Microsoft Challenges FBI Over A Customer Data Request

Microsoft has managed to protect personal information of one of its customers against a secret request for data filed by the FBI.

The company’s lawyers challenged the ‘gag order’ which accompanied the request, hoping to be able to notify the customer in question. Rather than fight the case out in court, the FBI decided to withdraw its request.

However, a post by Brad Smith, general counsel and EVP of legal and Corporate affairs at Microsoft, seems to suggest that only enterprise users will benefit from such extra level of vigilance. “This marks an important and successful step to protect Microsoft’s enterprise customers regarding government surveillance,” wrote Smith.

Fighting for the enterprise customer

At the end of 2013, Microsoft received a National Security Letter (NSL) which requested “basic subscriber information” about one of its Office 365 enterprise customers. Due to the rules around the issue of NSLs, the company wasn’t allowed to inform the customer that the authorities were interested in their data.

Microsoft challenged the nondisclosure provision in a Seattle court, saying it violated the US Constitution, particularly the clause which guarantees freedom of expression. “It did so by hindering our practice of notifying enterprise customers when we receive legal orders related to their data,” explained Smith.

The court documents were finally unsealed on Thursday, and Microsoft was able to announce the details of the case publicly.

However, it seems that such protection is limited to enterprise customers – such as businesses, government and non-profits. This is in line with Smith’s previous statements, made in December 2013.

“We are committed to notifying business and government customers if we receive legal orders related to their data,” he wrote. “Where a gag order attempts to prohibit us from doing this, we will challenge it in court. We’ve done this successfully in the past, and we will continue to do so in the future to preserve our ability to alert customers when governments seek to obtain their data.”

Smith added that government requests for enterprise customer data were extremely rare, but avoided the topic of what happens when the same requests involve regular consumers.

Caspar Bowden, former chief privacy adviser at Microsoft, told TechWeekEurope that the company was finally trying the right policy in regards to customer data, although this happened only “after trying everything else”.

Microsoft has been a long-time critic of the data acquisition practices of the US government agencies. It was one of the companies which fought for the right to disclose the number of government requests it receives – and got it in January 2014.

Can you look after your personal data online? Take our quiz!