Microsoft has announced it has beaten the FBI in a legal case involving the rights of a customer to be informed the agency had requested access to data held on them by the software giant.
Details regarding the case, which happened last year, have only just been made public following the unsealing of documents relating to the case [PDF] by a federal court in Seattle.
Microsoft said the incident involved an FBI National Security Letter it received last year seeking information about an account belonging to one of its enterprise customers. The letter included a nondisclosure provision, and the firm moved to challenge this provision in court, as it had previously promised it would do in such situations.
“After we filed this challenge in Federal Court in Seattle, the FBI withdrew its Letter,” wrote Brad Smith, Microsoft’s vice president for legal & corporate affairs, in a blog post detailing the incident.
Smith referred back to a previous blog post where he had given the undertaking that Microsoft was “committed to notifying business and government customers if we receive legal orders related to their data. Where a gag order attempts to prohibit us from doing this, we will challenge it in court.”
In this case, the FBI National Security Letter did include a nondisclosure provision, and so Microsoft moved to challenge it.
“We concluded that the nondisclosure provision was unlawful and violated our Constitutional right to free expression. It did so by hindering our practice of notifying enterprise customers when we receive legal orders related to their data,” Smith said.
It is important to note that Microsoft is not saying it would challenge a request to hand over customer data when asked to by the FBI or another US government agency, only that it reserves the right to inform the customer in question that such a request has been made.
The ability for US government agencies to request access to customer data has been held up as a major concern, especially by businesses and civil rights groups in Europe, and has been predicted to have a chilling effect on the growth of cloud services.
“Having spent the first half of this week in Berlin and London, it’s apparent that government, business, and civil society leaders around the world are continuing to follow closely these issues in the United States,” Smith wrote on the blog.
“I often meet people in other countries who ask whether the courts in the United States will play a strong and independent role on government surveillance issues.”
However, government requests for data belonging to enterprise customers are “extremely rare”, Smith claimed, and therefore “we have seldom needed to litigate this type of issue.”
23 May 2014 | 12:52 pm – Source: v3.co.uk