The Inquirer-Home

Microsoft shores up Hotmail policies after Windows 8 leaks

Will look in accounts, under some circumstances
Fri Mar 21 2014, 11:46

WEBMAIL SERVICE PROVIDER Microsoft has attempted to clarify the circumstances in which it will look into a Hotmail account and possibly disclose information about its users.

The firm released information about this because it was revealed earlier that a Microsoft employee leaked its software to someone using a Hotmail account, and that Microsoft found out about this by examining his inbox.

Microsoft explained this will happen in some circumstances, and that is just a fact.

In a blog post on Technet, Microsoft deputy general counsel and VP of legal and corporate affairs John Frank said that privacy is important, until something that could be considered worthy of inspection by a court comes along.

"In this case, we took extraordinary actions based on the specific circumstances. We received information that indicated an employee was providing stolen intellectual property, including code relating to our activation process, to a third party who, in turn, had a history of trafficking for profit in this type of material," said Frank.

"In order to protect our customers and the security and integrity of our products, we conducted an investigation over many months with law enforcement agencies in multiple countries. This included the issuance of a court order for the search of a home relating to evidence of the criminal acts involved. The investigation repeatedly identified clear evidence that the third party involved intended to sell Microsoft IP and had done so in the past."

No court was needed in this case because, he said, "Courts do not, however, issue orders authorising someone to search themselves."

"So even when we believe we have probable cause, there's not an applicable court process for an investigation such as this one relating to the information stored on servers located on our own premises," he added. "As part of the investigation, we undertook a limited review of this third party's Microsoft operated accounts."

Frank implied that all of this is fine and dandy and said that it is written in black and white in Microsoft's terms of service. However, he said that he could see how some people might have concerns about the firm's reach. Because of this Microsoft is making some changes.

The first change looks like no change at all. "We will not conduct a search of customer email and other services unless the circumstances would justify a court order, if one were available," said Frank.

The other points are related to due diligence. Microsoft will stick to standards "applicable to obtaining a court order" and will first carry out an inspection of content with legal, as opposed to investigative, personnel. Investigations will only progress if the legal team decides that there is enough evidence to request a court order.

Investigations will be closely guarded, Microsoft said, and the use of any data retrieved from customers' accounts will be limited to the purposes for which it was plundered.

With a nod to openness, Microsoft said it will publish the details of any of these investigations in its transparency report.

"The privacy of our customers is incredibly important to us," added Frank. "That is why we are building on our current practices and adding to them to further strengthen our processes and increase transparency."

Microsoft told The INQUIRER today in a statement, "We take protection of our intellectual property very seriously, including cooperating with law enforcement agencies who are investigating potential criminal actions by our employees or others." µ


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

INQ Poll

Happy new year!

What tech are you most looking forward to in 2015