Microsoft: Just Three Enterprises Impacted by Enforcement Requests in 2H 2014

[Reefa]

Microsoft on Friday published its bi-annual Law Enforcement Requests Report and U.S. National Security Orders Report for the first half of 2014.

In its transparency report, Microsoft said that the total number of law enforcement requests received in the second half of 2014 was 31,002, bringing to the total for the year to 65,496, down from 72,279 in 2013.

During the same period, Microsoft said it only received three requests from law enforcement for thirty-two users associated with an enterprise cloud customer.

“In two cases, the requests were rejected or law enforcement was successfully redirected to the customer,” Microsoft said. “In the third case, the customer was notified of the legal demand and the customer directed Microsoft to provide responsive information to law enforcement.

Microsoft describes a consumer service as individuals subscribing to services such as Hotmail/Outlook.com, OneDrive, Xbox Live and Skype. Enterprise customers were described as those organizations or entities (commercial, government or educational) that purchase more than 50 seats for Microsoft's commercial cloud offerings, such as Office 365, Azure and Exchange Online and CRM Online.

Of the data provided to law enforcement, which requires a court order or a warrant, 3 percent was content customers created, shared or stored on Microsoft services, such as email. The remaining 97 percent of data disclosed was non-content data, Microsoft said, including things such name, email address, email address, name, state, country, ZIP code and IP address captured at the time of registration.

“While we saw little change from the proceeding period in the overall number of law enforcement and government requests for Microsoft customer data, the world around us continues to change,” John Frank, Microsoft VP and Deputy General Counsel, noted in a blog post.

“In the 14 months since the government agreed to greater transparency for reporting national security orders, we’ve seen new threats emerge around the globe. We’re also seeing officials around the world try to limit security measures such as encryption without making progress on the stronger legal protections that people deserve," Frank continued. "The bottom line is that while governments only request data on a very small fraction of our customers, governments are seeking to alter the balance between privacy and public safety in a way that impacts everyone.

“As we have said before, there are times when law enforcement authorities need to access data to protect the public. However, that access should be governed by the rule of law, and not by mandating backdoors or weakening the security of our products and services used by millions of law abiding customers. This should concern all of us.”

securityweek.com