NEPAD) in advocating for the African Union Cyber Security and Personal data Protection Convention, 2014. In India, we engaged on the Joint Parliamentary Committee report on India’s data protection law with the goal of pushing for stronger privacy protections and a more independent data protection authority.
Voluntary Threat Indicators & Data Disclosures
| Type of Disclosure | Number of Disclosures |
|---|---|
| Cybersecurity Threat Indicator | 0 |
| Other Specific User Data Disclosure | 0 |