Microsoft reports increase in US law enforcement data requests in 2020

US law enforcement requests for data related to consumer services was higher in 2020 than in previous years.

Microsoft on Thursday published new figures related to law enforcement requests for data, showing an increase in requests from US law enforcement in 2020 compared to years prior. 

The data comes from Microsoft's Law Enforcement Requests Report -- one of the "digital trust" reports it publishes on a biannual basis. The reports show how Microsoft responds to requests for data and for content removal.

The latest Law Enforcement Requests report covers July through December 2020. It shows Microsoft received 5,682 legal requests from US law enforcement for data related to its consumer services (not including data stored outside the US). The prior report, for the first half of 2020, similarly showed 5,507 requests from US law enforcement, for a total of 11,189 for the year. 

msftdata.png

Microsoft provided non-content data in response to more than 48 percent of US law enforcement requests in the second half of 2020. It handed over content in response to 13 percent of requests. More than 22 percent of requests resulted in no disclosure of customer data, while Microsoft rejected more than 15 percent of requests.

In previous years -- 2017, 2018, and 2019 -- the number of requests from US law enforcement fell between 9,100 and 9,400. 

Globally, for the second half of 2020, Microsoft received 24,798 law enforcement requests for data related to consumer services. It received 24,093 for the first half of 2020. US law enforcement made the most requests, followed by Germany, the UK and France.

With respect to enterprise customer data, in the second half of 2020, Microsoft received 109 requests from law enforcement around the world. This data is defined as data associated with cloud customers who purchased more than 50 seats. In 69 cases, these requests were rejected, withdrawn or law enforcement was successfully redirected to the customer to obtain the information they were seeking. 

In 40 enterprise data cases, Microsoft was compelled to provide some information in response to the order: 19 cases required the disclosure of some customer content, and in 21 of the cases we were compelled to disclose non-content information only.

In addition to the law enforcement report, Microsoft also published the US National Security Orders Report covering January to June 2020. The report was largely consistent with the previous reports.

The latest Content Removal Requests Report details acceptance rates regarding requests received from governments, copyright holders, individuals subject to the European Union's "Right to Be Forgotten" ruling. Among the details reported: There were 2,867 "Right to Be Forgotten" requests received and processed in the second half of 2020, with the most coming from France.

The Digital Safety Content Report covers actions that Microsoft has taken in relation to child sexual exploitation and abuse imagery (CSEAI), terrorist and violent extremist content (TVEC) as well as non-consensual intimate imagery (NCII).