Redmond has allegedly infringed a British privacy law as part of the PRISM program

Dec 6, 2013 09:50 GMT  ·  By

Microsoft has been sued by a British journalist for sharing user details to the NSA as part of the PRISM program disclosed by whistle-blower Edward Snowden earlier this year.

Kevin Cahill, the plaintiff, claims that by disclosing private data on UK citizens to the United States government, regardless of whether this happened following a legal request or not, infringed the Data Protection Act, a British law that protects users’ privacy.

Microsoft has already confirmed the lawsuit in a statement for Computer Weekly, but has obviously refused to provide any specifics on the case.

“We have been notified of an action being filed, and will be responding to it in due course. It would be inappropriate to comment further on the details of an active legal case,” a company spokesperson was quoted as saying.

While Microsoft has always said that it only shared user details based on federal requests, the case is particularly dangerous for Redmond because it could clearly lead to many more lawsuits accusing the company of breaching privacy laws.

“Microsoft allegedly betrayed its customers by providing their personal information, without their consent, to the NSA,” human rights lawyer Geoffrey Robertson QC told the same source. “This would constitute a serious breach of the British Data Protection Act, by an American company putting its allegiance to America above its legal duties to its British customers.”

“The invasion of privacy, by deliberately declining to obtain a customer’s consent before exposing their personal details to another, deserves to be compensated on the same basis as obtaining personal data by hacking mobile telephones.”

It turns out that Cahill has filed similar complaints against some other large tech companies, including Google and Facebook, but in Microsoft’s case, he only asks for £1,000 in damages (€1200/$1630).