ELISS
Experts of Lawful Interception and Security Standards
Lawful Interception Academy



News dall'Italia

Microsoft’s Law Enforcement Requests Report for the first six months of 2013

This is our second Law Enforcement Requests Report and it covers the period from January to June 2013.

The report details the number of requests for data we received from law enforcement agencies around the world, and how Microsoft responds to those requests. It covers requests for data relating to all of Microsoft’s online and cloud services, including Skype.

You can download the full report using the options on the right of this page, or review current specific data using the tool below.

Unfortunately, we are not currently permitted to report detailed information about the type and volume of any national security orders (e.g. FISA Orders and FISA Directives) that we may receive so any national security orders we may receive are not included in this report. We have summarized, per government direction, the aggregate volume of National Security Letters we have received.

What does the data show?

  • Microsoft (including Skype) received 37,196 requests from law enforcement agencies potentially impacting 66,539 accounts in the first six months of this year. This compares to 75,378 requests and 137,424 potential accounts in the whole of 2012.
  • Approximately 77 percent of requests resulted in the disclosure of “non-content data”. No data at all was disclosed in nearly 21 percent of requests.
  • Only a small number of requests result in the disclosure of customer content data, just 2.19 percent of total requests. 92 percent of the requests that resulted in the disclosure of customer content were from United States law enforcement agencies. This is again, broadly in line with what we saw in 2012.
  • As with the 2012 report this new data shows that across our services only a tiny fraction of accounts, less that 0.01 percent are ever affected by law enforcement requests for customer data. Of the small number that were affected, the overwhelming majority involved the disclosure of non-content data.
  • While we see requests from a large number of countries, when you look at the overall number, the requests are fairly concentrated with over 73% of requests coming from five countries, the United States, Turkey, Germany, the United Kingdom, and France. For Skype the requests were similarly concentrated, with four countries, the US, UK, France and Germany, accounting for over 70 percent of requests.
  • Law enforcement sought information about only a tiny fraction of the millions of end users of our enterprise services, such as Office 365. We received 19 requests for e-mail accounts we host for enterprise customers, seeking information about 48 accounts. We disclosed customer data in response to five of those requests (4 content; 1 only non-content), and in all but one case, we were able to notify the customer. We rejected the request, found no responsive data, or redirected law enforcement to obtain the information from the customer directly in thirteen of those cases. One request is still pending.
  • For all 19 enterprise requests, the legal demands were from law enforcement entities located in the U.S., and sought data about accounts associated with enterprise customers located in the United States. In addition, to date, Microsoft has not disclosed enterprise customer data in response to a government request issued pursuant to national security laws.

As we said in our first Law Enforcement Requests Report, we’ve tried to provide the data in a way that is helpful to the community, both in terms of what we report and making it available for download and detailed review. As promised, we’ve also aligned the reporting for Skype to be consistent with the rest of Microsoft, and over time as Microsoft’s services are integrated more closely we’ll fully integrate reporting.

We believe this data is valuable and useful to the community that is looking to better understand these issues. However we recognize that this report—focused on law enforcement and excluding national security—only paints part of the picture. We believe the U.S. Constitution guarantees our freedom to share more information with you and are therefore are currently petitioning the federal government for permission to publish more detailed data relating to any legal demands we may have received from the U.S. pursuant to the Foreign Intelligence Surveillance Act (FISA).

In June we published aggregate data which showed the combined totals of all requests from US government agencies for the second half of 2012, including if we received them, national security orders. While we believe that had some value in quantifying the overall volume of requests we received, it is clear that the continued lack of transparency makes it very difficult for the community—including the global community—to have an informed debate about the balance between investigating crimes, keeping communities safe, and personal privacy.

Microsoft remains committed to respecting human rights, free expression, and individual privacy. We seek to operate all of the services we own in a manner that’s consistent with our Global Human Rights Statement and responsibilities as a member of the Global Network Initiative. We strive to adopt practices that are clear and straightforward and have provided additional detail on our policies and practices for responding to law enforcement requests for customer data in our FAQs accompanying this report. For additional information about how we use and protect customer information, please read the Microsoft Online Privacy Statement and the Skype Privacy Policy.

ITALY REPORT 2013

microsoft_2013

ITALY REPORT 2012

microsoft_2012

 

Reference:

  • http://www.microsoft.com/about/corporatecitizenship/en-us/reporting/transparency/