Microsoft Releases Details on Government Surveillance Requests

A report released by Microsoft this week lists six months' worth of requests from global law enforcement agencies for information on customers' online services use.

The new report, the first from Microsoft in 2013, covers the period between January and June of this year. It doesn't include national security requests, such as requests issued via the U.S. Foreign Intelligence Surveillance Court. Microsoft reported aggregate data, omitting specific details.

Overall, there were 37,196 requests from law enforcement agencies around the world in the first six months of this year, but those requests "potentially" affected 66,539 accounts, according to Microsoft's report. Requests regarding Microsoft's services came most frequently from the U.S. government (7,014), followed by Turkey (6,226), Germany (5,185), the United Kingdom (4,404) and France (4,379). In stark contrast, China and Russia had three requests apiece during the six-month period.

U.S. law enforcement requests January to June, 2013
U.S. law enforcement requests from January to June, 2013. Source: Microsoft Law Enforcement Requests Report.

Most of the requests concerned the use of Microsoft's consumer services, such as, SkyDrive, Messenger and Skype. However, the requests also tapped Microsoft account sign-up information, which is used to access various Microsoft services. Users of Microsoft account are tracked by a "personal user ID, which is a unique alpha-numeric code generated for each registered Microsoft account," Microsoft explained. This so-called "non-content information" contains information such as the user's log-in ID, name, state, country, IP address and gender.

Requests specifically affecting Microsoft's business customers were few. There were "19 requests for enterprise customer data" regarding hosted e-mail accounts during the time period, according to the report.

Most of the requests were for non-content information. Microsoft claims it requires "a court order or warrant before we will consider disclosing content to law enforcement." Microsoft actually disclosed customer content in response to 10.7 percent of U.S. law enforcement requests for content during the six-month period.

The report also listed approximate numbers in response to past FBI-issued National Security Letters, which are purportedly issued for terrorism or intelligence cases. Microsoft responded to National Security Letter requests ranging between 0 and 999 in 2012, for instance. Microsoft also responds to so-called "emergency requests," which are cases such as possible kidnappings or suicide attempts. The United Stated led in those request at 87 requests during the six-month period.

Microsoft's disclosure reports don't reveal much, but are of greater interest now given recent events. Microsoft and other service providers joined the National Security Agency's PRISM program as early as 2007, as disclosed this year by whistle-blower Edward Snowden. PRISM allows NSA agents to simply tap service provider networks, according to Snowden, which all of the service providers deny. Following that publicity, Microsoft and other service providers filed a petition to the U.S. government in September seeking permission to disclose the number of FISA Court requests it receives.

The U.S. government hasn't budged much. Microsoft was given an exception last year by to publish aggregate data about national security requests from July 2012 through Dec. 2012. However, that exception seems to have been a one-shot arrangement as those statistics are missing from this 2013 report.

U.S.-based companies such as Microsoft are trying to promote the cloud, but can't guarantee much given recent NSA spying revelations. And that circumstance has shattered trust among some potential users. Microsoft first began issuing its law enforcement agency request reports in March.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


  • Everything Microsoft Announced at Its Surface Event

    Microsoft showed off its updated and expanded line of Surface devices this week, positioning the new Surface Laptop Studio as its flagship Windows 11 laptop.

  • M&A in Microsoft Channel: Progress Acquires Kemp

    Longtime Microsoft partner Progress Software is acquiring another Microsoft partner in Kemp Technologies.

  • The 2021 Microsoft Product Roadmap

    From Windows 10X to the next generation of Microsoft's application server products, here are the product milestones coming down the pipeline in 2021.

  • Microsoft Says System Center 2022 Will Arrive Early Next Year

    Microsoft is planning to release its new System Center product in the first quarter of 2022, with a private preview arriving within months.