The FBI went to Microsoft last year with a warrant asking them to hand over keys to unlock encrypted data stored on three laptops as part of an investigation into possible fraud involving the COVID unemployment assistance program in Guam — and Microsoft complied.
Generally, companies resist handing over encryption keys to authorities. Most famously, Apple refused to give the FBI access to phones used by the San Bernardino shooters in 2016. The FBI eventually found a third party to hack the phones, but ultimately dropped its case. Most major tech companies, including Google and Facebook, supported Apple in its fight with the FBI. Even Microsoft supported Tim Cook’s position, albeit a little less strongly than some others.
However, in this instance, it seems that Microsoft has decided to bow to the government’s demands and has confirmed that forbes It provides BitLocker recovery key if it receives a valid legal order. Microsoft spokesperson Charles Chamberlain said The Verge Microsoft is legally required to generate keys stored on its servers.
Chamberlain elaborated, “Customers can choose to store their encryption keys locally, in a location inaccessible to Microsoft, or in Microsoft’s cloud. We recognize that some customers prefer Microsoft’s cloud storage, so we can help recover their encryption keys if needed. While key recovery provides convenience, it also carries the risk of unwanted access.”
Oregon Senator Ron Wyden countered by saying forbes It was “irresponsible” for companies to “secretly hand over users’ encryption keys”.
What worries privacy advocates like the ACLU is the precedent it sets and the potential for abuse. The current administration and ICE have shown little regard for data security or the rule of law. And beyond U.S. borders, Jennifer Granik, surveillance and cybersecurity counsel at the ACLU, pointed out. forbes That “foreign governments with questionable human rights records” may also expect Microsoft to hand over the keys to customer data.
<a href