The short answer
A court order compels everything a zero-knowledge provider holds and nothing it doesn't. We hold account metadata: the email you signed up with, billing records, connection logs, file sizes, timestamps. We do not hold your encryption keys, so we cannot produce readable file contents — we never had them. A subpoena can't order us to hand over math we don't possess. That's not a policy we could change under pressure. It's a property of how the system is built.
What "we can't decrypt it" means in a courtroom
People hear "zero-knowledge" and hear a promise: we promise not to look. It isn't a promise. Your keys are derived on your device from your passphrase with Argon2id (256 MB, 4 iterations), and your files are sealed with AES-256-GCM before a byte leaves your machine. The server in Falkenstein receives ciphertext and stores ciphertext. When a prosecutor serves an order, the engineering answer matches the marketing one exactly: there is no decryption step we could run even if a judge ordered it, even to save the company. The plaintext key lives on your device and in your recovery phrase. Nowhere else.
This is the difference between a policy and a property. Dropbox, Google Drive, and iCloud without Advanced Data Protection hold the keys to your files at rest. Served a valid order, they decrypt and produce the contents. They aren't villains for it — they're following the law, and they built a system that lets them comply. We built one that doesn't, and we'd rather show you where that line sits than let you find it during a case.
The metadata we can be compelled to produce
Here's the part most "even we can't read your files" pages skip. Running a service generates records, and we can be made to hand over the records we keep. Under a lawful German order — typically issued by a court or public prosecutor under the Code of Criminal Procedure (StPO) — that means:
- Account inventory — the signup email, account creation date, subscription tier, and the Mollie billing identifiers tied to it.
- Connection logs — IP addresses and session timestamps, to the extent we retain them.
- File metadata that survives encryption — object sizes and modification times. We encrypt filenames, but storage is not invisible. We know that an encrypted blob of a given size exists and when it last changed.
- Sharing activity — that a share link was created, when, and whether it was revoked or expired. Not what's behind it.
What we cannot produce, because it doesn't exist on our side: the decryption key, the plaintext of any file, the contents of a share, or your passphrase. The cryptographic design is what makes that a fact and not a refusal. A refusal can be overruled by a judge. A fact can't.
Why German jurisdiction changes the answer
Two companies can both say "we're encrypted" and face very different pressure depending on who can compel them. Beebeeb is operated by Initlabs B.V., incorporated in the Netherlands, with data stored in Falkenstein, Germany. The whole stack sits inside EU and German jurisdiction, and that matters for one concrete reason: there is no US CLOUD Act reach.
The CLOUD Act lets American authorities compel US-incorporated companies to produce data anywhere it sits, including their "EU regions." Germany has no equivalent that binds us, and there's no CLOUD Act executive agreement letting US authorities serve us directly. A US request for data held by a German provider has to run through the Germany–US Mutual Legal Assistance Treaty, signed in 2003, which routes it through German courts applying German standards. Article 48 of the GDPR reinforces this: it bars us from honouring a bare third-country court order unless an international agreement like that MLAT backs it.
None of this makes us unreachable, and we won't pretend it does. A German prosecutor with a valid order still gets our metadata. The point is narrower than "untouchable": the path runs through a German judge weighing proportionality, not a US warrant treating an EU datacenter as American soil.
The honest limits, before a critic states them
Zero-knowledge is not a cloak of invisibility. A few things are worth being blunt about, and we'd rather be the ones saying them.
Metadata is real and it leaks structure. Knowing an account exists, when it's active, and the size and timing of its files is not nothing. For a journalist whose mere connection to a service is sensitive, that exposure is the whole risk — and we can be compelled to produce it. Tresorit and Proton sit in the same spot here; Tresorit also encrypts filenames and is, to its credit, independently audited (something on our roadmap, not behind us). Our honest Beebeeb-vs-Tresorit comparison walks through where each of us draws the line.
We can be ordered to log going forward. A production order covers records we already hold. But German surveillance law (StPO §100a and §100g) also permits forward-looking measures for serious offences, and we can be compelled to assist in collecting future connection data. "We can't decrypt your files" is not the same as "we can never be asked to record your connections." Conflating the two would be exactly the overclaim we built this company to avoid.
The endpoint is still the soft spot. Encryption protects data in our custody. If your device is seized unlocked, or your passphrase walks out the door, the cryptography on our side is irrelevant — the plaintext lives on the machine that holds the keys. No provider's posture changes that.
If you're weighing legal exposure
For a business or a professional with a confidentiality duty, "is it encrypted" is the wrong question. Everyone says yes. The questions that actually predict what lands on a prosecutor's desk: who holds the keys, what metadata is retained, whose courts can compel the company. For us the answers are you, as little as the service can run on, and German ones — with no CLOUD Act side door.
You can test the key-holding claim yourself, because the clients that do the encryption — the web app, CLI, and the mobile and desktop apps coming soon — are open source. The encryption happens in code you can read, not a brochure you have to trust. The server and this site stay private, and we say so plainly; the part that decides "who can read your files" is the part running on your device. Beebeeb's 14-day free trial is zero-knowledge on the same terms as every paid plan, so you can read the architecture before committing anything — the security page lays out the full key-derivation chain and our exact disclosure posture. Read the limits first, then decide.