Microsoft Catches Heat For Snooping Blogger's Hotmail, Will Lean On Law Enforcement From Now On
The issue first came to light when Microsoft received information indicating an employee was providing stolen intellectual property, including code related to its activation process, to a French blogger known for trafficking such material for profit. As luck would have it, the blogger was a Hotmail user, so Microsoft infiltrated his account without his permission and was able to identify the employee in question.
Microsoft reasoned that the end justified the means in part because it owns the servers hosting Hotmail, saying that courts don't issue orders authorizing someone to search themselves. To allay privacy concerns, Microsoft last week updated its privacy policy and said it would only conduct future searches of customer emails if "the circumstances would justify a court order, if one were available." To make that determination, Microsoft said it would seek the advice of a third-party legal team separate from the investigating team.
Though Microsoft was trying to do the right thing and ease privacy concerns by updating its policies, it received a fair amount of criticism by users outraged that their private emails could be open to snooping. Having been able to reflect on the feedback over the past week, Microsoft has once again updated its privacy policy.
"Effective immediately, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property from Microsoft, we will not inspect a customer’s private content ourselves. Instead, we will refer the matter to law enforcement if further action is required," Brad Smith, General Counsel and Executive Vice President of Microsoft's legal division, stated in a blog post.
Smith admitted that it's "uncomfortable to listen to criticism," but in this case, it took a step back to reflect on "legitimate questions" raised by its customers. The end result was an epiphany of sorts.
"While our own search was clearly within our legal rights, it seems apparent that we should apply a similar principle and rely on formal legal processes for our own investigations involving people who we suspect are stealing from us," Smith added. "Therefore, rather than inspect the private content of customers ourselves in these instances, we should turn to law enforcement and their legal procedures."
Do you feel more comfortable using Microsoft's services with this new policy in place? Sound off in the comments section below!