U.S. Law Enforcement Legal Process Guidelines

I. General Information

These Guidelines are provided for use by United States law enforcement agencies when seeking the disclosure of electronic information from Symantec Corporation (“Symantec”) regarding its customers, partners or other third parties. These Guidelines are not intended to provide legal advice and do not apply in all circumstances where service of process is required, as addressed below.  Nor are they applicable to law enforcement requests from foreign law enforcement agencies or to civil subpoenas. 

Please click this link to send an email to the U.S. Subpoenas mailbox with any questions or to effect service according to these guidelines. If you choose to send legal process or otherwise email this address, it must be from a valid government email address.  Nothing within these Guidelines is meant to create any enforceable rights against Symantec and Symantec reserves the right to change these Guidelines at any time and without advance notice.  Submission of a Law Enforcement Request, as defined below, to the U.S. Subpoenas mailbox constitutes your agreement and consent to follow these Guidelines. 

Law Enforcement Requests should be as narrow and specific as possible to avoid misinterpretation and/or avoidable objections in response to an overly broad request. Please note that law enforcement will be required to obtain a search warrant that is issued upon a probable cause showing before Symantec will produce user content.

II. Service of Process Guidelines

A. Service of Law Enforcement Subpoenas, Search Warrants and Court Orders

  1. Service of Law Enforcement Request via Email

    Symantec will accept service of valid non-testimonial subpoenas, search warrants and court orders for information (“Law Enforcement Request”) by email from law enforcement agencies, provided these are transmitted from an official email address of the law enforcement agency concerned. For testimonial subpoenas, please see Section II.B. below.

    Law enforcement officers submitting a Law Enforcement Request to Symantec should transmit it directly from their official law enforcement email address in PDF format to the U.S. Subpoenas mailbox linked here.  Again, the U.S. Subpoenas mailbox is intended solely for use by United States law enforcement and government agents. 

    We require law enforcement to include the following information with the Law Enforcement Request so the request can be verified:

    • Law Enforcement agency
    • Name and badge/ID number of issuing agent/officer where applicable
    • Agency-issued email address
    • Law enforcement phone number (with extension if applicable)
    • Verifiable physical return address
       
  2. Effective Date of Service, Acknowledgment of Receipt and Status Inquiries

    Symantec does not agree that service through this voluntary method is effective on the day the Law Enforcement Request is emailed to Symantec.  Rather, service via email to the U.S. Subpoenas mailbox, linked here, will be deemed effective and complete on the day you receive an email acknowledgement of receipt from a member of Symantec’s Legal Department, which in general should be within 2-3 business days after submission of the Law Enforcement Request. 

    If you have not received an email acknowledgement of receipt from Symantec’s Legal Department within 2-3 business days from the date the Law Enforcement Request was submitted, service of process should be effected through Symantec’s registered agent for service of process, Corporation Service Company (“CSC”).  For other inquiries regarding the status of a specific subpoena, search warrant or court order, please do not contact the U.S. Subpoenas mailbox until at least 10 business days after your receipt of the email acknowledgement, unless the matter involves imminent harm or threat to life.

    When a Law Enforcement Request has been served on Symantec by email to the U.S. Subpoenas mailbox, and an email acknowledgement has been received, there is no need to serve duplicate process on Symantec by mail, through CSC or by other means.

  3. In the case of exigent circumstances, as that term is defined in the applicable jurisdiction but generally understood to mean where there is a real and immediate threat of death or physical harm to an individual that Symantec may have information necessary to prevent, Symantec may voluntarily disclose information on an emergency basis. In order to request that Symantec do so, exigent requests from law enforcement agencies should use the process outlined above but the cover email should note “EXIGENT LAW ENFORCEMENT REQUEST” in the subject line. Failing to include that language in the subject line may lead to a delay in processing. Additionally, the cover email should include all relevant information to establish the nature of the exigent circumstances, the specific information sought necessary to help resolve the emergency, the best methods of communication with the requesting officer or agency (including after-hours contact information), contact information for the supervisor of the official making the request, and any other background information that may help Symantec facilitate the search for, and provision of, the requested information if appropriate. Should it decide to voluntarily provide information on an emergency basis, Symantec will respond to the request as quickly as practicable.

B. Witness Testimony Subpoenas

Symantec does not waive formal service requirements for subpoenas seeking witness testimony and does not accept service for such testimony via electronic means.  All subpoenas seeking witness testimony must either be personally served on Symantec at its headquarters, served through CSC, or as otherwise permitted by law. In most cases, Symantec will resist subpoenas for witness testimony that are served with fewer than 14 days advance notice.

C. Preservation Requests

Requests from law enforcement agencies to preserve customer, partner or other third party information may also be directed to Symantec by email to the U.S. Subpoenas mailbox, linked here. Preservation requests should be submitted on law enforcement letterhead and contain the same information listed in Section II.A.1 above, so the request can be verified. Preservation requests must also include the Symantec customer’s full name, the email address associated with the subject account, and all other available identifying/contact information so the requested information can be located.  After sending the email acknowledgment of the preservation request, Symantec will preserve then-existing customer, partner or other third party data that can be reasonably located for 90 days in anticipation of receiving a valid Law Enforcement Request.  

D. User Notice

Please note that Symantec may notify its customers and partners when their information is being sought in response to legal process unless we are legally prohibited from doing so.

E. Civil Matters

The foregoing procedures, including the use of the U.S. Subpoenas mailbox, are intended solely for use by U.S. law enforcement and government agents.  All matters that are not law enforcement related, including all civil complaints and third-party subpoenas, must be either personally served at Symantec’s headquarters in Mountain View, California or served through CSC.