(Credit: Beata Zawrzel/NurPhoto via Getty Images)
Microsoft handed over keys to BitLocker-encrypted data stored on its servers during an FBI probe last year, granting access to data on three separate laptops.
BitLocker, a built-in data protection feature for Windows, is used by millions of users worldwide to encrypt data on their devices, and has come preinstalled on many Windows devices since Windows 11. Users can choose to store keys locally on a device, such as a USB drive, or on one of Microsoft’s servers.
Forbes reports that Microsoft handed the keys over in early 2025, following an FBI request during an investigation into alleged unemployment fraud on the Pacific island of Guam. The case is still ongoing, and about seven people have been charged so far, according to local media.
Microsoft spokesperson Charles Chamberlayne told Forbes the company hands over encryption keys to federal authorities if it receives a valid legal order, and that it receives around 20 such requests for BitLocker keys a year. This is the first publicly documented case of Microsoft actually doing so.
It’s possible that the FBI would never have been able to decrypt the data without Microsoft’s assistance. Forbes points to a court document from 2025 in which a forensic expert associated with ICE’s Homeland Security Investigations said his agency “did not possess the forensic tools” to bypass BitLocker’s encryption without the necessary keys.
Microsoft may be taking a different approach to its encryption services than other tech giants. Apple has been very public in stating it is unwilling to hand over keys for federal investigations, and Apple CEO Tim Cook made a public statement in 2016, following a request to supply keys to encrypted data after a mass shooting in San Bernardino, California, earlier that year, calling it “overreach” by the government and warning of far wider implications.
Cook said that while he believed the “FBI’s intentions are good,” it would be wrong for the government to force Apple to create a “backdoor” into its products. Cook said the demand “would undermine the very freedoms and liberty our government is meant to protect.” The requests were followed by a legal battle, after which the US Department of Justice eventually withdrew its legal action against Apple.
Meta’s WhatsApp also offered to support Apple’s battle with the UK government in 2025, applying to give evidence when the iPhone maker refused to comply with requests to provide a backdoor to iCloud data.
Matt Green, a cryptography expert and associate professor at the Johns Hopkins University Information Security Institute, told Forbes that Microsoft does have the power to resist government data access requests.
“If Apple can do it, if Google can do it, then Microsoft can do it. Microsoft is the only company that’s not doing this,” he said.
The cryptography expert highlighted that handing over keys to encrypted data gives “the government access to information well beyond the time frame of most crimes—everything on the hard drive.”
He added: “Then we have to trust that the agents only look for information relevant to the authorized investigation, and do not take advantage of the windfall to rummage around.”