Friday, May 23, 2014

MICROSOFT - Microsoft Successfully Challenges FBI

"Microsoft Successfully Challenges FBI Order For User Info" by Amy Lee, Cruxial 5/23/2014

Documents related to Microsoft's successful challenge of a governmental request for information about one of the company's customers have been unsealed.

The order, a Federal Bureau of Investigation National Security Letter, sought "basic subscriber information" about one of Microsoft's enterprise customers, according to according to a post by Microsoft’s general counsel and executive VP of Legal and Corporate Affairs, Brad Smith on the company's TechNet blog.

A federal court in Seattle unsealed the documents on May 22 2014.

"This marks an important and successful step to protect Microsoft's enterprise customers regarding government surveillance," Smith wrote.

Microsoft challenged the nondisclosure provision of the Letter in June 2013, arguing that it would violate the First Amendment.

"It did so by hindering our practice of notifying enterprise customers when we receive legal orders related to their data," Smith wrote.

After the petition was filed, the FBI withdrew the Letter.  According to Smith, governmental requests for information related to enterprise customers are "extremely rare."

In the previous cases where similar requests for information occurred, Microsoft was able to obtain permission from the customer in question, or to ask directly.  In this case, the FBI was able to get the info from the customer, according to the notice of withdrawal.

Microsoft, along with major tech firms like Apple, Facebook and Google, have ramped up their efforts to gain greater abilities to disclose the government's requests for data to their customers.

"As more users migrate from locally installed software and locally stored data to cloud-based computing platforms, Microsoft increasingly is entrusted to store its customers' data safely and securely," the petition states.

In December 2013, Smith wrote a post on the TechNet blog reaffirming Microsoft's commitment to protecting customer data, and promising to inform customers of any legal orders Microsoft receives or to challenge any gag orders prohibiting them from doing so.

Smith also stated the company’s belief that when seeking information, government agencies should go directly to customers except in exceptional circumstances, "just as they did before customers moved to the cloud."

With cloud services, such as Microsoft's Office 365, customer data is stored in Microsoft data centers, rather than on the customer's own systems.

"As more users migrate from locally installed software and locally stored data to cloud-based computing platforms, Microsoft increasingly is entrusted to store its customers' data safely and securely," the petition states.

Earlier this month, Glenn Greenwald, who has been a key part of disclosures related to how the National Security Administration collects information, published documents including details of Microsoft's relationship with the agency.

Greenwald had previously claimed in July 2013 that Microsoft had worked with the NSA to circumvent encryption on Outlook and had also worked with the FBI to help them better collect information from OneDrive.  Microsoft responded to the allegations shortly after, with the basic message that the company complies with data requests only when legally necessary.

"This new capability will result in a much more complete and timely collection response [...] for our enterprise customers.  This success is the result of the FBI working for many months with Microsoft to get this tasking and collection solution established," the recently revealed document states.

No comments: