In the wake of the  Kibkalo/Canouna controversy Microsoft has made some fundamental privacy changes for Outlook.com (Hotmail) email accounts.  Microsoft general counsel Brad Smith gave us an update on the changes: Effective immediately, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property from Microsoft, we will not inspect a customer’s private content ourselves. Instead, we will refer the matter to law enforcement if further action is required. Google, Yahoo, and Apple have made no such changes to their privacy policies.  This is the right move for consumers and Microsoft should be applauded for making the changes.  That being said I think this “controversy” was taken way out of proportion and was twisted and sensationalized by the mainstream anti-Microsoft tech media. Source: Microsoft on the Issues ...

Read More →

Microsoft has been under a storm of criticism lately over reading the emails of a blogger’s Hotmail account linked to an ex-Microsoft employee who leaked Windows 8 builds.  Microsoft looked through the Hotmail account without getting a court order.  However, this issue is slightly more nuanced than it seems.  A corporation, in fact, cannot get a court order to search themselves.  Microsoft Vice President and Deputy General Counsel released a statement clarifying the matter: Courts do not issue orders authorizing someone to search themselves, since obviously no such order is needed. So even when we believe we have probable cause, it’s not feasible to ask a court to order us to search ourselves. However, even we should not conduct a search of our own email and other customer services unless the circumstances would justify a court order, if one were available. Microsoft has issued some guidelines on looking customer data during ...

Read More →

This is not new, Google is known for violating privacy policies. Recent information from Google’s own lawyers reveled that Google is scanning student’s mail content even when the ads are turned off for better ad targeting. Google is claiming that they are using this data from students to target them with ads. Microsoft has clearly said that they don’t mine user data for ad targeting. Whether or to what degree these last two conditions are actually met by specific services such as Gmail or Outlook.com is of course a pertinent question. Currently Google faces legal challenges to its use of consumer data mining in both the U.S. and the European Union. EU data protection authorities in particular have determined that Google fails to inform consumers properly of its conduct or obtain their consent, while a major class action law suit in California advances similar accusations. Although Outlook.com appears to have avoided ...

Read More →

Microsoft today published its report on the governmental requests on customer data it received for a period of 6 months. Previously, Microsoft and other companies were banned from disclosing such data to the public. After the leading technology companies raised their voice about this concern, government recently agreed for the first time to permit technology companies to publish data about FISA orders. Microsoft has published a table that provides the information going back to July of 2011. Our most recent report covers the period from January – June 2013, addressing all of Microsoft’s services.  Specifically, during this time period: We received fewer than 1,000 FISA orders seeking the disclosure of customer content.  These orders related to between 15,000 and 15,999 accounts or individual identifiers.  It’s important to note that this does not necessarily mean that more than 15,000 people were covered by these data requests. This is because one individual ...

Read More →

In an interview to Financial Times, Brad Smith, general counsel of Microsoft revealed that Microsoft will allow its foreign customers to store their data outside the US to protect it from illegal invasion of US government agencies like NSA and others. Even though many other tech companies are opposing this idea, Brad Smith feels that this has become a necessity following leaks that showed the US NSA had been monitoring the data of foreign citizens from Brazil to across the EU. “People should have the ability to know whether their data are being subjected to the laws and access of governments in some other country and should have the ability to make an informed choice of where their data resides,” he told the FT. “Our entire industry is concerned that some customers outside the US are feeling less confident with [American] online services today,” Mr Smith said. “Technology today requires that people ...

Read More →

  Lots of information regarding NSA and its PRISM project got leaked last year raising voices from MNCs and general public. US government remained largely silent with concerned agencies making their statements. Last week, President Obama spoke about the role of the National Security Agency and announced some important changes to the surveillance practices of the U.S. government. Brad Smith, General Counsel & Executive Vice President, Legal & Corporate Affairs, Microsoft yesterday blogged that Microsoft is not fully satisfied with the reforms Mr. President announced last week. Even though Microsoft agrees that those changes will makeU.S. citizens, Microsoft believes that there is more work to do to define some of the details and additional steps that are needed. Microsoft will continue to work with both the administration and Congress to advocate for reforms consistent with the principles technology industry outlined in December. This week, the World Economic Forum holds its annual meeting ...

Read More →

Microsoft today revealed that they are joining AOL, Apple, Facebook, Google, LinkedIn, Twitter and Yahoo in calling for reforms of government surveillance. Their main principle is that government access to personal information must be governed by law. Here are their principles, The Principles: 1) Limiting Governments’ Authority to Collect Users’ Information Governments should codify sensible limitations on their ability to compel service providers to disclose user data that balance their need for the data in limited circumstances, users’ reasonable privacy interests, and the impact on trust in the Internet. In addition, governments should limit surveillance to specific, known users for lawful purposes, and should not undertake bulk data collection of Internet communications. 2) Oversight and Accountability Intelligence agencies seeking to collect or compel the production of information should do so under a clear legal framework in which executive powers are subject to strong checks and balances. Reviewing courts should be ...

Read More →

There were reports in the past that National Security Agency(NSA) may have broken into its global communications links of leading Internet companies including Microsoft. According to the latest report from Washington Post, Microsoft is well aware of this issue and has planned for a high profile meeting within the company to discuss about their plans to prevent possible NSA snooping. Microsoft general counsel Brad Smith recently said that they are focused on engineering improvements that will further strengthen security, including strengthening security against snooping by governments. Washington Post also reported that Microsoft is engaged in a series of high-level meetings to pursue encryption initiatives “across the full range of consumer and business services.” key decisions will be made at a meeting of top executives this week in Redmond. NSA released the following statement in response to questions about Microsoft, “NSA’s focus is on targeting the communications of valid foreign intelligence ...

Read More →

  Microsoft along with other technology industry leaders are now trying to bring transparency to the law enforcement requests they receive from various government agencies around the world. Microsoft has released their own law enforcement requests report for the first half of 2013. It lists all the countries where data are available. When you click a country, you can get the break up of no.of requests Microsoft received, rejected, disclosed content, etc,. Here are the highlights of the data revealed, Microsoft (including Skype) received 37,196 requests from law enforcement agencies potentially impacting 66,539 accounts in the first six months of this year.  This compares to 75,378 requests and 137,424 potential accounts in the whole of 2012. Approximately 77 percent of requests resulted in the disclosure of “non-content data”. No data at all was disclosed in nearly 21 percent of requests. Only a small number of requests result in the disclosure ...

Read More →

Microsoft today responded to some of the recent reports which claimed that Microsoft provides access to customer data to governments. Microsoft was forced to do so because many media outlets started covering about these reports which has no truth. Brad Smith who is the General Counsel & Executive Vice President, Legal & Corporate Affairs at Microsoft blogged in detail about the claims made by recent reports. In short, Microsoft does not provide any government with the technical capability to access user content directly or by itself. In short, when governments seek information from Microsoft relating to customers, we strive to be principled, limited in what we disclose, and committed to transparency. Put together, all of this adds up to the following across all of our software and services: Microsoft does not provide any government with direct and unfettered access to our customer’s data. Microsoft only pulls and then provides the specific data mandated by ...

Read More →