Last week, a criminal complaint involving a rogue Microsoft employee revealed that the company had gone through messages of a Hotmail user in 2012, looking for confirmation that this person had received unreleased, stolen Microsoft code from the employee.

Even though the terms of service for Internet services provided by Microsoft and other companies make you consent to give them broad access to your stuff, it was a shock to hear that Microsoft took advantage of it. In the case in question, it was a fundamental conflict of interest.

At first, the company’s response to the kerfuffle was to argue that it didn’t have much of a choice, because it’s impossible to get a court order permitting a company to search its own servers. It said that in future such scenarios, it would let an outside expert who used to be a judge make the call. But now it’s dumped that position and is taking a much more consumer-friendly stance.

Here’s how Executive Vice President of Legal and Corporate Affairs Brad Smith explains it in a blog post:

Effective immediately, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property from Microsoft, we will not inspect a customer’s private content ourselves. Instead, we will refer the matter to law enforcement if further action is required. In addition to changing company policy, in the coming months we will incorporate this change in our customer terms of service, so that it¹s clear to consumers and binding on Microsoft. It¹s always uncomfortable to listen to criticism. But if one can step back a bit, it¹s often thought-provoking and even helpful. That was definitely the case for us over the past week. Although our terms of service, like those of others in our industry, allowed us to access lawfully the account in this case, the circumstances raised legitimate questions about the privacy interests of our customers.

Good for Microsoft for thinking this over and coming to a conclusion that errs on the side of protecting its users’ interests instead of its own. Now that it’s done so, Google, Yahoo and others should adopt exactly the same policy.

Contact us at letters@time.com.