, an ex-Microsoft employee was arrested for leaking trade secrets and internal Windows related software builds to a blogger. Court documents revealed that Microsoft snooped into Outlook/Hotmail accounts of the blogger to crack down this case. Some news sites accused Microsoft for snooping customer’s (in this case blogger’s) email account. Electronic Frontier Foundation today raised the same issue criticizing Microsoft for searching blogger’s Outlook/Hotmail contents without court warrant.
To the contrary, if Microsoft’s independent legal team concluded that there was probable cause, it could have passed the tipster’s information to the FBI to obtain a warrant and conduct the search under the auspices of the criminal justice system. The warrant protections enshrined in the Constitution would be preserved, ECPA would be satisfied, and Microsoft could have claimed the high moral ground. Instead, Microsoft has opted for an internal corporate shadow court.
To be sure, the process described in Microsoft’s statement bears more than a passing resemblance to a standard criminal investigation, with a prosecutorial team building a case and then presenting it to an ostensibly neutral third party, a retired federal judge no less. Let’s call it Warrants for Windows!
The monumental problem here is that Microsoft’s process has none of the protections provided by our legal system. No matter how fairly this process operates in any particular situation, approval by an employee paid by Microsoft, no matter how well qualified, is not approval of a “neutral and detached magistrate,” as required by the Fourth Amendment. Similarly, the protections provided to criminal suspects by the Fifth and Sixth Amendments wouldn’t apply to Microsoft’s internal investigation. In short, “Come back with a warrant” is meaningless when the FBI doesn’t get involved until after all the evidence has been collected.