Coinbase can share your personal information with law enforcement or government agencies when legally required or when Coinbase believes disclosure is necessary to prevent harm or investigate potential violations.
This analysis describes what Coinbase's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The policy states disclosure may occur based on Coinbase's good faith belief, not solely on legally compelled orders, and may proceed without notifying the user, which means users may not know when their financial and identity data has been disclosed to government authorities.
Interpretive note: The scope of 'good faith belief' as a standard for voluntary disclosure without legal compulsion may be interpreted differently under GDPR and CCPA frameworks, creating jurisdictional variance in how this provision operates in practice.
Text is substantively identical; provision name simplified from 'Law Enforcement Disclosure Without User Notification' to 'Law Enforcement and Government Disclosure' to be more concise.
View full change record →Users' transaction history, identity documents, and financial account details may be disclosed to law enforcement or government agencies under this provision, including in circumstances where Coinbase determines notification to the user is not required or is prohibited.
How other platforms handle this
We may disclose your information if we believe that disclosure is in accordance with, or required by, any applicable law or legal process, including lawful requests by public authorities to meet national security or law enforcement requirements. We may also disclose your information if we believe it...
In the event of a merger, acquisition, reorganization, bankruptcy, or other similar event, your personal data may be transferred to a successor entity or third party as part of that transaction.
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
Monitoring
Coinbase has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We may share your personal information with law enforcement, government officials, or other third parties when we are compelled to do so by a subpoena, court order, or similar legal procedure, or when we believe in good faith that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity, or to investigate violations of our User Agreement.— Excerpt from Coinbase's Coinbase Privacy Policy
REGULATORY LANDSCAPE: This provision engages BSA and FinCEN regulations requiring financial institutions to file Suspicious Activity Reports and Currency Transaction Reports without customer notification. It also implicates the Electronic Communications Privacy Act regarding compelled disclosure of electronic records. For EU users, GDPR Article 23 permits restrictions on data subject rights for law enforcement purposes but requires the restriction to be grounded in a specific legal basis under EU or member state law. GOVERNANCE EXPOSURE: High. The breadth of the good faith disclosure standard, extending beyond legally compelled orders, creates governance exposure in jurisdictions where proactive disclosure without a court order may engage GDPR or equivalent data protection frameworks. The no-notice provision is operationally significant for compliance with GDPR's transparency principles. JURISDICTION FLAGS: EU and UK users may have GDPR data subject rights that interact with this provision, though law enforcement exemptions in national law may apply. California CPRA permits disclosure to law enforcement but requires certain disclosures in the privacy notice. Cross-border disclosure of EU resident data to US law enforcement may require assessment under GDPR's third-country transfer provisions. CONTRACT AND VENDOR IMPLICATIONS: B2B customers or institutional users should assess whether this provision affects their own regulatory notification obligations to their clients if Coinbase discloses data about their accounts or transactions. Audit rights over law enforcement disclosures affecting business account data are not addressed in this provision. COMPLIANCE CONSIDERATIONS: Compliance teams should document the legal bases and internal procedures governing voluntary versus compelled disclosures and assess whether the good faith standard is consistent with GDPR Article 6 requirements for a lawful processing basis. SAR and CTR obligations must be mapped against no-tipping-off requirements to confirm the no-notice provision is operationally compliant rather than discretionary.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The policy states disclosure may occur based on Coinbase's good faith belief, not solely on legally compelled orders, and may proceed without notifying the user, which means users may not know when their financial and identity data has been disclosed to government authorities.
Users' transaction history, identity documents, and financial account details may be disclosed to law enforcement or government agencies under this provision, including in circumstances where Coinbase determines notification to the user is not required or is prohibited.
ConductAtlas has identified this type of provision across 13 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Coinbase.