AWS can share information about you and how you use AWS with police, government agencies, and courts if it believes this is legally required or necessary to protect safety.
AWS may share your account information, activity logs, content, and usage data with law enforcement agencies without your knowledge, including in response to subpoenas or court orders — this is particularly significant for organizations handling sensitive client data stored on AWS infrastructure.
Cross-platform context
See how other platforms handle Law Enforcement Cooperation and Disclosure and similar clauses.
Compare across platforms →This provision grants AWS broad discretion to disclose user data and activity logs to law enforcement without requiring a court order in all circumstances, which has implications for privacy and due process rights.
1) REGULATORY FRAMEWORK: This provision is governed by the Electronic Communications Privacy Act (ECPA, 18 U.S.C. § 2703), which sets the legal standards for government access to electronic communications and stored data held by third-party providers. The CLOUD Act (2018) governs cross-border law enforcement data requests and is directly relevant to AWS's global infrastructure footprint. GDPR Article 49(1)(d) provides a derogation for transfers to third countries for law enforcement purposes but requires that such transfers meet proportionality requirements. The USA PATRIOT Act (50 U.S.C. § 1861) and FISA Section 702 (50 U.S.C. § 1881a) create broad national security access rights to cloud-stored data. Primary enforcement authorities are DOJ, FBI, and national security agencies. 2)
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.