MICROSOFT has confirmed that it will divulge device decryption keys stored in its cloud to law enforcement agencies, such as the FBI, provided they present valid legal mandates. A Forbes report cited in the piece notes that the FBI petitioned Microsoft for the recovery key of a device involved in a COVID-19 unemployment benefits fraud case in Guam, and Microsoft complied.
Charles Chamberlain, a Microsoft spokesperson, is quoted as saying that while key recovery offers convenience, it also carries a risk of unwanted access, so customers should decide how to manage their keys. The article states that the FBI initiates around twenty requests for BitLocker recovery keys each year, with most requests unfulfilled because the keys were never uploaded to the cloud, and it highlights that the recovery keys are not encrypted within the cloud.
It also warns that many Windows 11 users are unaware their keys are stored in the cloud or that device encryption is active, urging consideration of storing recovery keys on independent devices or in printed form. 26 January 2026.