view counter

SurveillanceIn 2012, Microsoft received 70,665 law-enforcement requests for customer information

Published 22 March 2013

On Thursday, Microsoft released the number of law enforcement requests it has received for information on its hundreds of millions of customers. By releasing the information, Microsoft is now putting itself on the same team as Google, Twitter, Yahoo, and other Web businesses which have published reports on law-enforcement request for customer information. In 2012 Microsoft received a total of 70,665 law-enforcement requests for customer information.

On Thursday, Microsoft released the number of law enforcement requests it has received for information on its hundreds of millions of customers. By releasing the information, Microsoft is now putting itself on the same team as Google, Twitter, Yahoo, and other Web businesses which have published reports on law-enforcement request for information.

The New York Times reports that the  law enforcement requests were for information about users of Microsoft’s services, including Hotmail, Outlook, SkyDrive, Skype, and Xbox Live, that is, services for which consumers must enter some personal details in order to use the service.

Microsoft’s  data  showed a total of 70,665 requests last year. Law enforcement agencies in United States, Germany, Turkey, Britain and France made up 69 percent of those requests.

In the majority of requests, Microsoft provided law enforcement agencies with non-content information which includes an account holder’s name, gender, e-mail address, IP address, country of residence, and dates and times of data traffic.

In fewer than 3 percent of requests, Microsoft released the actual content of a communication, including the subject headline of an e-mail, the contents of an e-mail, or a picture stored on SkyDrive, its cloud computing service. According to the data, U.S. law enforcement agencies made 1,544 content requests.

“Government requests for online data are like the dark matter of the Internet,” Eva Galperin, a global policy analyst at the Electronic Frontier Foundation in San Francisco, told the New York Times.

According to Galperin, even with Mircosoft’s stats, there are still fewer than ten Internet companies which release information on requests by law enforcement agencies around the world.

“Only a few companies report this, but they are only a very small percent of the online universe,” Galperin told the Times. “So any one company that joins the disclosure effort is good news. The faster this becomes a standard for all Web businesses, the better.”

When initially approached about releasing the data, Microsoft resisted, but in January more than 100 Internet activists and digital rights groups signed a petition asking the company to disclose its data-handling practices for Skype, the Internet  service it bought in 2011.

During 2012, Microsoft released administrative details of Skype accounts in 4,713 cases. Those details included a user’s SkypeID, name, e-mail account, billing information, and call detail records if a user subscribed to the Skype In/Online service, which connects to a telephone number.  Microsoft said, however, that it did not release any content from Skype peer-to-peer transmissions from last year.

According to the company, the peer-to-peer nature of Skype’s Internet conversations mean the company does not store, and has no historic access to, Skype conversations.

Brad Smith, a Microsoft executive vice president and the company’s general counsel, stated in a blog post that the requests affected less than 1 percent of its account holders. Smith also said that like all global businesses, the company is obligated to comply with the requests, but the company has set high standards for complying.

A law enforcement agency must present a subpoena or the foreign equivalent in order to obtain non-content data on a Microsoft user. In order to receive the content in an e-mail or other communications, the company requires law enforcement to present a warrant.

Last year Microsoft rejected requests for 18 percent of cases because, the company said, there wan no information on the requested individuals or because law enforcement did not have legal justification for the request.

“Like every company we are obligated to comply with legally binding requests from law enforcement, and we respect and appreciate the role that law enforcement personnel play in so many countries to protect the public’s safety,” Smith wrote on his blog. “As we continue to move forward, Microsoft is committed to respecting human rights, free expression, and individual privacy.”

Microsoft plans to release a new report every six months.

view counter
view counter