Microsoft this week won a court battle to unseal documents related to the company’s successful fight against an FBI order for a customer’s data.
In short, the FBI had sent Microsoft a National Security Letter last year directing the company to provide basic subscriber information for one of its enterprise customers.
Enterprise customers are large-scale institutional organizations such as corporations, governments or non-governmental organizations. Neither Microsoft nor the court documents (which are redacted) specified who this enterprise customer was that the FBI was seeking information on.
The letter also forbade Microsoft from disclosing that the FBI was seeking such information.
Last year, Microsoft filed a court challenge to the letter in U.S. District Court in Seattle, saying the nondisclosure requirement in the National Security Letter violated the company’s constitutional right to free expression since it would prevent Microsoft from following its practice of notifying its enterprise customers when it receives legal orders for the customers’ data.
After Microsoft filed the challenge, the FBI withdrew its National Security Letter, saying it had obtained the requested information from the customer, according to court documents.
The company then sought to unseal certain documents, which were subsequently ordered unsealed on Wednesday by U.S. District Judge Richard Jones in Seattle.
The unsealed documents include Microsoft’s challenge of the National Security Letter and the agreement reached with the FBI in which the agency agreed to allow Microsoft to seek unsealing of redacted versions of the agreement and original challenge.
It does not include the FBI’s National Security Letter.
“Fortunately, government requests for customer data belonging to enterprise customers are extremely rare,” Brad Smith, Microsoft’s general counsel, wrote in a blog post Thursday.
“We therefore have seldom needed to litigate this type of issue. In those rare cases where we have received requests, we’ve succeeded in redirecting the government to obtain the information from the customer, or we have obtained permission from the customer to provide the data,” he continued. “We’re pleased with the outcome of this case, which validates our approach.”