Consumers, not businesses, are overwhelmingly the targets of law-enforcement investigations across the globe, according to new data released by Microsoft.
In all of 2013, the world’s police and law-enforcement agencies made 72,279 requests for user information affecting 125,215 Microsoft accounts. The figures indicate that the volume of those requests dropped somewhat in the second half of the year.
During the last six months of 2013, Microsoft handled 35,083 requests involving 58,676 accounts, according to the company’s latest Law Enforcement Requests Report. The previous six months (Jan.-June 2013) saw more requests (37,196) for information on a greater number of users (66,539). The figures don’t “include legal demands under U.S. national security laws,” which are reported separately, John Frank, deputy general counsel and vice president of Microsoft’s Legal and Corporate Affairs division, wrote in a blog post.
Microsoft’s data reveals that the vast majority of investigations are focused on individuals, not businesses.
“We received only three legal orders for data associated with use of our commercial services by our enterprise customers (i.e., those with more than 50 seats), seeking information about 15 accounts,” wrote Frank. His company disclosed information in all of those cases.
United States law-enforcement agencies generated the bulk of the requests for user data (80 percent) during the second half of 2013. “This is in line with what we observed about the first half of 2013 and is consistent with what we saw in 2012,” said Frank.
Turkey, Germany, France and the United Kingdom rounded out the top five.
Overall, less than 0.01 percent of Microsoft accounts came under scrutiny by law enforcement in the last six months of 2013. The company disclosed “non-content data” for 76 percent of requests during that period while no data was disclosed for 21 percent.
Microsoft’s Law Enforcement Requests Reports, asserted Frank, “are part of our ongoing commitment to transparency on these issues.” The company has grown increasingly vocal about data privacy and security following explosive allegations that the U.S. National Security Agency (NSA) operates a far-reaching and sophisticated intelligence apparatus that is capable of ingesting massive amounts of user information.
After ex-NSA contractor Edward Snowden released classified NSA documents last year, Brad Smith, Microsoft general counsel and executive vice president, compared the NSA’s actions to those of cyber-criminals. “Indeed, government snooping potentially now constitutes an ‘advanced persistent threat,’ alongside sophisticated malware and cyber-attacks,” he said in a statement.
Echoing Microsoft’s stance, Frank stated, “We believe that public availability of such data is important to our customers as well as to an increasingly broad community of advocates and stakeholders working to find the appropriate balance of policies that promote public safety and personal data privacy.”