We just received an important email from Microsoft.
If you’re a user of any of Microsoft’s cloud services, you probably received one, too.
The main point of the email is to notify customers about a new Microsoft Services Agreement and a new Microsoft Privacy Statement.
If you don’t opt out by closing your account before 01 August 2015, you’ll automatically move to the new legalisms.
That doesn’t sound too onerous, or unusual, but there are lots of Microsoft services on the list, e.g. Bing, Cortana, MSN, Office, OneDrive, Outlook.com, Skype, Windows, Xbox, as well as an unnamed catchall in the form of “other Microsoft services.”
As a result, the privacy page alone is about 1500 words in its summary form, expanding to an impressive 15,000 words or so if you hit the “Expand All” button at the top.
That’s a lot of text to wade through, to be sure – for comparison, many novels weigh in at somewhere between 50,000 and 100,000 words.
However, Google recently got into general trouble in the EU, and into specific trouble with the Information Commissioner’s Office (ICO) in the UK, for having a privacy policy that wasn’t clear enough.
With that in mind, perhaps the detail provided by Microsoft is both necessary and desirable, for all that you might begin to wilt before you get to the end of reading it.
But more interesting that the new services contract and privacy agreement, is an official change in jurisdiction – or, at least, it seems that way if you’re based in Europe.
Although the email announcing the changes is tagged with Microsoft’s Redmond, Washington address, you may just find that your new contract is no longer merely with Microsoft, but explicitly with Microsoft Ireland Operations Limited.
Presumably, this legalistic switch is a side-effect of Microsoft’s brouhaha with the US authorities over access to customer data stored in its Dublin, Ireland data centre.
The US Department of Justice (DOJ) insisted that Microsoft, being a US company, should comply with a warrant requiring it to cough up email data relevant to a criminal investigation.
Microsoft dug its heels in, saying that it would not hand over the data, because it was stored overseas where the DOJ held no jurisdictional sway.
Redmond quickly acquired a swarm of fans in the technology community as a result – something of a switcheroo from the late 1990s and early 2000s, when the DOJ went after Microsoft for anti-competitive behaviour.
Back then, at least as far as we recall, public opinion was largely on the DOJ’s side, with Microsoft cast as a corporate ogre.
How times change!
PS. What do you think of this shift? Are you a US-based (or other non-EU) user of Microsoft’s on-line services? Did you receive a similar email? Will your contractual jurisdiction be changing to Ireland, too? Please let us know in the comments.
Edouin
It’s a two-edged sword. It always was, and it always will be. There are three players (four if you count lawyers), but this is a classic triangle-fight. You cannot please both at the same time, and you cannot ignore either of the other two. So, last century, Microsoft had some growing pains with the government, and needed to coddle up to them, and the citizens (users) were the ones being held over the barrel.
Today, Microsoft, still with the same sword as last century, must now look at it’s data as “product” and “intellectual property”, both of which generate revenue. The government wants to tap into that data (affecting MS’s revenue downstream if users move their data elsewhere!), or protect it’s data (and just by coincidence, the users privacy!) and maintain it’s revenue generating stream.
Government – MS – Users. A lesson MS is learning hard in Europe (as witnessed by this Ireland maneuvour).
No different if the US Gov’t went after Shell Oil for data, even though Shell Oil is a Dutch entity. For that reason, the US Gov’t can only access what is on US soil – it’s legal jurisdiction! MS is just playing the smart card – for the time being.
I suspect that the US Gov’t will try to create some reciprocal agreement with the Irish, British, Scottish and European governments for exchange of data-warrants (kind of like extradition treaties). Then we will see which way the wind will blow in Redmond. Interesting times ahead – especially in Europe, eh?
raincoaster
Huh. And here I was thinking it was just That Other Lorraine Murphy using my email to sign up for things. AGAIN.
bbusschots
As a European, I think this is a great move. To say US over-reach makes us cranky this side of the pond is putting it very mildly indeed!
Living in Ireland, the idea that a US judge thinks Irish data centres should be under US law makes my blood boil – we have MUCH better consumer protection and data protection laws here, and I do not want them circumvented by a huboristic US judge.
This simplifies things greaty – we are now European customers of a European company with European data centres – clearly, our data is now being held under European law. The contageon of bad US laws is at least somewhat contained now.
I feel bad for Americans, but, well, America is a democracy, so it’s no one’s fault but your own!
RobRoy
Is it not also a financial reinforcement? Doesn’t Microsoft (and Apple and many others) move their company profits from countries all over the world (as admitted to the Australian Senate enquiry) to Ireland where the taxes are less?
l
It’s high time Microsoft were made to ‘toe the line’ in countries other than the USA. EU law is very much not the same as US law and Microsoft have been trying repeatedly to apply US law where it has no jurisdiction. So that has to be a good step forward.
But I do not use any Microosoft service other than those I have signed up for, namely hotmail.co.uk and the support services for the Microsoft software we have to use. I do not, and will not, use any cloud services – especially not from Microsoft. So why did I get the email? Because it is meant to cover users of all any any Microsoft service or product. My ‘other half’ got one on his Samsung Galaxy Tab! Why? Becuase he uses an old hotmail account.
Paul Ducklin
Ironically, it’s the other way around in the case mentioned in the article – Microsoft was trying to avoid complying with a US warrant because its servers are in Ireland.
(To be fair to the US DOJ here – if you were a detective in a UK police force investigating UK crimes that you think were done by people in the UK who stashed their data with a UK-based cloud company, wouldn’t *you* be a little peeved, at least, to hear that company say, “Bad luck. We no play. Server in Sweden.” I’m not saying the company should comply in that case, just that there really are two sides to the story…which makes it all more fascinating. I agree with an earlier poster in envisaging “data extradition” treaties in due course :-)
Oh, BTW, if you use Hotmail (now Outlook.com), you are definitely a cloud customer of Microsoft!
sean
Oh shut up. Just couldn’t resist throwing in an insult there, could you? You’re so original, insulting the United States. By the way, we don’t vote on laws, and we certainly don’t make Microsoft Policy. If you dislike MS so much, don’t use them.
jet86
Who are you talking to here? I can’t find any insults against the United States in the article.
Ian
US residents rec’d this link:
http://www.microsoft.com/en-us/servicesagreement/default.aspx
which contains this as far as jurisdiction:
10. Contracting Entity. For use of free, consumer Skype-branded Services, you’re contracting with, and all references to “Microsoft” in these Terms shall mean, Skype Software S.à.r.l, 23 – 29 Rives de Clausen, L-2165 Luxembourg, and for paid, consumer Skype-branded Services, you’re contracting with, and all references to “Microsoft” in these Terms shall mean, Skype Communications S.à.r.l, 23 – 29 Rives de Clausen, L-2165 Luxembourg. For all other Services, you’re contracting with Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, U.S.A.
11. Choice of Law and Place to Resolve Disputes. If you live in (or, if a business, your principal place of business is in) the United States, the laws of the state where you live govern all claims, regardless of conflict of law principles, except that the Federal Arbitration Act governs all provisions relating to arbitration. You and we irrevocably consent to the exclusive jurisdiction and venue of the state or federal courts in King County, Washington, for all disputes arising out of or relating to these Terms or the Services that are heard in court (excluding arbitration and small claims court).
which are included in apparently ONLY (!) 12,394 words
wonder what the 2,606 words difference mean ? ..
Alexa Kindler
This article mentions “fáilte go hÉireann” but it fails to mention it in the text, let along develop that subject by name. Why? Maybe editor/proofreader oversight?
Paul Ducklin
Your Microsoft contract will be shifting to Ireland. Fáilte go hÉireann means “welcome to Ireland” in the Irish language. So the words _were_ developed in the text, well, sort of…though it turns out that not all of Microsoft Ireland’s customers can read Gaelic :-)
Pádraig
Go raibh maith agat a Phól !
Interesting off topic comment – I live in Ireland but cannot upgrade to ad free outlook.com ?????