Microsoft Gets Right to Notify Cloud Client of U.S. Data Probe

Microsoft Corp. won a weekslong legal fight to notify a client that federal prosecutors in New York had demanded its email account information be turned over as part of a government investigation, court records show.

The dispute arose from a pair of warrants related to a single email account at a company that uses Microsoft’s cloud-storage services, according to court filings that were heavily redacted and didn’t disclose the name of the client. A July 14 subpoena included a “secrecy provision” barring Microsoft from disclosing the request or the investigation to the account holder. The case is being handled by a prosecutor in the Manhattan U.S. attorney’s office assigned to the unit that deals terrorism and international drug cases.

Microsoft complied with the demand for records but appealed the secrecy provision in court, saying it had a right to notify clients when the government is seeking their data. Prosecutors eventually agreed to allow notification to a single officer of the client company, without disclosing which particular email account was being scrutinized, the records show.

The legal fight stems from the increasing use of cloud hosting services that store and process data on the internet rather than on local servers or personal computers. Prosecutors have increasingly sought access to that data from the cloud-hosting providers with so-called “sneak and peek” warrants that bypass the account holders.

“This case concerns the government’s power to suppress Microsoft’s speech when requiring Microsoft to turn over its customer’s email account data,” lawyers for the company wrote in one filing. “Although the First Amendment protects Microsoft’s right to discuss the government’s conduct with its customers, the government routinely seeks orders barring Microsoft from doing so -- as it did here.”

A spokesman for the U.S. attorney’s office declined to comment.

“Our business customers have a right to know when the government seeks their data and we have the right to tell them,” Dev Stahlkopf, Microsoft’s general counsel, said in a statement. “In this case, after we took the government to court, they agreed to inform our customer directly so the customer can assert its rights.”

Microsoft has been battling the government over “sneak and peek” warrants for years, and previously sued the U.S. over widespread use of the practice. The Justice Department has said it would reduce its reliance on the tactic.

A pair of Justice Department memos issued in 2017 on such records requests said “prosecutors should seek data directly from the enterprise, rather than its cloud-storage provider,” unless doing so would compromise the investigation. The memos also noted that the law allows cloud hosts to notify customers when their data has been subpoenaed, and that they could only be ordered to keep the request secret if the government obtained a court-approved protective order.

Microsoft first filed a protest of the government order in Manhattan federal court in September, and argued the company could be safely notified without jeopardizing the government’s investigation.

“Accepting the government’s position here, with an organization this trustworthy, would give the government carte blanche to require secrecy in virtually every case,” Microsoft lawyers wrote.

©2020 Bloomberg L.P.

BQ Install

Bloomberg Quint

Add BloombergQuint App to Home screen.