Digital Privacy and Encryption

In a federal COVID‑19 unemployment‑fraud case in Guam, Microsoft confirmed it provided BitLocker recovery keys to U.S. investigators so they could unlock three encrypted Windows laptops believed to hold evidence. The devices used BitLocker, which scrambles entire drives, and the keys were accessible because the users had backed them up to their Microsoft accounts, a convenience the company encourages. Microsoft told Fox that it receives roughly 20 such legal requests per year and can only comply when customers choose to store their keys in the cloud, undercutting the common assumption that encrypted data is always inaccessible to providers. Encryption experts quoted in the piece stress that the core issue is key control: when a third party holds both the data and the decryption keys, 'lawful access' becomes a built‑in feature that can eventually be misused, while Apple‑style and Google client‑side models are designed so the vendor cannot unlock user data even under government pressure. The story is already stoking debate among privacy advocates and security professionals about whether default cloud key backup crosses a line users never clearly agreed to and whether people should now disable or relocate those keys.