Microsoft is joining Google and Twitter in releasing a transparency report that provides details about requests for information that law enforcement officials have submitted to it.
Microsoft last year received 75,378 law enforcement requests for customer information covering 137,424 accounts or other identifiers.
The report covers Microsoft's online and cloud services, including Hotmail, Outlook.com, SkyDrive, Xbox Live, Office 365, and Skype. The company pledged to release updated information every six months.
Like Google and Twitter, Microsoft is releasing the total number of requests for information it received and the number of accounts those requests covered.
But the company is also releasing data about how many disclosures included customer content, "such as the subject line and body of an email exchanged through Outlook.com; or a picture stored on SkyDrive," Microsoft general counsel Brad Smith wrote in a blog post. "We similarly are reporting on the number of law enforcement requests that result in disclosure only of 'non-content' data, which includes account information such as an email address, a person's name, country of residence, or gender, or system-generated data such as IP addresses and traffic data."
So what does the data say? Of the 75,378 law enforcement requests for customer information, about 2.1 per cent, or 1,558 requests, resulted in the disclosure of that content, Smith said. More than 99 per cent of those disclosures were made in response to warrants from US courts. Fourteen disclosures were to governments in Brazil, Ireland, Canada, and New Zealand.
About 56,388 cases resulted in the disclosure of non-customer content, not including Skype, and more than 66 per cent of those were to agencies in the US, the UK, Turkey, Germany, and France.
Eleven law enforcement requests focused on Microsoft enterprise customers. "In general, we believe that law enforcement requests for information from an enterprise customer are best directed to that customer rather than a tech company that happens to host that customer's data," Smith said.
On Skype alone, there were 4,713 requests from law enforcement covering 15,409 accounts or other identifiers, such as a PSTN number.
"Skype produced no content in response to these requests, but did provide non-content data, such as a SkypeID, name, email account, billing information and call detail records if a user subscribed to the Skype In/Online service, which connects to a telephone number," Smith wrote.
Microsoft separated Skype because Skype collected data differently than Microsoft in accordance with Luxembourg law prior to its 2011 acquisition. "Skype reporting policies and practices have now been brought in line with Microsoft reporting policies and going forward all data will be provided in a consistent format," Microsoft said.
Like other tech firms, Microsoft said it requires a valid subpoena or legal equivalent or a court order or warrant before handing over information.
Twitter released its first transparency report in July 2012, and a second one was released in January. Google has been doing the same for years, and also catalogues the number of copyright-related takedown requests it receives on a daily basis. Recently, Google added national security letter (NSL) requests, though a judge recently found that NSLs are unconstitutional.
Microsoft released similar NSL data today, saying it received between zero and 999 NSLs in 2012, down from the 1,000-1,999 requests in 2011 and 2010.