Amazon, AWS & Ring Law Enforcement Data Request: Police & Government Guide
How police request Amazon, AWS and Ring data: account records, AWS account attribution, and Ring footage (warrant since 2024), plus India's MLAT route.
Amazon appears in investigations through three very different surfaces, each with its own rules: the Amazon retail account (orders, addresses, payment and login data), Amazon Web Services (AWS) (the cloud that hosts a large share of the internet, where the question is usually “who is behind this server or IP?”), and Ring (home security and doorbell cameras, where the prize is video footage). Amazon.com, Inc. is a US company, and disclosures of customer data run on US legal process under the Stored Communications Act (18 U.S.C. § 2701 et seq.). The three surfaces are treated separately below because what you can get, and how, differs sharply.
- How to submit: Through Amazon’s official law-enforcement request channel with valid US legal process (foreign agencies via MLAT). AWS publishes its own law-enforcement information-request guidance; Ring/Amazon handles camera footage through the same legal-process route.
- Identifiers accepted: Retail — the account email, order IDs, addresses. AWS — the account number, the IP address, instance/resource identifiers and timestamps. Ring — the device owner’s account email and the location and timeframe of interest.
- What needs a warrant: Subscriber and account records follow a subpoena; content — including Ring video footage and stored files — generally requires a search warrant, owner consent, or a genuine emergency.
Identifiers for a data request
Scope each surface precisely. For a retail account, give the registered email and any order numbers and shipping addresses. For AWS, the single most useful identifier is the IP address with a precise timestamp (and time zone), plus any instance or resource ID; this is what lets AWS map activity to an account holder. For Ring, identify the device owner’s account and the exact location and time window of the footage sought.
What data Amazon, AWS and Ring provide
| Surface | What is available | Process needed |
|---|---|---|
| Amazon retail account | Subscriber info (name, email, addresses, phone), order history, payment-method and login/IP records | Subpoena for subscriber data; warrant for content/contents of communications |
| AWS | Account-holder identity and billing for a given account/IP, and account-level logs. AWS generally does not hold the customer’s application content | Subpoena/court order to identify the account; for the hosted content itself, go to the customer (see below) |
| Ring (camera footage) | Stored video and account data for a device | Search warrant, the owner’s consent, or a genuine imminent-danger emergency |
AWS — go to the customer. AWS is an infrastructure host: the AWS customer is the data controller for the content they store. So while AWS will respond to valid legal process to identify the account behind an IP or resource, the application data itself (databases, files, user records of the hosted service) must usually be obtained from that customer directly, with AWS subscriber data used to find them.
Ring — the 2024 change. In early 2024 Ring ended its “Request for Assistance” tool in the Neighbors app, which had let police publicly ask users for footage without legal process. Police now obtain Ring footage through a search warrant or subpoena, by asking the owner to share it voluntarily, or where Ring/Amazon provides it directly in a case of imminent danger of death or serious physical injury. There is no longer a no-warrant public-request shortcut.
User notification: Amazon’s policy is generally to notify the customer of a request unless legally prohibited or an exception (such as a child-safety or imminent-harm matter) applies.
How to submit a request
- Preserve first under 18 U.S.C. § 2703(f) (90 days, extendable) — especially for Ring footage, which has limited retention and can be lost.
- Submit valid legal process through Amazon’s law-enforcement channel (and AWS’s information-request process for cloud matters), with identifiers matched to the surface and the level of process matched to the data.
- For hosted services on AWS, use AWS subscriber data to identify the operator, then serve that operator for the application content.
Emergency disclosure requests
Where there is an imminent risk of death or serious physical injury, Amazon, AWS and Ring may each disclose data — including Ring footage — voluntarily and without a warrant under the emergency exception to the Stored Communications Act. Submit through the official channel, articulate the specific and immediate threat, the data or footage needed, and the relevant identifiers. Disclosure is at the company’s discretion.
For India: legal basis and process
- IT Act, 2000 — Section 69 and BNSS, 2023 — Section 94 provide the domestic authority to direct production of electronic records.
- IT Rules, 2021 — Rule 3: route first-level coordination through Amazon’s official channel; escalate to MLAT for customer data and content.
- MLAT: for US-held account data, AWS account attribution, or Ring footage, route the request through the MHA Central Authority to the US Department of Justice, Office of International Affairs. File a preservation request immediately, as Ring footage in particular may otherwise be deleted before the MLAT process concludes.
What you’ll need
- Retail: account email, order IDs, addresses;
- AWS: the IP address with a precise timestamp and time zone, plus instance/resource IDs;
- Ring: the device owner’s account and the exact location and time window, plus a search warrant (or owner consent / emergency basis);
- The appropriate legal instrument for the surface, and a 2703(f) preservation request filed early;
- For Indian agencies: an MLAT request through MHA, plus immediate preservation.
For a full directory of law enforcement request portals across major platforms, visit our LERS portal hub or the platform-by-platform LERS guide.