Microsoft reports on governments user data requests

Microsoft reports on governments user data requests

Summary: In the first half of 2013 governments world-wide made 37,196 requests from Microsoft for user content or transactional data about users. In 817 of these, Microsoft turned over actual user content.

SHARE:
TOPICS: Security
2

On Friday, Microsoft disclosed data on requests made of them in the first half of 2013 by governments for user data.

In the first half of 2013, Microsoft received 37,196 requests from governments around the world, affecting 66,539 user accounts. In total, 7,014 of these requests came from the US governments (federal, state or local), affecting 18,809 accounts.

Microsoft disclosed actual user content in response to only 817 of the requests (2.19 percent of the total), 749 from the United States. They disclosed "non-content data" in 28,698 cases, 4,569 with the US government. In 911 cases, 588 involving US governments, the request was turned down for not meeting the legal requirements. (The difference between content and non-content data is not defined in the report, but content is likely to be the data users create and store directly, such as the body of an email. Non-content data is metadata about the user, such as when and with whom they have communicated.)

National security orders (e.g. FISA Orders and FISA Directives) are not included in the data, as Microsoft is legally barred from disclosing the data. Microsoft and several other companies are currently litigating in the FISA Court for approval to disclose this data. The data in this report for the United States involves only ordinary law enforcement requests.

The trend from 2012 to 2013 indicates that this year will end with request numbers at about the same level as last.

The requests come from a large number of governments (including one from French Polynesia), but 73 percent of them come from 5 governments: the United States, Turkey, Germany, the United Kingdom, and France.

The disclosures to law enforcement overwhelmingly concern consumer accounts. In the report period there were only 19 requests for data on enterprise e-mail accounts hosted by Microsoft (a total of 48 enterprise user accounts). All came from law enforcement in the US. Four resulted in disclosure of user content and one in non-content data.

Microsoft also included one surprise fact: "To date, Microsoft has not disclosed enterprise customer data in response to a government request issued pursuant to national security laws."

US-Microsoft-disclosures
The overall numbers for law enforcement data requests from Microsoft and for their disclosure of data are low.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • I appreciate

    this transparency and hope Microsoft and other tech companies keep pushing for greater levels of disclosure.
    cantbeme
  • Dont forget

    And Zdnet and Cnet love to leave out the others: GOOGLE AND APPLE

    They get the user data requests and hands them over just as fast. Remember it was Apple that prostituted RSA to the music industry.. What makes you think they are prostituting themselves to the government??! This applies to Google as well. Nice big juicy government contracts if they cooperate.
    JABBER_WOLF