Staff Reports
The American Accountability Foundation has asked the Department of Justice’s Office of the Inspector General to open an investigation into Microsoft. The group says Microsoft may have misled federal customers about the security of its products and that former DOJ officials who later joined Microsoft could create conflicts of interest. If true, these are serious charges that deserve a full and speedy probe.
What the watchdog is accusing Microsoft of
The AAF’s letter asks acting DOJ Inspector General William Blier and acting Attorney General Todd Blanche to examine whether Microsoft violated the False Claims Act by making false security promises to federal customers. The group points to the Cyber Safety Review Board’s blunt finding that Microsoft had an “inadequate” security culture, and says that clashes with Microsoft’s past assurances to agencies. The watchdog also wants the OIG to look at the conduct of former and current DOJ officials involved in Microsoft probes who later took jobs with the company — a classic revolving-door concern.
Who’s named and why the conflicts matter
The names raised include former Deputy Attorney General Lisa Monaco, former Cyber Safety Review Board members Bryan Vorndran and Jerry Davis, and former Principal Associate Deputy Attorney General John Carlin. AAF notes that most of those people later worked for Microsoft, and suggests at least one may have represented the company at some point. That pattern — regulators who become industry hands — creates the appearance of captured enforcement and invites suspicion about whether federal cybersecurity oversight has been compromised.
Why this is about more than corporate PR
This isn’t just a tiff over marketing copy. If federal agencies bought cloud services or software based on security claims that turned out to be false, taxpayers and national security could be at risk. The False Claims Act is there for a reason: to hold vendors accountable when promises to the government are more spin than substance. If the AAF’s allegations hold up, we need to see civil enforcement and clear answers about who knew what and when.
Washington has a long habit of letting influence and access trump accountability. The OIG should treat this request seriously, dig into the facts, and report back publicly. Americans don’t want theater or leaks — they want real answers and stronger rules to stop cozy handoffs between regulators and the companies they once policed. If the DOJ won’t act, Congress should. And if Microsoft’s security talk doesn’t match its security walk, taxpayers deserve a refund — or at least an explanation that doesn’t read like a press release.
