1. Purpose
This Law Enforcement Request Policy describes how Blue Beard Solutions Inc. ("Company," "we," "us," or "our") responds to requests from law enforcement agencies and government authorities for user data related to the MayDay-IC incident command platform. We are committed to protecting the privacy and civil liberties of our users while cooperating with lawful legal processes. This policy is designed to provide transparency regarding how we handle such requests and to ensure compliance with applicable laws, including the Fourth Amendment, the Stored Communications Act (18 U.S.C. § 2701 et seq.), the Health Insurance Portability and Accountability Act (HIPAA), and other relevant federal and state laws.
2. Types of Legal Process Accepted
We require valid legal process before disclosing user data to law enforcement. The type of legal process required depends on the nature of the information requested:
Subpoena
A valid subpoena issued in connection with an official criminal or civil investigation may compel disclosure of basic subscriber information, including:
- Name and email address associated with the account
- Agency affiliation and role
- Account creation date and last login date
- Subscription status and billing information (excluding full payment card numbers)
Court Order
A court order issued under 18 U.S.C. § 2703(d) or an equivalent state statute, demonstrating specific and articulable facts that the information is relevant and material to an ongoing criminal investigation, may compel disclosure of:
- All information available via subpoena
- Session and authentication logs (login history, IP addresses, device information)
- Incident participation records (which incidents a user was assigned to, timestamps)
- Communication metadata (timestamps and recipients of IC broadcasts, but not content)
Search Warrant
A search warrant issued by a court of competent jurisdiction, based on a showing of probable cause, is required for disclosure of the content of user communications and stored data, including:
- All information available via subpoena and court order
- Content of IC officer broadcasts and communications
- Incident reports, notes, and action plans
- Uploaded documents, photos, and evidence logs
- GPS location history and tracking data
- AI advisor query history and responses
Emergency Disclosure Requests
In accordance with 18 U.S.C. § 2702(b)(8) and (c)(4), we may voluntarily disclose user information to law enforcement without legal process when we believe in good faith that an emergency involving imminent danger of death or serious physical injury to any person requires immediate disclosure. Emergency requests must be submitted in writing (email is acceptable) and must include:
- The nature of the emergency and the imminent threat
- Identification of the person(s) at risk
- A description of the specific information requested and how it will help address the emergency
- The identity and contact information of the requesting officer, including badge number, agency, and direct phone number
3. What Information May Be Disclosed
The scope of information we disclose is strictly limited to what is specified in the valid legal process or emergency request. We apply the principle of minimal disclosure and will not provide information beyond what is legally required. Categories of data that may be subject to disclosure include:
| Data Category | Required Legal Process |
|---|---|
| Basic subscriber information (name, email, agency) | Subpoena |
| Session/authentication logs | Court Order |
| Incident participation records | Court Order |
| Communication metadata | Court Order |
| Content of communications | Search Warrant |
| Stored files, photos, and evidence | Search Warrant |
| GPS/location data | Search Warrant |
| Protected Health Information (PHI) | Search Warrant + HIPAA Authorization (see Section 7) |
4. Legal Process Requirements
All legal process must meet the following requirements to be considered valid:
- Must be issued by a court or agency with proper jurisdiction
- Must be properly served on Blue Beard Solutions Inc.
- Must specifically identify the user account(s) or data requested
- Must not be overbroad or unduly burdensome
- Must comply with applicable federal and state laws
We review all legal process for legal sufficiency before producing any data. We may object to, move to quash, or seek to narrow requests that we believe are overly broad, legally deficient, or that raise civil liberties concerns.
5. Preservation Requests
Law enforcement may request that we preserve existing records pending the issuance of formal legal process, in accordance with 18 U.S.C. § 2703(f). Preservation requests must:
- Be submitted in writing on official agency letterhead
- Identify the specific user account(s) and data to be preserved
- Include the name, badge number, and contact information of the requesting officer
- Specify the investigation or case number
We will preserve the specified records for 90 days, with one renewal of an additional 90 days upon a renewed written request. Preserved data will only be disclosed upon receipt of valid legal process.
6. User Notification Policy
We believe our users have a right to know when their data is being sought by law enforcement. Unless we are prohibited from doing so by a valid court order, non-disclosure order, or applicable law, we will notify the affected user(s) of any legal process seeking their data before disclosing the requested information. Notification will include:
- A description of the legal process received
- The categories of information requested
- The identity of the requesting agency (unless prohibited)
- Information about how the user may seek legal counsel
If we are prohibited from notifying the user due to a non-disclosure order, we will notify the user as soon as the non-disclosure order expires or is lifted, unless doing so would be futile or unlawful.
7. HIPAA Considerations for PHI Disclosure
MayDay-IC processes Protected Health Information (PHI) as part of emergency medical care coordination. Disclosure of PHI to law enforcement is subject to the requirements of 45 CFR § 164.512(f), which permits disclosure of PHI to law enforcement under the following circumstances:
- Court Order or Court-Ordered Warrant: PHI may be disclosed pursuant to a court order or court-ordered warrant or subpoena or summons issued by a judicial officer.
- Administrative Request: PHI may be disclosed in response to an administrative request, including an administrative subpoena or summons, a civil investigative demand, or similar process authorized by law, provided the information sought is relevant and material, the request is specific and limited in scope, and de-identified information could not reasonably be used.
- Required by Law: PHI may be disclosed as required by law, including for identifying or locating a suspect, fugitive, material witness, or missing person (limited to name, address, date of birth, SSN, blood type, injury type, date/time of treatment, date/time of death, and distinguishing physical characteristics).
- Victims of Crime: PHI may be disclosed about a victim of a crime if the individual agrees, or if law enforcement represents that the information is needed to determine whether a violation of law has occurred and immediate enforcement activity depends on the disclosure.
- Decedents: PHI may be disclosed about a decedent when there is suspicion that death may have resulted from criminal conduct.
- Crime on Premises: PHI may be disclosed to report a crime that occurred on the premises of the covered entity.
- Medical Emergency: PHI may be disclosed in a medical emergency (not caused by the covered entity) to report a crime, the location of a crime or victims, or the identity, description, and location of the perpetrator.
All PHI disclosures to law enforcement are documented in our HIPAA disclosure log and are reported to the affected individual in accordance with the HIPAA accounting of disclosures requirement (45 CFR § 164.528).
8. International Requests
Law enforcement requests from authorities outside the United States must be made through a Mutual Legal Assistance Treaty (MLAT) or other valid diplomatic or legal channel recognized by U.S. law. We do not respond directly to foreign law enforcement requests that are not processed through proper international legal cooperation mechanisms. Exceptions may apply for emergency situations involving imminent threat to life, processed on a case-by-case basis in consultation with legal counsel.
9. Data Provided Scope
When responding to valid legal process, we provide data in a structured, commonly used format. We will:
- Provide only the data specifically described in the legal process
- Apply appropriate redactions where required by law or where data falls outside the scope of the request
- Include a certification of authenticity and completeness for the records provided
- Maintain a chain of custody log for all disclosed data
- Provide data in a manner that protects the integrity of the information
10. Transparency Reporting
We are committed to transparency regarding law enforcement requests. We will publish an annual transparency report that includes:
- The total number of law enforcement requests received, broken down by type (subpoena, court order, search warrant, emergency)
- The number of requests complied with, in whole or in part
- The number of requests challenged, narrowed, or rejected
- The number of users affected
- The number of requests accompanied by non-disclosure orders
Transparency reports will be published on our website and will not include any information that could compromise ongoing investigations or endanger any person.
11. User Rights
Users of MayDay-IC retain all rights afforded to them by applicable law, including:
- Right to Notification: The right to be notified of law enforcement requests for their data, subject to applicable legal restrictions.
- Right to Legal Counsel: The right to consult with an attorney regarding any law enforcement request involving their data.
- Right to Challenge: The right to move to quash or modify a subpoena, court order, or search warrant through appropriate legal channels.
- Right to Access: The right to request a copy of any data we have disclosed about them to law enforcement, to the extent permitted by law.
- Right to Accounting: For PHI disclosures, the right to receive an accounting of disclosures under HIPAA (45 CFR § 164.528).
12. Contact for Law Enforcement
Law Enforcement Requests
All law enforcement requests should be directed to:
Email: info@maydayic.com
Blue Beard Solutions Inc.
Attn: Legal Department - Law Enforcement Requests
Emergency requests requiring immediate response should include "EMERGENCY" in the subject line. We endeavor to respond to emergency requests within 24 hours.
User Inquiries
Users with questions about this policy or who have been notified of a law enforcement request for their data may contact:
Email: info@maydayic.com