Though the process may be legal, a larger queasiness arises because, as worded, Microsoft's TOS could submit a user's inbox to those searches merely by violating its Code of Conduct. That could happen by (for example) emailing links that depict nudity, incite or express profanity, or facilitate the sale of firearms. Crocker himself states that, presumably, Microsoft isn't using these standards as an excuse to dig through Outlook.com inboxes. His problem with its actions is more that by relying only on permission given by internal and external legal teams and its TOS, but not the actual court system, a potential for abuse exists.

As The Guardian details, other providers like Apple, Google and Yahoo (or likely AOL, which owns this blog) have similarly worded policies that could be used to access user data in order to protect their property. We asked Crocker about those, and he states that the EFF's criticism stands in regards to similar policies, and that, while this particular case likely arose from an unusual set of circumstances, the fact we have no way of knowing if a company accessed our data is troubling (In the update on its policies, Microsoft said it would include data on the number of these types of searches in its bi-annual transparency report). In one case, TechCrunch founder Mike Arrington even claimed that while he cannot be sure, he's "nearly certain" Google may have accessed his Gmail inbox to sniff out a leaker. Whatever the case, we suddenly have some weekend reading time set aside for the topic of end-to-end encryption with GNU Privacy Guard and "how to setup your own email server."