US government data requests are no longer secret by default

The US government has decided that data requests to tech companies will no longer be secret by default. This allows Microsoft or Google, for example, to let users know that the US government has had access to their account.

According to The Washington Post, the new policy amounts to an end to the routine imposition of so-called gag orders or confidentiality obligations on government data requests to companies. This may include e-mails or documents, for example. The obligation prevents companies from informing their customers about the requests. In many cases, there would also be no end to gag orders due to the lack of an end date.

The new policy would require prosecutors to substantiate their requests for secrecy, making an “individual and meaningful assessment.” The duty of confidentiality should also not last longer than one year, with the exception of special cases. Microsoft says it’s happy with the changes, but believes a law change is also needed to amend the Electronic Communications Privacy Act, which the company says is problematic. In a blog post, Microsoft writes that “it is taking steps to withdraw the lawsuit by implementing the new policy.”

Microsoft filed a lawsuit against the US government last April over its practice of “routine secrecy,” as the Redmond company described it. It believes this is against the Constitution. At the time, it said that confidentiality requests may be justified in certain cases, but that they should not be sent with every request by default. In its current blog post, Microsoft reiterates that in an 18-month period, 68 percent of non-disclosure requests also have no end date.