Microsoft announced on Friday that it has changed its policy around accessing user information – again. The new policy is in response to recent reports that the company snooped in a user’s Hotmail account in 2012 to find the source of a code leak.
Microsoft first response to the reports – released less than two weeks ago – was a policy that would see Microsoft present evidence to an outside attorney before looking in users’ accounts.
Microsoft General Counsel and executive vice president, legal and corporate affairs Brad Smith explained the revised policy in a blog post on Friday morning.
“Effective immediately, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property from Microsoft, we will not inspect a customer’s private content ourselves. Instead, we will refer the matter to law enforcement if further action is required.”
This is an embarassing misstep for Microsoft as it vies for a top spot in the public cloud wars against Amazon Web Services and Google, and it shows a serious lack of understanding of user privacy. While Google isn’t perfect, it recently tightened up its Gmail encryption and released a video showing in layman’s terms how it deals with government requests for data.
With a new CEO, Microsoft has made strides in its cloud and mobile-first strategy. Its old policy was clearly out of line with this strategy, and while Microsoft didn’t recognize it at first, it did come out and apologize, admitting it was wrong.