MICROSOFT HAS BEEN accused by Indian financial institutions of deliberately sharing data about customers with US Intelligence Agencies.
A report in the Indian press cites a document from the Reserve Bank of India (RBI) which found that banks which have migrated to Microsoft Office 365 services have had their customers’ data shared with the US in order to comply with US law.
According to the report, many banks are aware that Microsoft is information sharing but that their end users probably do not.
A Risk Assessment Report (RAR) has been given to the banks’ audit committees for their response.
RBI cited one specific example where: “It was gathered from the Microsoft transparency hub that Microsoft is bound to share customers’ data under US Foreign Intelligence Surveillance Act (FISA) and US national security letters as and when required by the US authorities.”
The RBI found that this was an explicitly arranged deal and that between 2014 and 2016, Microsoft had received 4,000 requests about Indian customers and shared information on 3,036 occasions.
Microsoft told Indian site DNA Money: “No government has direct access to any of our users’ data. Data privacy is a top priority for us. We never provide customer data unless we receive a legally valid warrant, order or subpoena about specific accounts or individual identifiers that we have reviewed and consider legally appropriate and consistent with the rule of law and our Microsoft principles.
“Absent extraordinary circumstances, in the vast majority of cases we redirect governments to seek data directly from commercial customers or to allow us to tell our commercial customers when the government seeks their data.”
Microsoft wouldn’t go into specifics of cases but acknowledges that the data sharing arrangements do exist.
At present, it’s not clear if the banks or Microsoft has a specific case to answer, despite the news coming as a surprise to millions of customers. All affected parties defend their privacy policies. μ
Source : Inquirer