The US Government routinely requests cloud data providers such as Apple, Google, Amazon and Microsoft to turn over data as part of investigations. Over the past 18 months, Microsoft has received more than 2,600 “secrecy orders”. Due to the secrecy aspect, Microsoft isn’t even allowed to disclose that an investigation is underway.
In order to protect its customers, Microsoft has been adding technical features such as encryption where only customers have the keys and processes that require customer approval for accessing customer data. However, this may not be enough to keep out the US Government from accessing customer data.
Microsoft has now taken the step to sue the US Government on the grounds that the access requests are unconstitutional:
Microsoft Corp (MSFT.O) has sued the U.S. government for the right to tell its customers when a federal agency is looking at their emails, the latest in a series of clashes over privacy between the technology industry and Washington.
The lawsuit, filed on Thursday in federal court in Seattle, argues that the government is violating the U.S. Constitution by preventing Microsoft from notifying thousands of customers about government requests for their emails and other documents.
The government’s actions contravene the Fourth Amendment, which establishes the right for people and businesses to know if the government searches or seizes their property, the suit argues, and Microsoft’s First Amendment right to free speech.
As organizations move to the cloud, keep data private is a key concern and establishing that trust with customers is a key need for cloud providers such as Microsoft. The argument that Microsoft is making is moving to the cloud should not create more exposure to government access requests than would be the case on premise and that requests for data are not transparent and access requests are too broad in their use.