With companies, particularly in the tech space, collecting more and more user data, there has been ongoing tension around government requests for information about individuals and a company's aim to protect the privacy of users. But since whistleblower Edward Snowden's National Security Agency revelations in 2013, the conversations on digital privacy have intensified, resulting in stronger privacy policies at some companies.

A report released Monday from the Electronic Frontier Foundation identifies the companies that are most protective of user data when it comes to government requests. For legal departments, there are plenty of considerations in creating and implementing the policies that protect users, according to the general counsel at Automattic, parent company of WordPress, which was one of this year's top-rated companies.

The EFF's seventh annual "Who Has Your Back?" report measures companies based on five criteria: adherence to industry-wide best practices; informing users about government data requests; commitment to not sell users out; push back when possible against national security letters (NSLs), which typically require companies to hand over data without revealing they've done so; and a pro-user public policy.

Nine companies received the highest rating of five stars, one of which was WordPress, which was highlighted by the EFF for its policies related to transparency and user privacy. This marks WordPress's second time with a perfect score in this report, the first was in 2015. Paul Sieminski, Automattic's GC, said that the Snowden leaks significantly changed the data privacy and government requests landscape.

"I think it just really made internet users much more aware of No. 1, the volume of information that was out there that the government could potentially get their hands on and two, the methods that could be used," Sieminski said. "That just caused us and a lot of other companies to really look at these issues in a new light and I think that just raised the stakes for all companies."

Another issue that's altered this space is the aggressiveness with which certain regions and countries around the world are investigating online terrorist activity, Sieminski said. "There's a lot of political pressure and a lot of legitimate security fears about those types of activities happening online, and so I think you've seen a lot more activity from governments trying to get that information from those companies that have it," he said, pointing to the European Union as an example. "We take it very seriously. But at the same time, we have strong principles on user protection and transparency that we want to protect."