Microsoft is fighting to “curb the overuse” of government requests for enterprise data stored in the cloud

Reading time icon 2 min. read

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

Microsoft wants everyone to know how serious the company takes the privacy and security of its customers. As noted in a Microsoft on the Issues blog post, the Redmond, Washington company outlined its guidelines for handling government and law enforcement requests for customer information. Microsoft details that in the matter of full transparency, Microsoft will notify its customers when such a request is made.

“We believe customers have a right to know when law enforcement requests their email or documents, and we have a right to tell them. The reason is simple – we believe our customers own their data and have the right to control it. Absent extraordinary circumstances, government agents should seek data directly from our enterprise customers, and if they seek our customers’ data from us, they should allow us to tell our customers when demands are made. We believe strongly that these fundamental protections should not disappear just because customers store their data in the cloud rather than in file cabinets or desk drawers.

When a law enforcement agency presents Microsoft with a legally valid warrant, court order or subpoena requesting data that belongs to one of our enterprise customers, we seek to redirect that request to the customer. And in the vast majority of cases, that is exactly what happens. There are times, however, when the government comes to us for data and prevents us from telling our enterprise customers that it is seeking their data. We agree that there are some limited circumstances in which law enforcement must be able to operate in secret to prevent crime and terrorism and keep people safe. And while we agree that secrecy orders that prevent us from notifying our customers may be appropriate in those limited circumstances, we also believe there are times when those orders go too far.”

The simple reasoning behind this is that Microsoft knows that its customers own their own data and should be notified whenever an unauthorized person or entity is trying to access that information. As a cloud services provider, Microsoft deems it necessary to notify its customers how it handles customer data and privacy in the United States and around the globe.