Microsoft's compliance with a federal search warrant last year allowed the FBI to access encrypted data from three laptops using BitLocker recovery keys. This incident represents the first known instance of the tech company providing such keys to law enforcement, raising significant concerns in the cybersecurity sector.
The investigation is linked to a fraud ring associated with the Pandemic Unemployment Assistance program in Guam, involving charges against several individuals, including relatives of Lieutenant Governor Josh Tenorio. Microsoft handed over the recovery keys on February 10, 2025, following a request related to laptops seized during an FBI raid at a business owned by Charissa Tenorio, the lieutenant governor's sister.
Microsoft typically receives around 20 requests for BitLocker recovery keys annually, although it can only fulfill those where keys are backed up in the cloud. A company spokesperson indicated that while this recovery process offers convenience, it also poses risks of unauthorized access. Concerns from experts like Matthew Green from Johns Hopkins University highlight the ease with which authorities can obtain these keys, prompting discussions about privacy and data security.