Microsoft accepted PR backlash to protect IP in Kibkalo leak
In a post-Snowden world, company 'would have been irresponsible' if it had not acted, says expert
Computerworld - Microsoft had no choice but to bite the bullet and take the inevitable public relations backlash stemming from last week's disclosure that it accessed a customer's Hotmail account, an expert in corporate messaging and public relations said today.
"There isn't much they could have done differently," said Peter LaMotte, an analyst with Levick, a Washington, D.C.-based strategic communications consultancy. "In a post-Snowden world, it would be irresponsible if they didn't track down this leak of their intellectual property."
LaMotte assumed that Microsoft weighed the two -- finding the leaker versus the expected PR hit -- before going with the former.
In federal court documents filed last week, the FBI revealed that Microsoft had gone through the Hotmail.com account of an unidentified French blogger, who they suspected of having its Activation Server SDK (software development kit), internal-only code to create the activation systems that validate product keys, Microsoft's primary anti-piracy technology.
Microsoft's inside investigation had taken place before the mid-2013 renaming of Hotmail as Outlook.com.
While the initial news reports focused on the allegations leveled at a former Microsoft employee, Russian national Alex Kibkalo, for stealing the proprietary Activation Server SDK and sharing it with the blogger, much of the second and subsequent rounds concentrated on Microsoft's accessing the blogger's Hotmail account in a search for leaks.
Because Hotmail was Microsoft's property -- and the terms of service agreement made it clear that the company could, under some circumstances, pull content from an account -- Microsoft said it was not required to obtain a court order.
Bloggers, technology observers and privacy advocates weighed in, decrying the move and in many cases comparing it to the widespread National Security Agency (NSA) spying and data collection revealed by Edward Snowden, a former contractor for the NSA who fled to Russia, where he currently lives.
Microsoft's first reaction was to claim that, "While Microsoft's terms of service make clear our permission for this type of review, this happens only in the most exceptional circumstances," in a statement issued last week.
Not surprisingly, that didn't calm the waters. On March 20, John Frank, a deputy general counsel at Microsoft, posted a blog defending the account access even as he said the company would change its policy to "submit this evidence to an outside attorney who is a former federal judge. We will conduct such a search only if this former judge similarly concludes that there is evidence sufficient for a court order."
Those changes didn't cut it with some critics, either.
"This new policy just doubles down on Microsoft's indefensible and tone-deaf actions in the Kibkalo case," argued the Electronic Frontier Foundation's Andrew Crocker, a legal fellow with the San Francisco-based privacy advocacy group. "It begins with a false premise that courts do not issue orders in these circumstances because Microsoft was searching 'itself,' rather than the contents of its user's email on servers it controlled."
- VDI and Beyond: Addressing Top IT Challenges to Drive Agility and Growth This paper explores a collection of compelling FlexCast services to highlight how XenDesktop can drive a modern, mobile workforce toward greater agility and...
- Mission Critical: Managing Mobile Applications & Content Smartphones, tablets and other mobile devices have become embedded in enterprise processes, thanks to the consumerization of IT and a new generation of...
- The Challenges and Opportunities of Mobile Application Development Nearly all business users now demand mobile devices--their own or company-owned--along with anywhere access to corporate applications and data. What turns mobile devices...
- Maintain Less. Create More. Spend less on maintenance and spend more time creating with Red Hat Enterprise Linux. Read on to learn how Red Hat can help...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different.... All Management White Papers | Webcasts