What is the meaning of 'police request'?
I did not find that explained in the article. By that, do they mean an informal (or formal, for that matter) request from a police force, as opposed to a court order?
If it is the former, what is the exact nature of the information disclosed on that one to thirteen percent of cases, and why has it been disclosed at all? Did that include any personal or what some national privacy laws call "sensitive" information (gender, age, ethnic background, beliefs, ...), which even the police are prevented from accessing in the general case?
I understand that there might be a case for disclosing some information absent a court order: for example, a business I have an interest on will release certain data relating to a user's access to a certain service, following an accident or serious incident, to the relevant investigating agencies, in the context of the safety investigation aimed at understanding the causes of the event and preventing re-occurrence (the results of these investigations are explicitly excluded from any legal proceedings). However, in the same instance, "my" business will not release any information whatsoever for any purposes other than the aforementioned, unless an order from a competent court has been served. A mere police request is not enough to cause any action on our part, on the basis that we are not qualified to judge the merits of it--that's what a tribunal does.
Not trying to second-guess Microsoft or anyone else here, just thinking that a bit more detail on the extent to what disclosures are made and the circumstances thereof, would be a welcome addition to the article.
Biting the hand that feeds IT
