Privacy in the spotlight: Microsoft sues Department of Justice for not allowing transparency about data access requests

lawsuit_keyboard_button

In light of Edward Snowden's surveillance revelations, regular transparency reports from technology companies about the requests they have received from governments about data requests have become very common. But despite the name, transparency reports are not very transparent -- there are great restrictions on what companies like Microsoft are able to report. The company believes this is unconstitutional.

The restrictions are so strict that it is not even possible to precisely report the number of requests for user data that have been received. Instead, this data must be conveyed in bands such as 0-499, 500-999, and so on. Now Microsoft has had enough. There are privacy concerns, of course, but most disturbing is that in half of cases of requests for customer data, Microsoft has been gagged from letting those affected know about the governmental interest. As a result, Microsoft has decided to sue the Department of Justice in a bid to be more transparent.

Advertisement

In its lawsuit, Microsoft harks back to a different era, saying that in the days before the internet "the government had to give notice when it sought private information and communications" that was stored in hard copy or locally. But with Microsoft's -- and other companies' -- predilection for the cloud, it has become far easier for the government to demand instant access to private data that might otherwise have stayed out of sight.

Bringing its case against the Department of Justice, Microsoft says:

Microsoft brings this case because its customers have a right to know when the government obtains a warrant to read their emails, and because Microsoft has a right to tell them. Yet the Electronic Communications Privacy Act (ECPA) allows courts to order Microsoft to keep its customers in the dark when the government seeks their email content or other private information, based solely on a 'reason to believe' that disclosure might hinder an investigation. Nothing in the statute requires that the 'reason to believe' be grounded in the facts of the particular investigation, and the statute contains no limit on the length of time such secrecy orders may be kept in place. 18 U.S.C. § 2705(b). Consequently, as Microsoft's customers increasingly store their most private and sensitive information in the cloud, the government increasingly seeks (and obtains) secrecy orders under Section 2705(b).

More than this, Microsoft accuses the government of taking advantage of the move to the cloud to its own advantage, whilst exploiting tech companies:

The government, however, has exploited the transition to cloud computing as a means of expanding its power to conduct secret investigations. As individuals and business have moved their most sensitive information to the cloud, the government has increasingly adopted the tactic of obtaining the private digital documents of cloud customers not from the customers themselves, but through legal process directed at online cloud providers like Microsoft.

In the space of 18 months, Microsoft says that it received no fewer than 5,624 requests from the US government for access to customer data. Nearly half of these were subject to secrecy orders which prevented Microsoft from informing anyone about the request. In many instances, these secrecy orders had no time limit, meaning that this restriction would never be lifted.

Microsoft says that the First Amendment means that customers should be told when such requests are made and argues that "antiquated laws" are being applied to data in the cloud.

This is an extremely interesting case, and not just because it involves a huge name like Microsoft coming up against the Department of Justice. With Microsoft's contemporaries -- Apple, Google, at al -- all subject to the same restrictions, the outcome of this case could have far-reaching consequences.

Photo credit: Pelykh Konstantin / Shutterstock

29 Responses to Privacy in the spotlight: Microsoft sues Department of Justice for not allowing transparency about data access requests

  1. psycros says:

    This is a great move for Microsoft. Hopefully they'll extend the same consideration for their customers that their demanding the government provide for them. Or maybe...just maybe these two things are connected in a way we hadn't previously considered. The government still hasn't stopped trying to bully Apple into giving it full access to customer data. Could Microsoft have possibly made a devil's deal and that's why we have all this "telemetry" nonsense going on? I shudder to think that the rabbit hole could really go that deep.

    • BoltmanLives says:

      Telemetry since 1995 (DR Watson) yet in 2016 they because of Snowden think it the Devil..reminds me of witch hunts..have fun

      Plenty of tin hats..thanks traitor Snowden

      Dr Watson....... err telemetry

      Dr. Watson for Windows is a program error debugger that gathers information about your computer when an error (or user-mode fault) occurs with a program. Technical support groups can use the information that Dr. Watson obtains and logs to diagnose a program error. When an error is detected, Dr. Watson creates a text file (Drwtsn32.log) that can be delivered to support personnel by the method they prefer. You also have the option of creating a crash dump file, which is a binary file that a programmer can load into a debugger.

      Note Windows XP also provides an Error Reporting service that monitors your computer for both user-mode and kernel-mode faults ("stop" error messages or error messages that are displayed on a blue screen, as well as improper shutdown events) that affect both the operating system and any programs. This service allows you to send error reports to Microsoft when an error occurs. Because all error reports are confidential and anonymous, Microsoft Support Professionals do not have access to any error report that you have sent to Microsoft over the Internet using the Error Reporting service. As a result, you may need to send a Dr. Watson for Windows log file to a support professional. For additional information about Error Reporting Service in Windows XP, click the article number below to view the article in the Microsoft Knowledge Base:
      310414 HOW TO: Configure and Use Error Reporting in Windows XP
      If a program error occurs, Dr. Watson for Windows starts automatically. To configure Dr. Watson, follow these steps:
      Click Start, and then click Run.
      Type drwtsn32, and then click OK.
      By default, the log file created by Dr. Watson is named Drwtsn32.log and is saved in the following location:
      drive:Documents and SettingsAll Users.WINNTApplication DataMicrosoftDr Watson
      Note Drwatson.exe is an older program error debugger that was included with earlier versions of Windows NT. Microsoft recommends that you use Drwtsn32.exe instead of Drwatson.exe in Windows XP.

      • BinBin2000 says:

        Dr. Watson is NOT let me repeat NOT Telemetry.They are two seperate entities,performing separate information gathering.If you do not know what you are talking about please don't open your mouth,because the only thing you'll be able to spread are assumptions or lies.

      • BoltmanLives says:

        Like MS collecting telemetry for ill will purposes?

        like the cavemen spread far and wide..here and elsewhere?
        Look this was an article about MS fighting the gov't for YOUR 4th amendment rights..what does it turn into?

        A telemetry discussion on the very first post which happened to be by a caveman.

        real in your cavemen and perhaps we can stay on topic of the OP

      • BinBin2000 says:

        No one ever said it was for a negative purpose,the fact is it probably isn't.But the information they are harmlessly collecting can be,and will be stored where it (from then on) can be used for a negative purpose.duh?

      • BoltmanLives says:

        Not really... its anonymous

      • BinBin2000 says:

        Nothing is anonymous.

      • BoltmanLives says:

        Not true.

      • psycros says:

        Boltman's is. Between the drugs and his fifteen alts I doubt he knows WHO he is anymore.

      • BoltmanLives says:

        Oh I know who I am..you bet

    • 1DaveN says:

      I continue to believe that if it were discovered that MS is giving or selling telemetry data to anyone (let alone the government), the backlash would put them out of business. It seems to me that they've described the privacy protections of telemetry data so loudly and so often, they'd never survive it coming out that they've lied. And I don't believe they could be lying without that coming out - too many honest people work there, and there's too much 3rd party attention to that data.

      • BoltmanLives says:

        I've already explained to the cavemen MS would never risk their ENTERPRISE contracts with any inkling of spying or selling data... I think cavemen brains are simply underdeveloped and they cannot process fact.

        Better just to continue to repeat fact for non-cavemen and point and laugh at cavemen. Note those that up-vote cavemen they too are cavemen. easy to identify the caveman clan

      • psycros says:

        Probably true..but what if the government decided that since Microsoft is collecting all that juicy data - some of it very much personal and identifiable - that the spies need a backdoor into it? I think at that point Microsoft would realize they've gotten way too cozy with the feds, and as insane as it sounds it would not surprise me to find out that's what this suit is all about.

  2. MyDisqussion says:

    Okay, so maybe Microsoft can't notify the subject of an investigation, but can't they at least give accurate numbers each day for how many requests they have received?

  3. MyDisqussion says:

    Here's hoping that the ECPA gets updated so that email more than six months old is no longer considered abandoned.

  4. BinBin2000 says:

    They are pushing for transparency.They want to shed the light on everything,all the information gatherings or requests,as long as those gatherings have nothing to with their own company or their own OS.They want their users to feel safe,and have something else to think about rather than the Telemetry collection in Windows 10.

    • roborat says:

      First of all, the average Windows user doesn't wear a tin foil hat. The 280 Million of them are quite happy with W10.

      Secondly, MS has already repeatedly explained and demonstrated what anonymous telemetry data is collected. Privacy regulators and advocates are fine with it.

      Maybe research a little and stop blaming MS for your lack of understanding.

      • BinBin2000 says:

        Did you really ask 280 Million people how Windows 10 is performing for them? how could anyone possibly know if they are happy or not.Not even Microsoft is going door to door asking upgraders how it went or is going.They may have attempted to explain Telemetry or what is being collected,in some roundabout way,but apparently it wasn't good enough because some 750 Million people are refusing to upgrade,280 Million.. most of which are Xboxs,Phones & Tablets doesn't look like such a big number when it's compared to the rest of the Windows ecosystem,you know the "smart" group.

      • JamesSB says:

        Yawn...

      • Will says:

        Xbox, phones and tablets don't account for 250 million.

  5. Order_66 says:

    Oh the irony microsoft...

  6. async2013 says:

    I nearly laughed at the the thought of Microsoft doing this. OMG who runs that shithouse?

  7. roborat says:

    but apparently it wasn't good enough because some 750 Million people are refusing to upgrade

    Refusing? I'm not sure people are supposed to upgrade their office PCs.

    Get real. Nobody cares or believes in this "spying" nonsense. And if you want proof, just compare the uptake of W10 against W7. Let me give you a hint - it's record breaking.

    • BinBin2000 says:

      Yea and the lack of a pricetag,the fact Xboxs,Phones & Tablets are basically forced to upgrade or they become unusable has absolutely no effect on that whatsoever right? You mention Office PC's,I was speaking of Home PC's,which is why I only said 750 Million,I would of put the number over a Billion if I was referring to Office PC's as well.So let me give you a hint "THE F*%KIN THING IS FREE" of course uninformed people will probably jump all over the offer,either that or they will get suckered into upgrading.

      • Will says:

        The "free" part has no effect on regular people at all. People always complained about Windows updates and Windows 10 is no different. The point is those upgrades were always FREE. Nobody complains Windows is expensive, because nobody pays for it!!

      • BinBin2000 says:

        How can you say that? how many upgraders would have clicked "YES Upgrade me NOW" if there was a fee attatched to the upgrade? come on now... to say it has no effect is ridiculous,absolutely ridiculous.You say nobody pays for it,yet I have bought every magor release of Windows except for Vista,I also rely on OEM's for my hardware,so that kind of defeats your arguement,apparently some people do pay for it.

      • Will says:

        I can say that because Windows consumers NEVER paid for Windows. They always got "upgrade this" "upgrade that " for free for years.

        Microsoft offering a "free" upgrade is laughable as a marketing scheme.

        You say nobody pays for it,yet I have bought every magor release of Windows except for Vista,I also rely on OEM's for my hardware,so that kind of defeats your arguement,apparently some people do pay for it.

        Yeah well if you know how to install an OS then you're not a regular user. I know devs and geeks buy computers too, what's your point?

        Also, why were you buying windows again? OEMs generally bundle it together. Seriously, I can't imagine why you would do that.

        FYI for future reference, typically a lot of rules have exceptions. Just because you found one, it doesn't invalidate it.

      • Simone Ghezzi says:

        Ehrm...
        Xboxs, tablets and phones won't "magically" stop working if you won't upgrade them (and for the tablets... Actually most of them already were packing W8.x, not the mobile version nor the defunct RT)

        Maybe the Xbox could have problems with online, I admit I don't remember what MS said, but from saying "if you don't upgrade they stop working"...

© 1998-2020 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.