Does Microsoft Have the Right To Search Your Email?


cote / Foter / CC BY

Microsoft has long run a campaign to convince people that its email service, Outlook, is safe. They assure that "Outlook.com prioritizes your privacy" and "your email is nobody else's business." That privacy ends, though, if Microsoft itself says it has a good reason to snoop through your emails or chat logs.

Last week, the company accused one of its former employees, Alex Kibkalo, of leaking trade secrets. The Seattle Post-Intelligencer wrote last Wednesday that "Kibkalo is alleged to have leaked Windows 8 code to a French technology blogger in mid-2012, prior to the software's release." The blogger is unnamed in the court complaint, and the leaks amounted to "screenshots of a pre-release version" of the operating system.

How'd Microsoft figure all this out? Company investigators went snooping through private messages of the blogger, who used Outlook, in order to hunt down Kibkalo.

John Frank, Microsoft's general counsel, argues that this is no big deal because:

courts do not… issue orders authorizing someone to search themselves, since obviously no such order is needed.  So even when we believe we have probable cause, there's not an applicable court process for an investigation such as this one relating to the information stored on servers located on our own premises.

He also assures that the company's terms and services allow them to do this.

Harry McCracken of TIME expresses some sympathy for Microsoft, noting that among all other potential illegal deals transpiring over Outlook, "the one sort of case in which we know that Microsoft thinks it's OK for it to spy on your e-mail without a warrant is when you might be stealing its own stuff."

Others are more skeptical. Edward Wasserman, the dean of the Graduate School of Journalism at University of California, Berkeley, told The New York Times, "I have never seen a case like this. Microsoft essentially decided that whatever privacy expectation that its own customers supposedly had was basically a dead letter."

"Microsoft clearly believes that the users' personal data belongs to Microsoft, not the users themselves," Ginger McCall of the Electronic Privacy Information Center said to CNN.

Mike Masnick of Techdirt predicts that this "is hugely damaging to the company," more so than just letting the leaks just pass.

Either way, Microsoft is now doing damage control. They're revamping their privacy policy and issued a statement that they "vow to go through a more stringent process" before reading people's emails again.