Microsoft gave customers' BitLocker encryption keys to the FBI — Redmond confirms that it provides recovery keys to government agencies with valid legal orders

The FBI served a search warrant to Microsoft in early 2025 to recover the encryption keys on three laptops, with the company complying to allow the agency to access the data on the devices that it otherwise would have been unable to read. According to Forbes, Microsoft spokesperson Charles Chamberlayne said that it receives around 20 requests for BitLocker keys annually, but most of them fail because the user did not store their recovery key in the cloud.

Although there have been many requests through the years, with one Microsoft engineer even claiming that the U.S. government approached him way back in 2013 to install a backdoor in the encryption system (which he declined), this is the first recorded instance where the tech company complied and resulted in a breakthrough for the government.

BitLocker is Microsoft’s built-in drive encryption system to protect Windows 11 users. And while it’s mostly designed to prevent unauthorized access to a drive’s contents, it has also experienced some bugs that can cause a significant loss of data, especially if you forget your encryption key. Nevertheless, Microsoft backs up your BitLocker keys online by default, making it more convenient for users to unlock their drives for situations like this. However, this also makes them vulnerable to valid government requests — not just from the U.S., but from other governments, as well, with less than stellar reputations, especially in human rights.

“While key recovery offers convenience, it also carries a risk of unwanted access,” Chamberlayne told Forbes. “So, Microsoft believes customers are in the best position to decide… how to manage their keys.” Americal Civil Liberties Union (ACLU) surveillance and cybersecurity counsel Jennifer Granick also said, “Remote storage of decryption keys can be quite dangerous.”

Apple offers a similar encryption system to Microsoft’s BitLocker with FileVault and Passwords, while Meta also keeps encrypted backups of WhatsApp data. Both companies allow users to keep backup keys for these systems online, but they’re also kept in an encrypted file. So, even if a government agency requests a copy of the stored key, neither Apple nor the concerned agency can unlock it without the proper key. Furthermore, Forbes notes that neither Apple nor Meta is known to have acquiesced to a request for an encryption key.

Follow Tom's Hardware on Google News, or add us as a preferred source, to get our latest news, analysis, & reviews in your feeds.