Skype and criminal law enforcement data requests in 2012
This article is also available in:
Deutsch: Skype: Auskunftsbegehren von Strafverfolgungsbehörden 2012
Microsoft released its first-ever transparency report, the 2012 Law Enforcement Requests Report, explaining its approach to criminal law enforcement data requests around the globe. The report includes detailed information and data about the communications platform Skype, making it the first official public clarification of the company’s legal standing and jurisdiction since Microsoft acquired Skype in 2011.
The release of the report comes after pressure on Microsoft from civil society, most notably in the form of a January 2012 open letter signed by more than forty organizations (including Access and EDRi members Digitale Gesellschaft and DFRI) and sixty individuals, led and organised by Cryptocat developer Nadim Kobeissi. The letter, which called for Microsoft to release a transparency report and clarify the company’s obligations, practices, and disclosures, generated significant media coverage.
There is good reason for the public attention to Skype: the platform serves more than 663 million users worldwide, and is a crucial tool for activists and human rights defenders who depend on the service. In the absence of other meaningful or workable options for secure, unfettered channels of communications, these users urgently need to know whether they can trust Skype for sensitive conversations.
The Microsoft report disaggregates Skype data from the rest of Microsoft data, explaining that Skype operates under the laws of Luxembourg and the European Union, where it is headquartered, and continues to process and record law enforcement requests differently than its corporate parent. The effect of these parallel reporting structures means that there is less holistic data about the nature of Skype requests, including rejections of invalid requests, but more clarity about the volume of requests directed specifically at Skype versus other Microsoft products.
In a statement accompanying the release, Microsoft indicated that Skype’s “reporting policies and practices have now been brought in line with Microsoft reporting policies and going forward all data will be provided in a consistent format.” Although it does not say so explicitly, the statement does indicate that as long as Skype remains headquartered in the European Union its data will continue to be reported separately from other Microsoft products.
While it is certainly encouraging to see Microsoft release its first Transparency Report including Skype data, many points made by civil society in the January 2012 open letter remain unaddressed. We therefore urge Microsoft and Skype to release further information as detailed in the January 2012 open letter from the civil society.
What the Microsoft transparency report does—and does not—tell us about
2012 Law Enforcement Requests Report
Access joins open letter calling on Skype to clarify user security,
release transparency report (25.01.2013)
(Contribution by Raegan MacDonald - EDRi Observer)