WASHINGTON — Federal law enforcement agencies secretly seek the data of Microsoft customers thousands of times a year, according to congressional testimony being given Wednesday by a senior executive at the technology company.
Tom Burt, Microsoft’s corporate vice president for customer security and trust, will tell members of the House Judiciary Committee that federal law enforcement in recent years has been presenting the company with between 2,400 to 3,500 secrecy orders a year, or about seven to 10 a day.
“The fact that law enforcement requested, and courts approved, clandestine surveillance of so many Americans represents a sea change from historical norms,” Burt will say.
The relationship between law enforcement and Big Tech has attracted fresh scrutiny in recent weeks with the revelation that Justice Department prosecutors obtained as part of leak investigations phone records belonging not only to journalists but also to members of Congress and their staffers. Microsoft, for instance, was among the companies that turned over records under a court order, and because of a gag order, had to then wait more than two years before disclosing it.
Since then, Brad Smith, Microsoft’s president, called for an end to the overuse of secret gag orders, arguing in a Washington Post opinion piece that “prosecutors too often are exploiting technology to abuse our fundamental freedoms.” Attorney General Merrick Garland, meanwhile, has said the Justice Department will abandon its practice of seizing reporter records and will formalize that stance soon.
Burt is among the witnesses at a Judiciary Committee hearing about potential legislative solutions to intrusive leak investigations.
He said that while the revelation that the Justice Department had sought data about journalists and political figures “was shocking to many Americans,” the scope of surveillance is much broader.
“What may be most shocking,” he added, “is just how routine court-mandated secrecy has become when law enforcement targets Americans’ emails, text messages, and other sensitive data stored in the cloud.”
Burt said that while Microsoft Corp. does cooperate with law enforcement on a broad range of criminal and national security investigations, it often challenges surveillance that it sees as unnecessary, resulting at times in advance notice to the account being targeted.
As possible solutions, Burt said, the government should end indefinite secrecy orders and should also be required to notify the target of the data demand once the secrecy order has expired.
“Secrecy should be the rare exception, not the norm. Providing notice to an individual the government targets with a warrant or other demand for information is a critical protection against government overreach,” he said. “Safeguarding one’s constitutional rights requires knowledge that those rights are at risk. Without notice, an individual is left in the dark, unable to raise privileges or other objections that may be applicable, and unable to protect their rights in court.”