Rather than inspect the private content of customers ourselves in these instances, we should turn to law enforcement and their legal procedures.
general counsel, Microsoft
The decision comes after Alex Kibkalo, an ex-employee of the Redmond, Wash.-based software giant, was recently arrested for allegedly leaking pre-release Windows 8 source code and Microsoft's "Activation Server Software Development Kit" -- meant to prevent the unauthorized copying of the company's programs -- to a French blogger.
Microsoft was apparently made aware of Kibkalo's actions when the blogger sent an email via the company's Hotmail service to a Microsoft employee asking the company to verify the stolen code. That employee instead sent the information on to a Microsoft executive, eventually prompting what a Microsoft spokesperson referred to as a "limited review" of the Hotmail account.
"While our own search was clearly within our legal rights, it seems apparent that we should apply a similar principle and rely on formal legal processes for our own investigations involving people who we suspect are stealing from us," said Smith in a statement published Friday. "Therefore, rather than inspect the private content of customers ourselves in these instances, we should turn to law enforcement and their legal procedures."
Smith further admitted this controversy comes at an inopportune time for Microsoft, as the company has spent the better part of the last year distancing itself from accusations that it provides the National Security Agency unfettered access to customer data, prompted by leaks from former NSA contractor Edward Snowden. Though not directly unacknowledged, Microsoft's "Scroogled" series of attack advertisements, which aim to paint the company in a positive light on digital privacy issues and sully the reputation of tech rival Google, have also put the company in an awkward position after recent revelations.
"We entered a 'post-Snowden era' in which people rightly focus on the ways others use their personal information. As a company, we've participated actively in the public discussions about the proper balance between the privacy rights of citizens and the powers of government," Smith said. "We've advocated that governments should rely on formal legal processes and the rule of law for surveillance activities."
In a blog post Friday, EFF legal fellow Andrew Crocker defended Microsoft's decision.
"We commend Microsoft for its willingness to reconsider its policies, and we think it made the right decision," Crocker wrote. "We've said it repeatedly: It is wrong for companies to use terms of service to reserve vast, unnecessary rights to access and disclose user content."