Microsoft revises email snooping policies in light of Windows 8 leak

Microsoft might have succeeded in plugging a big leak in its Windows 8 department, but it might have unwittingly waded into a more shady legal department. Responding to concerns on privacy regarding Hotmail and Outlook email users, the company has released a statement clarifying the new steps it will be taking when investigating its own email service.

Earlier today, former Microsoft employee Alex Kibkalo was arrested and charged with theft of trade secrets, specifically those related to Windows 8 and its SDK. While the crime itself is probably not too sensational, the process that Microsoft used to get there set off quite a few alarms. The company was able to come upon Kibkalo's name by snooping into the Hotmail account of a French blogger who was suspected to be the recipient of the leaks.

Naturally, this caused some no small amount of worry that Microsoft had free reign to snoop into Hotmail and Outlook email accounts for the sake of an internal investigation, especially when no court order for doing so was involved. According to Microsoft, courts do not issue such orders anyway when companies are searching themselves. But it's one thing to search company email, and another to search private emails, especially when said company is the one providing the email service.

Microsoft claims to have done nothing legally wrong but does believe that it needs to ensure the privacy of email accounts. In order to do so, it will be employing two levels of outside legal help, a separate legal team from its internal investigation and an outside attorney, a former federal judge, both of whom will determine if the case warrants a court order. Only then will they conduct the search and will confine itself to the matter under investigation. It will then include in its bi-annual transparency report the number of such searches as well as the number of accounts involved.

Microsoft is, of course, putting an exception on their own people. They will go straightaway to investigation when it believes that certain employees use their private Hotmail/Outlook accounts for illicit activities related to Microsoft business, but even then it promises to narrow down the scope. Some might say that the damage is done, but it is good that Microsoft has admitted to and addressed the need to change and clarify its policies. Whether it upholds its promise, however, is an entirely different matter, one that, unfortunately, the public might never really know.

VIA: The Verge