Microsoft can hand over BitLocker recovery keys to law enforcement

Microsoft has confirmed to Forbes that it will provide BitLocker recovery keys to law enforcement when served with a valid legal order and the keys were backed up to Microsoft’s cloud; ZDNET reports this occurred in a case in which FBI agents in Guam obtained keys to access suspects’ encrypted files.

BitLocker encrypts an entire Windows hard drive and requires a recovery key to decrypt it. Microsoft encourages users to back up recovery keys to the cloud so they can be retrieved after hardware changes or boot problems, but a Microsoft spokesperson told ZDNET that while cloud key recovery offers convenience it also carries a risk of unwanted access and customers can choose local storage instead.

ZDNET says the Guam case involved FBI agents investigating alleged theft related to the island’s COVID unemployment assistance program; Microsoft felt the request was justified and turned over the necessary keys. Forbes suggested this is the first known instance of Microsoft providing BitLocker keys.

ZDNET also notes a separate, reportedly declined, 2013 FBI request for a backdoor into BitLocker. Jason Soroko, senior fellow at Sectigo, told ZDNET that Microsoft frames the issue as a lawful-process problem rather than a backdoor problem and that the company discloses data only when legally compelled.

microsoft, bitlocker, bitlocker recovery key, microsoft cloud backup, fbi guam case, forbes report, zdnet report, valid legal order, bitlocker key backup, store keys locally, bitlocker cloud recovery, microsoft account key, key custody concerns, backdoor request 2013, jason soroko sectigo, covid unemployment theft, windows bitlocker settings, bitlocker key disclosure, encryption key handover, bitlocker local storage, bootup recovery key, key escrow risk