Transparency Report

TRANSPARENCY REPORT 2015 BIT B.V. - VERSION 2014-07-23

In 2012, BIT issued their first Transparency Report with the aim of providing insight into the amount of BIT's personal data retrievals and the amount of notice and takedown requests that have been received and processed by BIT in that year. In this report, we publish that information for the year 2015.

We publish this information because we think it’s important, especially given the recent developments in the field of privacy, to provide our clients and other interested parties with openness. To enable trends to be identified, we have included the 2012, 2013 and 2014 figures in this report as well.

Below you will find the numbers per category for the received complaints/requests/notifications and the way these were handled. This document is also available as a PDF file. Read more

Hand over of personal data

The table below shows the number of requests we have received for the handover of personal data of customers of BIT to law enforcements. The number of cases that were in compliance with this request is indicated as well.

  2012 2013 2014 2015
Received requests 1 1 0 2
NAW-requests where information has been disclosed 1 1 0 0

Reports of data protection infringements
BIT is legally required to report any event of infringement of the protection of personal data they have stored. The same as in 2012, 2013 and 2014, BIT has found no reason to report any such event in 2015.

  2012 2013 2014 2015
Reports of data protection infringements 0 0 0 0

Legal interception orders
The 2012 edition of our Transparency Report did not contain the amount of legal interception orders due to uncertainties concerning confidentiality. Now that there is more clarity, we can publish these numbers in this year's edition, just like we did in the Transparency Reports for prior years.

  2012 2013 2014 2015
Amount of tapping orders 0 0 0 0

Malware
The table below shows how many complaints BIT received because of the (alleged) hosting of malware and how they were processed.

  2012 2013 2014 2015
Processed Take Down requests 8 29 20 10
Rejected Take Down requests 4 0 0 0
Total 12 29 20 10

Take Down requests for alleged copyright infringement
In the Transparency Report of 2013 BIT has published data about received and processed notice-and-takedown-requests for allegedly infringement of copyright. The numbers for this and prior years can be found below.

  2013 2014 2015
Unprocessed complaints 1135 2339 607
Complaints rejected by BIT 5 6 0
Reported complaints 4 0 0
Total 1144 2345 607

The large number of unprocessed complaints is filed by a small number of parties that automatically file complaints on behalf of the film and music industry. Since they do not comply with our notice and takedown procedure, we have not processed these   complaints. It is also possible that there are repetitions amongst the unprocessed complaints for the years 2013 and 2014. For the year 2015 these unprocessed complaints have been processed in AbuseIO, which have automatically aggregated this
complaints and had the consequence that the number has been reduced.

The complaints that have been rejected were complaints concerning material that could not be confirmed as undeniably unlawful.

Phishing
The table below contains information about the amount of complaints concerning phishing-sites BIT has received and how they were processed.

  2012 2013 2014 2015
Processed Take Down requests 8 22 50 211
Rejected Take Down requests 1 2 3 0
Total 9 24 53 211

Child pornography
The table below contains information about the amount of complaints concerning child pornography BIT has received and how they were processed.

  2012 2013 2014 2015
Number of complaints accepted
0 0 1 0
Number of complaints rejected 0 0 0 0
Total 0 0 1 0

Responsible disclosure
This year the responsible disclosure notifications that have been reported to BIT are included for the first time. The notifications that have been reported to BIT regarding not yet known vulnerabilities, BIT has rewarded the reporters for these notifications.   Notifications about already known vulnerabilities, vulnerabilities outside the responsibility of BIT and vulnerabilities that were not a real thread according to BIT were not rewarded.

  2015
Not yet known vulnerabilities 2
Already known vulnerabilities 5
Rejected notifications 14
Total 21


Conclusions and comments
The number of handover request for personal data and legal interception orders remains low. The explanation we gave previous years is that BIT is a corporate ISP and does not (directly) do business with clients remains applicable here.

The number of malware hosting complaints has slightly decreased, this can be attributed to the fact that reports get the category the reporter gives to it. Most reporters choose for categorizing it as phishing instead of malware.

The number of claims of copyright infringements has decreased, because of the aggregation of these claims. These claims are automatically e-mailed and all those claims do not comply with our notice and takedown policy.

Phishing complaints have increased again. This can be attributed mainly to the fact that BIT has been using extra sources for information about phishing.

There was no report about child pornography this year.

We have included the numbers concerning responsible disclosure reports for the first time this year.

Share this page on
Announcements
Maintenance

Ongoing incidents
None
BSS ICT Groep


We realise that the IT infrastructure is essential to our clients and that is why we set the bar high. Those who want to do their job without worry, need to be able to rely on their partners. For many of our clients, we are not a supplier, but an extension of their organisation.

Curious what we do for our clients? Read our inspiring cases >>

Agenda
January
  • 13 January New Year's reception