Posting this because I have seen folks ask in other websites, mainly reddit. Discord publishes a transparency report twice a year. The numbers are public the categories are public and they tell you more than most people realize.
Don’t ask me how I know thisa!
Subpoena (no warrant required, low bar). Basic subscriber info: email, phone, registration IP address, account age, payment info if you’ve paid for Nitro. No message content. Discord complied with about 95% of subpoenas in the most recent transparency report.
Search warrant (requires probable cause). All of the above + message content from servers and DMs, attachment urls, voice channel join logs, IP addresses for every login.
Court order (between subpoena and warrant in scope). Subscriber info plus account activity logs but usually not message content unless the order specifically asks for it.
Emergency Disclosure Request (EDR). Used in cases where cops claim imminent danger. Discord can provide subscriber and content info without a warrant if they believe the emergency is real. EDRs have been abused in the past industrywide (fake police email accounts requesting EDRs from various platforms) and Discord has historically had limited verification on these requests.
Preservation request. Doesn’t itself hand over data but tells Discord to preserve account data for up to 90 days while police get the proper paperwork. Means even if you delete your account during that window, Discord retains the data anyway
implications for the privacy-minded peope around here
Your IP address history goes back as far as your account age. Every single login is logged!
DMs and server messages are not end to end encrypted. Discord can read them, and so can anyone they’re legally compelled to share with.
the 14-30 day deletion grace period after you initiate account deletion is also the window where preservation requests can lock your data in place even if you’ve started the deletion process.
VPNs help by hiding your real IP from the login logs, but if you’ve ever logged in once without a VPN that real IP is in the database forever.
Trigger_Control’s take is pretty accurate. Adding a few specifics for anyone who wants to verify the numbers themselves.
Discord’s transparency report is at discord.com/safety/transparency-reports. The most recent report covers H1 2025 and shows their total law enforcement requests broken down by country and type of request. The US accounts for 60-70% of requests in any given period of time. Compliance rates haven’t dropped below 85% for any category in the past three reports. Ask and they shall receive when it comes to cops getting what they want from Discord admins.
One thing the transparency report doesn’t tell you is how many requests Discord pushed back on for being overly broad versus requests they fully rejected. The disclosure language combines them. Civil liberties groups have asked for more granular breakdowns and Discord has not provided them as of the latest reports (surprise surprise)
The EDR loophole keeps me up at night honestly. The fact that bad actors have impersonated police agencies to get user data from major platforms (happened across Apple, Meta, and others back in n 2022) means the system is structurally exploitable.
Has Discord published any update on what they’ve changed about EDR verification since the 2022 incidents? Genuine question, I haven’t seen recent reporting on this at all…
when Discord hands over data in response to a search warrant the message content includes edit history. So that comment you edited five minutes after posting is not just preserved in your data export, it’s preserved in any law enforcement disclosure too. Every prior version, with timestamps.
Also worth knowing that “all messages” in a warrant typically includes DMs from the other side of the conversation, since Discord stores both copies on their servers. So your conversations can be disclosed because the OTHER person became a target of investigation, even if you never were.
What I find unsettling here isn’t any individual disclosure but the cumulative architecture.
Discord is like every platform of its size and is built so that everything you do is technically subject to disclosure under the right legal pressure. Your messages, your edits, your voice channel timestamps, your IP history, all of it. The platform that lets you have casual conversations with strangers is also a comprehensive surveillance archive of everyone you’ve talked to. Kind of shitty.
Most users will never be subject to a law enforcement request and so this architecture remains theoretical for them. But the architecture is the same whether or not it ever activates against you. We’ve decided collectively that this is acceptable as the price of having these communication tools at all. I’m not sure we’ve thought hard enough about what we agreed to.
review your Discord settings for “Allow direct messages from server members” and turn it off for any server you’re not actively in conversation with. That cuts down big on which servers members can initiate a thread you’d later be subject to disclosure of.
wont help you retroactively but it sdtill reduces forward exposure.
Reckon the EDR thing is the most concerning bit here. Imagine getting your DM contents handed over because some kid in another country sent a fake “imminent threat” email from a domain that looked like a UK police force. The verification on these was minimal historically. Worth knowing this is a route in even when there’s no actual investigation against you.
Discord publishes the request totals but not the false positive rate. How many of those EDRs that got fulfilled were later determined to be illegitimate? That number exists internally…somewhere. The fact that it’s not in the transparency report is itself a transparency choice by discord.