For an unknown span of time, Hotmail accounts in some of the world's most oppressive and volatile countries were left without access to Microsoft's normal e-mail security features. The problem is apparently fixed now--but only after a flurry of online anger forced Microsoft to act.
The issue came to light on Friday when Al Jazeera English writer Jillian C. York wrote of a Syrian Hotmail user who was being blocked from turning on the HTTPS e-mail encryption settings on his account. Later, York noted that the person was actually in Jordan, but that the situation was the same--no HTTPS (normally, an automatically activated setting) for Hotmail.
Soon enough, the list of countries where e-mail encryption was unavailable had grown to more than a dozen, including Syria, Sudan, Iran, Egypt, Bahrain, Lebanon, Jordan, Congo, Myanmar, Algeria, Morocco, Nigeria, Kazakhstan, Uzbekistan, Turkmenistan, Tajikistan, and Kyrgyzstan.
The company waited until after it re-activated the security features in the countries, then put out a statement denying any intentional disabling.
We are aware of an issue that impacted some Hotmail users trying to enable HTTPS. That issue has now been resolved. Account security is a top priority for Hotmail and our support for HTTPS is worldwide - we do not intentionally limit support by region or geography and this issue was not restricted to any specific region of the world.
Obviously, keeping e-mails out of the hands of spying third parties is important. But in countries where besieged dictators have every reason to want to dig through the communications of disgruntled citizens, security features can be a matter of life and death.
Hopefully, no one got dragged off with a bag over their head before Microsoft fixed the "bug."