Microsoft received more than 11,000 requests for user information or content data from law enforcement agencies in the United States last year and supplied some user content in more than 1,500 of those cases. Overall, the company received more than 70,000 requests from law enforcement agencies worldwide and gave up some user content in 2.2 percent of those cases.
Microsoft is the latest large company to release a transparency report of this kind, specifying the number and kind of requests that it receives from law enforcement around the world. Twitter and Google have released similar reports in recent years, but this is the first Microsoft transparency report to be published.
In 2012 Microsoft officials said the company received 70,665 law enforcement requests, affecting 122,015 user accounts. In 1,558 of those cases Microsoft disclosed some user content and in 56,388 cases the company only disclosed transactional or account information. Microsoft issued a separate set of numbers for requests served on its Skype subsidiary, which the company acquired in late 2011. For 2012, Skype received 4,713 requests for data or information and didn’t disclose content in any of those cases.
Microsoft broke the Skype data out separately because Skype collected its own data in a different way up until last year and because the company operates under the laws of Luxembourg.
“Microsoft’s mission is to help people and businesses across the globe realize their full potential, and all of our technologies are designed to further that mission. We place a premium on respecting and protecting the privacy of our users, and work to earn their trust every day. At the same time, Microsoft recognizes that law enforcement plays a critically important role in keeping our users – and our technology – safe and free from abuse or exploitation. We are hopeful that this data disclosure can better inform all sides in the critically important public discussion about how best to strike the balance between the privacy of our customers and the legitimate needs of law enforcement agencies that protect and serve their citizens,” the company said in its transparency report.
The data in the Microsoft transparency report refers to requests for information from users of services such as Hotmail, XBOX Live, SkyDrive and the now-defunct Messenger. It also applies to enterprise services such as Azure and Exchange Online.
One other interesting tidbit from the Microsoft report is a section on the number of National Security Letters the company has received in the last few years. The federal government places very tight restrictions on what recipients can say about NSLs, including preventing recipients from even acknowledging publicly that they got such a letter. In fact, the FBI doesn’t need a warrant to issue an NSL. Last week a U.S. District Court in California declared NSLs unconstitutional because recipients were barred from discussing them.
“In today’s ruling, the court held that the gag order provisions of the statute violate the First Amendment and that the review procedures violate separation of powers. Because those provisions were not separable from the rest of the statute, the court declared the entire statute unconstitutional,” the Electronic Frontier Foundation, whose lawsuit on behalf of an unnamed telco spurred the ruling, said in a statement last week.
In its report, Microsoft provided a table with a very broad range of estimates of the number of NSLs it has received each year since 2009. In 2012, for example, Microsoft received between zero and 999 NSLs, the same range as in 2009. In 2011 and 2010 the number was 1,000-1,999. If the ruling on NSLs holds, transparency reports in future years may well include the absolute number of NSLs a company received in past years.