microsoft building hq logo

Photo via Ken Wolter/Shutterstock (Licensed)

Justice Department ends secret probes into customer’s data

Microsoft’s lawsuit against the Justice Department marks a new milestone.

 

Danielle Ransom

Tech

Posted on Oct 24, 2017   Updated on May 22, 2021, 1:21 pm CDT

Microsoft’s lawsuit against the Justice Department marked a new milestone in the debate over government access to tech user’s data, and it’s caused the department to change its policies surrounding how prosecutors may use gag orders.

The new policies require prosecutors to explicitly state the nature of a gag order request and explain why it is pertinent to the investigation before one may be granted. Additionally gag orders will now be constrained to last for one year or less, although exceptional cases may be exempt.

The Justice Department hopes these new guidelines will provide more transparency into government access of customer’s data after reaching a compromise with Microsoft 18 months after the tech giant first filed a lawsuit questioning the government’s probing.

In April 2016, Microsoft sued the Justice Department over a law that banned tech companies from telling their customers the government was accessing their data. Formerly, prosecutors could impose gag orders on tech firms and providers for an indefinite time that prevented companies from notifying customers when and how often their data was being accessed during legal proceedings, nor was the government required to notify people.

“Until today, vague legal standards have allowed the government to get indefinite secrecy orders routinely, regardless of whether they were even based on the specifics of the investigation at hand,” Microsoft Chief Legal Officer Brad Smith said in a blog post.

During the 18-month lawsuit, Microsoft received 5,600 search warrant requests from the U.S. government to access data it stored on customers, with around 68 percent demanding secrecy for an indefinite amount of time.

The tech giant argued that these secrecy orders, legal under the Electronic Communications Privacy Act established in 1986, violated customers’ Fourth Amendment rights as the government could access everything users uploaded into cloud software including photos, emails, credit card information, and other personal data. It also argued that it violated business’ First Amendment rights by blocking them from alerting customers.

Despite the new ruling, these policies do not apply to orders under the Foreign Intelligence Surveillance Act or cases of national security. But, it is a leap forward that will allow customers to be aware of and challenge the government when a warrant request is made.

H/T the Washington Post

Share this article
*First Published: Oct 24, 2017, 5:53 pm CDT