What happened
Microsoft provided the FBI with BitLocker encryption recovery keys, in response to a warrant, to decrypt hard drives of individuals involved in an alleged fraud case in Guam. This action confirms Microsoft's capability to access and disclose customer BitLocker recovery keys when legally compelled, thereby altering the perceived data access controls for BitLocker-encrypted devices managed through Microsoft services.
Why it matters
This event introduces an operational constraint for IT security and compliance teams, as the dependency on Microsoft for BitLocker key management now carries a demonstrated risk of third-party access. It reduces the perceived strength of BitLocker as a sole data control mechanism against external legal requests, increasing the oversight burden on data protection policies and requiring re-evaluation of data residency and key management strategies.
