Microsoft revealed earlier this week that the company scanned a blogger’s Hotmail account to track down a Windows 8 leaker. An ex-Microsoft employee, who allegedly leaked confidential copies of Windows 8 and anti-piracy software, was subsequently arrested and charged after Microsoft identified the individual from a search of a French blogger’s Hotmail account. Microsoft used a clause in the company’s terms of service for Outlook.com to allow it to scan the account. The move has triggered widespread debate over the practice, and Microsoft tells The Verge that it’s planning to alter its policies for future cases.

While courts don’t issue orders to authorize a company to search its own data, Microsoft’s John Frank, VP and deputy general counsel, admits "even we should not conduct a search of our own email and other customer services unless the circumstances would justify a court order, if one were available." As a result, Microsoft’s policies are being changed so that a legal team, separate from the internal investigations team, will assess any cases to determine whether they would justify a court order. Microsoft says it will also submit the evidence to an outside attorney and only conduct a search if the former judge deems it necessary.

Microsoft promises transparency reports in the future

Microsoft is also planning to publish a bi-annual transparency report that will detail the number of searches and number of customer accounts affected. "The only exception to these steps will be for internal investigations of Microsoft employees who we find in the course of a company investigation are using their personal accounts for Microsoft business," explains Frank. "And in these cases, the review will be confined to the subject matter of the investigation." Microsoft’s full statement is available below: