Microsoft claims win over FBI, but agency still got info it wanted
The FBI dropped the fight with Microsoft after finding another way to keep its investigation secret
IDG News Service - Microsoft claimed victory over an FBI bid to keep a request for customer data secret for national security reasons, but it appears the government gave up the fight after getting its way without the company.
The FBI issued a National Security Letter to Microsoft in 2013 seeking subscriber information about a single user account for one of the company's enterprise customers, according to documents unsealed on Thursday by a federal court in Seattle.
The letter had a nondisclosure provision that forbade Microsoft from disclosing the request to the company affected, which Microsoft concluded "was unlawful and violated our Constitutional right to free expression," wrote Brad Smith, the company's chief legal officer, in a blog post.
"It did so by hindering our practice of notifying enterprise customers when we receive legal orders related to their data," he wrote.
After Microsoft filed a petition challenging the NSL in U.S. District Court for the Western District of Washington, the "FBI withdrew its letter," Smith wrote.
But the unsealed documents showed why the FBI didn't challenge Microsoft's petition. The agency had obtained the information it sought directly from the Microsoft customer it had targeted in a way that maintained "the confidentiality of the investigation."
That reasoning would indicate the FBI might have fought Microsoft's petition if it hadn't achieved its aim of keeping the probe quiet.
Still, Smith considered it a victory for Microsoft. Although government requests for enterprise customer data are rare, "where we have received requests, we've succeeded in redirecting the government to obtain the information from the customer, or we have obtained permission from the customer to provide the data," he wrote.
"We're pleased with the outcome of this case, which validates our approach," Smith wrote.
Microsoft is one of many technology companies that have vowed to closely scrutinize U.S. government requests for data.
In January, the U.S. Justice Department reached an agreement with technology companies that would allow more details to be released on Foreign Intelligence Surveillance Act orders and NSLs, which often must be kept secret.
- Deep Security +VMware vSphere with Operations Management Most midsize organizations are highly virtualized on VMware, and while this has produced significant savings, it also has created new challenges when it...
- Single-Vendor Security Ecosystems Offer Concrete Benefits Over Point Solutions IT security decision-makers from companies with 100 to 5,000 employees evaluates the current endpoint security solution market based on Forrester's own market data,...
- Best Practices for Security and Compliance with Amazon Web Services This paper will discuss what part of the shared responsibility equation customers are responsible for and what some of the recommended security practices...
- Case Study: Intuit Turns to Self-Service IT Intuit empowered its users to resolve their own IT issues with a consumer-like experience to free IT to focus on more strategic initiatives....
- Business-driven data protection Setting up data protection infrastructures with your organizations' core mission or business in mind is key. In this webinar, the ARCserve team will...
- On-Demand Webinar: Mind the Gap! Watch the webinar featuring Bob Janssen, CTO and Co-Founder of RES Software, to start building a solid foundation for business and IT to... All Legal White Papers | Webcasts