Overview
- Forbes reported, and TechCrunch corroborated, that Microsoft provided BitLocker recovery keys to unlock three laptops in a Guam fraud probe tied to Pandemic Unemployment Assistance.
- A Microsoft spokesperson said the company provides recovery keys when it has access and receives a valid legal order, noting it gets about 20 such requests per year.
- By default, BitLocker stores recovery keys in a user's Microsoft account, enabling lawful access, though users can choose local-only options like a USB drive or printed key.
- Court records and a defense lawyer indicate the warrant was executed successfully and that case materials referenced BitLocker keys supplied by Microsoft.
- Experts and lawmakers warned that vendor-held keys can expose entire drives, create risks from foreign demands or cloud breaches, and reflect law enforcement’s inability to break BitLocker without a key.