Microsoft gave customers' BitLocker encryption keys to the FBI — Redmond confirms that it provides recovery keys to government agencies with valid legal orders

(Image credit: Microsoft)

The FBI served a search warrant to Microsoft in early 2025 to recover the encryption keys on three laptops, with the company complying to allow the agency to access the data on the devices that it otherwise would have been unable to read. According to Forbes, Microsoft spokesperson Charles Chamberlayne said that it receives around 20 requests for BitLocker keys annually, but most of them fail because the user did not store their recovery key in the cloud.

Although there have been many requests through the years, with one Microsoft engineer even claiming that the U.S. government approached him way back in 2013 to install a backdoor in the encryption system (which he declined), this is the first recorded instance where the tech company complied and resulted in a breakthrough for the government.

BitLocker is Microsoft’s built-in drive encryption system to protect Windows 11 users. And while it’s mostly designed to prevent unauthorized access to a drive’s contents, it has also experienced some bugs that can cause a significant loss of data, especially if you forget your encryption key. Nevertheless, Microsoft backs up your BitLocker keys online by default, making it more convenient for users to unlock their drives for situations like this. However, this also makes them vulnerable to valid government requests — not just from the U.S., but from other governments, as well, with less than stellar reputations, especially in human rights.

Apple offers a similar encryption system to Microsoft’s BitLocker with FileVault and Passwords, while Meta also keeps encrypted backups of WhatsApp data. Both companies allow users to keep backup keys for these systems online, but they’re also kept in an encrypted file. So, even if a government agency requests a copy of the stored key, neither Apple nor the concerned agency can unlock it without the proper key. Furthermore, Forbes notes that neither Apple nor Meta is known to have acquiesced to a request for an encryption key.

Follow Tom's Hardware on Google News, or add us as a preferred source, to get our latest news, analysis, & reviews in your feeds.

TOPICS

Jowi Morales is a tech enthusiast with years of experience working in the industry. He’s been writing with several tech publications since 2021, where he’s been interested in tech hardware and consumer electronics.

3 Comments Comment from the forums

Math Geek

Anyone surprised by this or believes it the first time, really needs to wake up. The entire point of MS keeping your encryption key is so they can snoop on your files. Secondary reason is so the US gov can access whatever they want as well from users worldwide.

This is not a secret, it's only unknown to those deliberately avoiding reality.
Reply
jp7189

Math Geek said:
Anyone surprised by this or believes it the first time, really needs to wake up. The entire point of MS keeping your encryption key is so they can snoop on your files. Secondary reason is so the US gov can access whatever they want as well from users worldwide.

This is not a secret, it's only unknown to those deliberately avoiding reality.
Thats a little over paranoid take on it. Bitlocker, like most "at rest" encryption is freely accessible when the device is powered on and unlocked. You don't need a key to snoop at that point.

In this case the FBI physically confiscated the laptops. No snooping about it.

All this article is reaffirming is that key management is a B. How and where those keys are stored is important.

Moral of the story, don't store your keys in a place that's accessible by the people you're trying to hide data from.
Reply
ezst036

Giving up the keys, not a surprise at all.

Again, the need for distributed computing could not be more clear.(FOSS/Linux/etc)
Reply