Microsoft: Government Requests for User Data Rose in Last Half of 2015

During the second half of 2015, law enforcement agencies made more requests for user information than in the first half. In most cases, they resulted in the disclosure of subscriber information but not content.

Microsoft transparency

Microsoft's latest transparency reports are out, and the data shows the law enforcement agencies across the globe have stepped up their efforts to obtain user data stored in the Redmond, Wash., tech giant's cloud and online services.

During the second half of 2015, Microsoft fielded 39,083 legal requests affecting more than 64,600 users, compared with 35,228 requests affecting 62,750 users in the first half of the year. The majority of those requests hail from the United States, United Kingdom, Turkey, France and Germany. These five nations represented 76.8 percent of all law enforcement inquiries during the second half of 2015.

Turkey was responsible for the highest number of requests (9,169), followed by France (6,280), the U.S. (5,297) and the UK (5,254). Germany rounded out the top five with 4,026 requests. In terms of users affected, the U.S. takes first place with 12,355 accounts affected, followed by Turkey with 10,041 accounts.

Microsoft rejected 13 percent of requests, while no data was found for 18.5 percent of the cases. Nearly two-thirds of requests (65.96 percent) resulted in the disclosure of subscriber or transactional data. The company turned over user content in just 957 instances, or 2.45 percent of cases, in the U.S., Brazil and Ireland.

Concrete figures pertaining to the number of Foreign Intelligence Surveillance Act (FISA) orders and national security letters are still hard to come by. However, last year's passage of the USA Freedom Act now allows Microsoft to report data in narrower ranges of 500 versus 1,000 previously.

"For the latest FISA data reported, Microsoft received 0-499 FISA Orders seeking disclosure of content impacting 15,500-15,999 accounts, which compares with 0-999 FISA Orders seeking disclosure of content impacting 18,000-18,999 accounts reported for the previous period," explained Steve Lippman, Microsoft's director of Corporate Responsibility, in a statement. Microsoft was handed 0-499 national security letters in the second half of 2015, compared with 0-999 in the first half, he added.

Microsoft has also begun publishing lawsuit data. According to a FAQ published on the company's Website, the software maker "adheres to the same principles for all requests from civil proceeding legal requests as it does for government agencies requests for user data, requiring non-governmental civil litigants to follow the applicable laws, rules and procedures for requesting customer data."

During July through December 2015, Microsoft received 145 civil litigation requests affecting 347 accounts, most of them from the United States (134 requests). Only 3 percent of such requests resulted in the release of some customer data, the company reported.

For the first time, Microsoft's transparency data includes information on the number of requests the company received to remove so-called revenge porn, or the nonconsensual distribution of nude or sexually explicit photos or videos.

Between July and December 2015, the company received 537 requests to remove such content on Bing or services like OneDrive or Xbox Live. Microsoft removed content as a result of 338 of those requests.

Pedro Hernandez

Pedro Hernandez

Pedro Hernandez is a contributor to eWEEK and the IT Business Edge Network, the network for technology professionals. Previously, he served as a managing editor for the network of...