Fine, I guess I will play the role of Microsoft advocate. I will have to shower later, but OK. I guess I should have been a lawyer instead of a Software Engineer because I can actually put emotions aside and defend people I despise.
I will have to disagree with you. If the account is located in the US and all content with regards to the account is in the US, then US law would apply not French. The nationality of the account owner is irrelevant. France or any other country in Europe can pass all the laws they like, but if it concerns US assets located on US soil, it does not matter.
That would be tantamount to saying France can pass a law that makes it illegal in New York State for people to use Twitter, and that law would be binding.
And it does not matter what European law bestows what guaranteed right of privacy on its citizens. European law does not apply to the US. Just as US law does not apply to Europe. Well, there is one exception to this. Sometimes injunctions and judgments issued by UK and US judges are enforceable in both countries. This is only because the UK and US systems of jurisprudence are very similar. An example of this was Louise Woodward, a British au pair, was convicted of killing her employer’s baby in Massachusetts. She was released after a very short time in prison, but a Massachusetts judge issued an injunction forbidding her from profiting from the incident by writing a book or making a movie. The injunction was honored in the UK.
Likewise, whatever international law or convention you want cite does not apply in the US. Unless the international law or convention has been signed by the President and ratified by the US Senate.
First, even knowingly possessing stolen IP is a crime, but you are wrong about the French blogger not releasing illegally stolen Microsoft IP. Kibkalo updated it to his Sky Drive account, sent the blogger the links, the blogger downloaded it, and forwarded it. From the charging documents:
“13. The source indicated that the blogger contacted the source using a Microsoft Hotmail e-mail address that TWCI had previously connected to the blogger. After confirmation that the data was Microsoft’s proprietary trade secret, on September 7, 2012 Microsoft’s Office of Legal Compliance (OLC) approved content pulls of the blogger’s Hotmail account”
And:
“17. While reviewing the blogger’s e-mail account, Microsoft also located Instant Message(IM) communications between the blogger and KIBKALO on or around September 09, 2012, in which they discussed the logistics of exchanging data amongst themselves. A subsequent review of KIBKALO’s accounts found references to the Activation Server SDK sample code in the unallocated clusters of the virtual machine used by KIBKALO, as well as in the log file for KIBKALO’s SkyDrive account. The sample code in KIBKALO’s accounts was the same sample code that the Microsoft source received from the blogger, prompting Microsoft’s investigation”
So, he released it to at least one person, “the source.” “The source” was probably somehow connected to Microsoft, was scared when he received it because he knew having it violated his NDA, so he contacted Microsoft management. Plus, the blogger’s IM trail clearly shows he at least attempted to distribute known stolen Microsoft IP to a “hacker,” we do not know for sure it he succeeded. He said he would ask his “hacker” friend if he was interested. He does mention that what Kibkalo was doing is highly illegal, but does not make any objections to it, and it must not have concerned him too much since he did download the stolen IP.
The simplest explanation is probably what is true. Whether or not Microsoft could have the blogger legally prosecuted is not the point. Microsoft probably confronted him with the evidence they had told him they were going to have him prosecuted unless he cooperated—whether they could or not is not important—the blogger got scared, “rolled over” on his friend, and told Microsoft everything. That is a standard tactic investigators use, both public and private. Again the blogger had the right not to say anything to Microsoft, but he was most likely scared because he knew he was engaging in illegal or at least “grey area” activity.
And I have to disagree with you; the entire proceeding with regards to the French blogger is much ado about nothing.
The real question is what was Kibkalo doing in the US and how did he get there. Was he living in the US? Was he tricked into coming to the US? Was he kidnapped?
If he was kidnapped, then that is a very big deal, and Microsoft needs to be held accountable for it.
But the rest of this is just pure sensationalism.
You can fault Microsoft for many things—many, many things. But investigating how and who stole and released their crappy IP to the public is not one of them. If they engaged in any tangible criminal actively—like kidnapping, then whoever is responsible at Microsoft needs to be prosecuted to the fullest extent of the law.