Microsoft provides Transparency Hub updates on revenge porn and “Right to Be Forgotten”

Microsoft’s Transparency Hub initiative is aimed at communicating to various stakeholders how the company is doing with regard to how information is being shared and managed. Whether it’s information on law enforcement requests, federal demands for customer data, or removing various content from Microsoft properties, the Transparency Hub is the first place to go to conduct relevant research.

Today, the Microsoft blog announced the publication of a few updates and biannual reports on just how well the company is doing when it comes to handling all of the information passing through various Microsoft property. Two specific areas were highlighted, removal of media used in what’s commonly called “revenge porn” and compliance with the European Union’s “Right to Be Forgotten” policies, and various information that Microsoft has provided to law enforcement and national security agencies.

Regarding the removal of Web data:

According to its latest Content Removal Requests Report, Microsoft received 537 requests between July and December 2015 either to remove links to revenge porn photos or videos from Bing search results, or to remove access to the content itself when shared on OneDrive or Xbox Live. As a result, the company took action on 338 of those requests after determining they met the criteria for removal. In cases where we have not yet accepted a request, it is usually either because we have asked for more information to be able to make a determination on the request, or because the content in question does not contain nudity, identify the victim in the image, or otherwise meet generally accepted definitions of “revenge porn.”

Here are the highlights regarding information shared to government agencies:

• Microsoft received a total number of 39,083 legal requests for customer information from law enforcement agencies in the second half of 2015. This reflects an increase over the 35,228 requests received for the first half of 2015.
• Just over 2 percent of law enforcement requests resulted in the disclosure of content customers created, shared or stored on our services. Microsoft does not disclose customer content without a court order or warrant.
• The passage of the USA Freedom Act enabled us to report Foreign Intelligence Surveillance Act (FISA) requests and National Security Letters (NSLs) in narrower ranges of bands of 500 versus 1,000. For the latest FISA data reported, Microsoft received 0-499 FISA Orders seeking disclosure of content impacting 15,500-15,999 accounts, which compares with 0-999 FISA Orders seeking disclosure of content impacting 18,000-18,999 accounts reported for the previous period. We received 0-499 National Security Letters in the latest reporting period versus 0-999 in the previous period.
• Requests from law enforcement agencies in five countries – United States, United Kingdom, Turkey, France and Germany – represent 76.8 percent of total requests in the second half of 2015. This pattern is similar to the one we’ve seen since we began reporting this detail, with these countries representing the majority of requests.
• In addition to requests from law enforcement agencies, Microsoft receives legal demands for customer data from civil litigation parties around the world. Microsoft adheres to the same principles for all requests from civil proceeding legal requests as it does for government agencies requests for user data, requiring non-governmental civil litigants to follow the applicable laws, rules and procedures for requesting customer data. For the first time, we have provided data on civil litigation requests to accompany our Law Enforcement Requests Report.

If you need to delve more into how Microsoft handles these sensitive issues, then the Transparency Hub is the place to go. How the company manages information will become ever more important in today’s cloud-first environment where more and more customer data is being maintained and managed by Microsoft and other organizations.