This past week news broke that a former Microsoft employee of seven years, Alex Kibkalo, was arrested on charges of stealing intellectual property (IP) from Microsoft.

The IP in question was parts of Windows 8 before it was released in 2012 as well as the software development kit (SDK) that can be used to manage the Windows activation process and generate activation keys for illegal copies of the operating system.

Details of the above information can be found in the court documents for the indictment of Alex Kibkalo (PDF download).

These court documents revealed that Microsoft decided to perform a limited search of a users Hotmail account during their investigation into the IP theft Alex Kibkalo was suspected of perpetrating. This search was conducted under the Hotmail Terms of Service which allowed Microsoft to access those communications to protect the company IP.

The user, a French blogger who was known by the handle Canouna, had contacted a third party at Microsoft to validate the veracity of the leaked information he had been provided by Kibkalo. That in turn started the chain of events that assisted the internal investigation in tracking down further proof of the IP theft by Kibkalo and leaks to Canouna.

As you might imagine tech news and blog sites jumped all over this revelation yesterday, the search of the bloggers Hotmail account, and commenced pointing out this privacy violation and comparing it to Google’s own admitted scanning of millions of emails on their servers.

Here are some of the headlines from yesterday about the incident:

Snooped, Sniffed, Scroogled.

No such words in those headlines such as investigated, protected, discovered.

To compare what Microsoft did in searching this leakers Hotmail account to the Scroogled advertising campaign they recently used is simply ludicrous.  Whether you liked the Scroogled advertisements or not Google admittedly scans millions of emails for the sole purpose of learning user habits in order to sell advertising.

Microsoft had their IP stolen, leaked and in the process of an investigation into that incident discovered someone involved in receiving that stolen IP. The fact that the information was on their own Hotmail servers simply meant Microsoft could not get a court order to search themselves – that just does not happen as Ed Bott pointed out in his How Microsoft tracked down a spy who leaked its secrets post over at ZD Net.

I imagine that if this search had been approved under a court order for say Google’s servers this discussion would not be happening.

So why is it such a big deal when it is on their own servers? Microsoft performs the search of this users Hotmail account, for legal purposes to protect their IP, and the internet blows up with privacy concerns and comparisons to an ad campaign. Yet the search was authorized under their TOS and resulted in someone being charged and likely held accountable for their illegal actions.

Point the finger at the leaker and the blogger who received the leaked information all you want about their lack of intellect in using Microsoft’s own services to discuss the leaked information but I guarantee that if Microsoft had reason to believe this information existed on any other companies servers they would have sought the court order to get that information.

The individuals at fault here are the leaker and the blogger – not Microsoft.

As the dust continues to settle from this situation Microsoft has decided to establish new policies that will govern these type of searches in the future. These new policies are not an admittance that their search was improper or not authorized to protect their IP but to address the concerns that were raised throughout the situation.

These new policies were announced by John Frank, Microsoft’s Deputy General Counsel & Vice President, Legal & Corporate Affairs, Microsoft over on the Microsoft on the Issues site in a blog post titled Strengthening our policies for investigations late Friday evening.

  • We will not conduct a search of customer email and other services unless the circumstances would justify a court order, if one were available.
  • To ensure we comply with the standards applicable to obtaining a court order, we will rely in the first instance on a legal team separate from the internal investigating team to assess the evidence. We will move forward only if that team concludes there is evidence of a crime that would be sufficient to justify a court order, if one were applicable. As a new and additional step, we will then submit this evidence to an outside attorney who is a former federal judge. We will conduct such a search only if this former judge similarly concludes that there is evidence sufficient for a court order.
  • Even when such a search takes place, it is important that it be confined to the matter under investigation and not search for other information. We therefore will continue to ensure that the search itself is conducted in a proper manner, with supervision by counsel for this purpose.
  • Finally, we believe it is appropriate to ensure transparency of these types of searches, just as it is for searches that are conducted in response to governmental or court orders. We therefore will publish as part of our bi-annual transparency report the data on the number of these searches that have been conducted and the number of customer accounts that have been affected.

Personally I think Microsoft was completely transparent concerning this situation because they revealed the search in the court documents relating to the indictment of Alex Kibkalo and its impact on the investigation. They did not try to hide the fact they searched the account, why they did it or that it was in accordance to their own policies to protect their product and customers.

If only others would take that same stance.