Transparency Report
Eclipse Veil is committed to transparency about how we handle data, respond to requests, and protect user privacy. This report covers our practices and any relevant disclosures.
Reporting Period: January 2026 - Present | Updated February 2026
Platform Statistics
Why These Numbers Matter
Even if we received government data requests, our zero-knowledge architecture means we could only provide encrypted data that we cannot decrypt. We have no access to message content, file contents, or encryption keys. We would challenge any request we believe to be overbroad or unlawful.
How We Handle Data Requests
Eclipse Veil has a clear process for responding to any legal requests for user data:
- Legal Review: Every request is reviewed by qualified legal counsel before any action is taken
- Narrow Scope: We only provide the minimum data legally required, and challenge overbroad requests
- User Notification: Where legally permitted, we notify affected users about data requests
- Technical Limitation: Due to our zero-knowledge architecture, we can only provide encrypted blobs and basic account metadata (pseudonymous handle, account creation date)
- No Backdoors: We will never build backdoors, weaken encryption, or provide bulk access to user data
What We Can Provide (If Legally Required)
- Pseudonymous account handle and creation date
- Encrypted message blobs (unreadable without user's private key)
- Encrypted vault blobs (unreadable without user's private key)
- Message delivery timestamps
What We Cannot Provide (Technically Impossible)
- Decrypted message content
- Decrypted file/vault contents
- User passwords or encryption keys
- Recovery phrases
- Historical IP address logs (not retained)
Content Moderation
Because we cannot read encrypted messages, content moderation works differently on Eclipse Veil:
- User Reporting: Users can report accounts for abuse, harassment, or illegal activity
- Account-Level Action: We can suspend or terminate accounts based on reports and patterns, even without reading message content
- Proactive Measures: Automated detection of abuse patterns based on behavioral signals (not content analysis)
- Age Verification: All accounts require 18+ age verification during registration
Security Incidents
Incident History
No security incidents have been reported or detected since the platform's launch. Our Security Fortress system continuously runs 200 automated security tests to detect and prevent issues proactively.
Incident Timeline
Operational Platform launch. Zero security incidents. 200/200 security tests passing.
Infrastructure & Compliance
- Hosting: Secure cloud infrastructure with encrypted storage at rest
- GDPR Ready: Full data export and deletion capabilities available to all users
- CCPA Ready: California Consumer Privacy Act compliance implemented
- SOC 2 Principles: Architecture follows SOC 2 Trust Service Criteria
- Data Retention: Minimal data retention; deleted data is cryptographically erased
Independent Security Assessments
Status: Planned
We are actively engaging independent security firms to conduct third-party audits of our cryptographic implementations, server infrastructure, and client applications. Results will be published in this report and in our Security Whitepaper upon completion.
Warrant Canary
Current Status (February 2026)
As of the date of this report, Eclipse Veil has not received any national security letters, FISA orders, or gag orders from any government agency. We have not been required to provide bulk user data to any government or third party. We have not been compelled to modify our systems to allow surveillance or monitoring of any user. This canary is updated with each transparency report revision.
Open Questions & Future Plans
- Publish results of independent security audit (targeted mid-2026)
- Expand transparency report to include detailed abuse report statistics
- Implement automated canary verification system
- Explore open-sourcing core cryptographic components for community review
Have Questions?
Contact us at privacy@eclipseveil.pro or review our Security Whitepaper for technical details. For law enforcement inquiries, see our Law Enforcement Guidelines.