Microsoft Logo Microsoft e

Around two weeks ago, Microsoft published its first ever National Security Letter (NSL). The letter shows a data requests to the company by the FBI. In its transparency report, Microsoft also put a figure on how many total surveillance requests were made by government agencies through 2016. However, it appears the company fudged the numbers.

Microsoft emailed us to point out it had made a “human error” in the initial reporting. The company originally said it received between 1,000 and 1,499 surveillance requests for foreign intelligence purposes (known as FISA) from January to June 2016.

It turns out that figure is not accurate. In the email, a Microsoft spokesperson told us “the correct range for this time period is 0 – 499 FISA orders seeking disclosure of customer content.”

It is worth pointing out that Microsoft offers these ball park figures on purpose. The company is not legally allowed to publish specific figures. Expanding on the error in the blog post, Microsoft says:

“*Editor’s note on April 25, 2017: Our latest U.S. National Security Orders Report and accompanying blog post contained an error, reporting that from Jan. 1 – June 30, 2016 Microsoft received 1,000 – 1,499 FISA orders seeking disclosure of customer content. The correct range is 0 – 499 FISA orders seeking disclosure of customer content. All the other data disclosed in the National Security Orders Report was correct.”

The company says it acted quickly to rectify the error once the mistake became known. Microsoft says it wants to be as accurate as possible to build transparency.

Dealing with Data Requests

Microsoft and the Justice Department have been waging a legal war over the last three years. The company did not comply with a NSL request for customer information in 2015. DoJ officials requested data related to the San Bernardino terror attacks to aid its investigation. Microsoft stored the data in an Irish datacenter and denied the request.

The company argues that the government should go through legal channels to acquire the data from Ireland.