Transparency Reports
Law Enforcement Requests - This is our most recent Law Enforcement Report which details government requests received by GitLab
2024 Law Enforcement Transparency Report
This report covers legal requests received by GitLab over a period from January 2024 to December 2024 and provides insights into the types of requests received, their disposition, and GitLab’s commitment to user privacy and transparency. GitLab reviews and responds to requests according to our published Guidelines for Law Enforcement Requests.
Request Volume and Type
GitLab received a total of 18 valid U.S. law enforcement requests during the reporting period. The requests were distributed across the categories of:
- Subpoenas
- Court Orders
- Search Warrants
- Preservation Orders
In this period GitLab did not receive any valid international requests for User Data.
| Type of Request | Total Requests Received | Total Identifiers Included in Request* | Number of Impacted User Accounts* |
|---|---|---|---|
| Court Order | 3 | 24 | 6 |
| Preservation Request | 4 | 8 | 3 |
| Search Warrant | 1 | 1 | 1 |
| Subpoena | 10 | 64 | 8 |
*Total identifiers reflect the total number of identifiers included in the request.
*Number of impacted user accounts reflects how many GitLab accounts match to one or more identifiers included in the request.
*Content - GitLab uses the definition of Content as defined in the SCA (18 U.S.C. § 2510(8)). Content data essentially is the content of a repository and would include data such as profile photos, code and files uploaded as well as the content of messages exchanged through the GitLab platform.
*Non-Content data includes metadata (e.g., data/time and IP address associated with user activity), log-in event information, payment/billing history, and any user information captured at sign-up.
User Notice and Transparency
GitLab strictly enforces our policy of notifying users of requests for their account or repository information unless prohibited by law or a court order. While most requests are accompanied with a time-limited Non-Disclosure Order, upon expiration of those orders GitLab notifies affected Users that a request for User Data was processed.
National Security Requests
As of January 2025, GitLab has never received a National Security Letter or a request under the Foreign Intelligence Surveillance Act. GitLab has also not been served with legal process under the national security laws of any other country.
905737e2)
