Microsoft has released a blog post from General Counsel and EVP – Legal & Corporate Affairs Brad Smith detailing changes to its practices stemming from a recent report detailing how it read a blogger’s email without their permission to track down a source code leak. Microsoft will not be doing that ever again, the post says, and instead they’ll refer any and all potential similar situations to law enforcement directly.
The case in question involved Microsoft checking a blogger’s email when they found an ex-employee had leaked said blogger proprietary software. They did so on the basis that the case was extraordinary, and that fast response was the best way to quash the illegal distribution of their proprietary content before it got out of hand. Microsoft followed up that report with a blog post from another of its top lawyers, Deputy General Counsel John Frank, who justified the action and provided context for why the company did what they did.
Now, however, they’ve gone even further, promising not to operate in this manner ever again, even under the kind of extreme circumstances that prompted them to do this before. They still claim no legal wrongdoing in the previous case; it was “clearly within [their] legal rights,” according to the new post by Smith. Even so, Smith also concedes that they’ve been listening to feedback from customers and realize they should take their own medicine so to speak, and rely on formal legal processes going forward.
The dogfooding aspect here comes from Microsoft realizing that it has been advocating more openness and a strict adherence to the letter of the law and going through proper channels, by the government in accessing Microsoft’s customer data. The same standard should apply to Microsoft itself, and Smith clearly acknowledges that in this case, it didn’t. Microsoft isn’t just making a promise, however; it’s partnering with The Center for Democracy and Technology and The Electronic Frontier Foundation to help it identify the best way forward regarding customer privacy issues like this one that may crop up in the future.
This is progress, and it’s nice to see Microsoft’s view on the matter evolve in response to clear customer expression of distaste and disappointment. Of course, legally they’re still primarily watching out for their own interests, but at least this shouldn’t happen again, or if it does, Microsoft won’t have its terms of service to fall back on.