The Schwartz Report

Blog archive

Microsoft To Halt Its E-Mail Snooping When Conducting Internal Investigations

Even though Microsoft had strong evidence that a former employee was transmitting via Hotmail stolen code and trade secrets, customers were unnerved when learning the company snooped at the suspect's e-mail account.

As reported two weeks ago, Alex Kibkalo, a former Microsoft architect, was arrested for allegedly stealing trade secrets and leaking Windows 8 code to an unnamed French blogger while working for the company. By delving into his Hotmail account, Microsoft was able to provide evidence to the authorities. If the suspect were smart enough to use any e-mail service not owned by Microsoft, the company would have needed to get a warrant from law enforcement authorities.

But the law doesn't prohibit the owner of a service from snooping so Microsoft was within its legal rights to search the suspect's Hotmail account. Nevertheless, Microsoft was well aware it needed to reassure customers it won't take matters into its own hands so blatantly in the future.  Due to the public backlash that arose shortly after the incident came to light, Microsoft said that it would turn to a former judge to determine if it had probable cause to look into a suspect's account.

Clearly that wasn't cutting it since the judge is still on Microsoft's payroll and Microsoft again said it would be making a change. Microsoft General Counsel Brad Smith on Friday said it would turn all suspected information to the authorities before taking further action. "Effective immediately, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property from Microsoft, we will not inspect a customer's private content ourselves," Smith said in a blog post announcing the change. "Instead, we will refer the matter to law enforcement if further action is required."

Smith pointed out while the law and the company's terms of service allowed it to access Kibkalo's account, doing so "raised legitimate questions about the privacy interests of our customers." As a result the company will revise its terms of services and has reached out to The Center for Democracy and Technology (CDT) and the Electronic Frontier Foundation to further discuss the issue of ensuring security without compromising privacy.

It appears this was the right move to take. Does Microsoft's latest move make you feel more comfortable or do you just see it as lip service?

Posted by Jeffrey Schwartz on 04/01/2014 at 12:55 PM


comments powered by Disqus

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.