It was recently revealed in a court filing that Microsoft had accessed a blogger’s Hotmail account as part of an investigation against an employee suspected of having leaked confidential Microsoft property. The blogger received a tip from a former Microsoft employee Alex Kibkalo, who shared pre-release Windows 8 RT source code, among other confidential items. Microsoft found out about the leak and accessed the blogger’s Hotmail account to see if Kibkalo’s emails were really there. While this landed Kibkalo into hot soup, Microsoft came under severe criticism for accessing a user’s communications without their knowledge.
Technically Microsoft was within its legal rights when it accessed the account. The privacy policy for its web mail service states that the company can access information about the user, such as content of communications, “to protect the rights or property of Microsoft.” Despite that, the company has now announced a major change to its policy.
Microsoft general counsel Brad Smith writes that “effective immediately,” if the company comes to know that its services are being used to traffic “stolen intellectual or physical property” it will not look into the user’s private content itself. Instead Microsoft will refer the matter to law enforcement if further action is needed. Smith adds that this change will be included in the company’s customer terms of service in the coming months, so that its clear to customers as well as binding on Microsoft.
This subtle change gives Microsoft a leg up on its rivals, as far as web mail services go. Google and Yahoo also reserve the right to look into their web mail users’ accounts if their intellectual property is at stake, they are yet to make a change.