Redmond, Washington-based Microsoft announced that the type of accounts the feds are targeting with National Security Letters, warrants or court orders include Hotmail/Outlook.com, SkyDrive, Xbox LIVE, Microsoft Account, Messenger and Office 365. The announcements by the two tech giants mark the first time U.S. companies have divulged they were secretly responding to National Security Letters and coughing up user data to the bureau without probable-cause warrants. And the Microsoft announcement comes six days after a federal judge declared National Security Letters unconstitutional and gave the President Barack Obama administration 90 days to appeal the ruling.
A breakdown of the number of National Security Letters the FBI has issued to Microsoft targeted accounts (“identifiers”) for user data.
The NSLs, which have been issued nationwide hundreds of thousands of times, are written demands from the FBI that compel internet service providers, credit companies, financial institutions and businesses like Google and Microsoft to hand over confidential records about their customers, such as subscriber information, phone numbers and e-mail addresses, websites visited and more as long as the FBI says the information is “relevant” to an investigation. “Like others in the industry, we believe it is important for the public to have access to information about law enforcement access to customer data, particularly as customers are increasingly using technology to communicate and store private information,” Microsoft said.
Google, Microsoft and other entities that receive NSLs are gagged from disclosing them publicly or to the targets. But, “pursuant to approval from the government,” Microsoft released a numerical “range” of the number of NSLs it has received dating to 2009. Two weeks ago, when Google released its numbers, it said it only publicized a range “to address concerns raised by the FBI, Justice Department and other agencies that releasing exact numbers might reveal information about investigations.”
The ranges each company published are similar, but not identical. For 2012, which is the latest data available, Microsoft said it received 0-999 National Security Letters involving between 1,000 to 1,999 accounts. In 2011, Microsoft said it received 1,000-1,999 of them for 3,000-3,999 accounts. For 2010, the company reported 1,000-1,999 requests targeting 5,000-5,999 accounts. In 2009, there were 0-999 National Security Letters targeting 2,000-2,999 accounts.