In its biannual transparency report this year, Microsoft also released its national security letter. The company did this following in the footsteps of may other enterprises, who have started doing so fro this very year. The national security letters are used by the FBI to obtain investigative information about citizens and as such, the disclosure brings our attention to how some of the most powerful corporations, which promise to protect out privacy and secrecy, are quite unable to do so.
Yahoo, Google, Cloudflare and the Internet Archive are also among companies that have released their national security letters of late. The NSLs are particularly potent because they do not require judicial approval and are often accompanied by gag orders which means that companies can’t even speak about them. While this particular clause has been challenged by the passage of the USA Freedom Act in 2015, who is betting that president Trump sees the freedom act as another law that needs to be revoked.
However, companies are now coming out and challenging these orders where and when possible, instead of meekly going around with them.
Speaking on the topic, Microsoft director of corporate responsibility Steve Lippman said:
Microsoft is the latest in a series of companies able to disclose an NSL due to provisions in the USA Freedom Act requiring the FBI to review previously issued non-disclosure orders. The reforms in the USA Freedom Act were a positive step forward and we believe reasonable limits on the routine use of government secrecy should be adopted more broadly. There are times when secrecy is vital to an investigation, but too often secrecy orders are unnecessarily used, or are needlessly indefinite and prevent us from telling customers of intrusions even after investigations are long over.
It appears as if the company has been receiving its fair share of data requests as well. Merely between July and December 2016, Microsoft received as many as 25,837 requests for data from law enforcement agencies. These requests wanted data pertaining to as many as 44,876 user accounts.
The company provided metadata for 64.33 percent of the requests and content for 3.66 percent of requests. Somewhere around 15.54 percent of requests were rejected. Meanwhile, the U.S., United Kingdom, France and Germany remained the top data requests makers.
There are more details available with Microsoft’s national security letter. The company hopes that the disclosure will help it strike the right balance between privacy and the requirements of law agencies.
We are hopeful that this data disclosure can better inform all sides in the critically important public discussion about how best to strike the balance between the privacy of our customers and the legitimate needs of law enforcement agencies that protect and serve their citizens.