
Ask HN: My Microsoft account has been suspended by Microsoft without details - ThoAppelsin
My entire Microsoft account has been suspended, due to the violation of the Terms, by Microsoft, and without any further details. At the time of incident, I was not doing with the account or anything digital, and rather was cooking&#x2F;eating dinner, when my computer received a notification about a problem with my Microsoft account.<p>I am not given any other options than to Contact Support about it, which I did yesterday and got an answer today that tells me nothing more than the very few that I know:<p>&gt; Microsoft disabled access to the account due to a serious violation of the Microsoft Services Agreement https:&#x2F;&#x2F;www.microsoft.com&#x2F;en-us&#x2F;servicesagreement. As stated in the Microsoft Services Agreement, you will no longer be able to access any Services that require Microsoft account. For any subscriptions associated with the account, Microsoft will immediately cease charging the credit card on file for recurring charges. [...] Pursuant to our terms, we cannot reactivate your account, nor provide details as to why it was closed. This represents Microsoft’s final communication regarding this account.<p>I hope that I am not violating any other terms by sharing these messages. I do it out of frustration to know what exactly I might have done to deserve this, something more detailed than &quot;you have violated our Terms as you eat your dinner&quot;, because without knowing which action of mine caused this, I either;<p>a) Will be unable to understand my mistake and not repeat it,<p>b) Will fear out of doing nearly everything and refrain from them, such as using a VPN on Amazon&#x27;s AWS at Ohio, which I am sincerely suspicious of.<p>Microsoft&#x27;s own way of justice is against the legal systems in all the modern countries, which always makes sure that the accused knows their faults, as one of their rights, and for the benefit of the accused not getting involved in such acts for a second time, for that they this time will know.
======
ddtaylor
This is becoming much more common. A YouTube channel I created to poke fun at
rap music was brigaded after I submitted it to a popular group on Reddit. They
reported so many of my videos so quickly that before I could finish the appeal
of a single community guideline I had 3 strikes and my channel was permanently
deleted before I ever received any feedback or appeal.

~~~
walrus01
As a network engineer, with 'enable' on a lot of the bare metal devices that
actually run the cloud...

This is why I don't put anything that I care about on a service or system I
don't control. If I want to host videos I care about staying online, they live
on a VM configured for a pretty common LAMP stack which exists on a hypervisor
that I own and control down to the bare metal and the contract for the colo
rack space and 208VAC power.

Using this example, that same 1RU system has a connection to an ISP that I
know and trust. It's not going to go offline unless I were to do something so
terribly abusive (in terms of network abuse) or illegal that it would cause
them to admin down the 1000BaseT port facing it. Or it could theoretically go
offline if I used it for illegal outbound network activity and somebody from
the local FBI field office showed up with a warrant to take it (again highly
unlikely, because I don't do that shit). Those are just about the only
circumstances in which a third party could bring it offline.

~~~
excalibur
> Those are just about the only circumstances in which a third party could
> bring it offline.

This sounds like a challenge. Does the winner get a bottle of scotch?

~~~
walrus01
Well I'm certainly not going to post the IP addresses of its public netblock
for anyone to DDoS. Though my upstream, and its upstreams, do have DDoS
mitigation services in place.

:)

edit: actually, yes, the winner would get a bottle of scotch. I have had
people that I know and trust, with my permission, attempt to gain external
access to it, without success. Not claiming I'm any sort of netsec wizard,
just that I have a layered defense of most common security precautions for
anything that has a public static IP address these days. Nobody has been
successful yet. It could theoretically be brought down by:

a) social engineering the ISP it's hosted at (unlikely, they know me, I know
them)

b) physical removal (its reverse DNS gives no indication of where it's
physically located other than within a major metro area, could be at one of
about twenty different datacenters. all of which have reasonably good physical
security in place).

c) false legal claims causing some legal authority to bring it down,
theoretically possible, but unlikely given the strong EFF/ACLU supporting
political stance of the owners of the ISP it's hosted at. They would fight
anything short of a court order that they could be held in contempt of.

d) Extensive sustained DDoS. I don't have any enemies that would be interested
in wasting a DDoS on this, but its upstreams have a LOT of extra peering and
transit capacity to absorb DDoS up to the 150Gbps range.

e) hardware failure, it's not perfectly 1+1 redundant in everything. but I
have backups of every VM that can be brought up fairly quickly on a temporary
dedicated server in a new, different, geographically diverse location fairly
quickly.

f) some terrible unknown zero day exploit on one of the few daemons that
listens to the public interface, through which some method of accomplishing a
user and then su/sudo root shell might be possible.

------
ryandrake
Everyone should take some time to go through their online accounts and ask:
“if I were to wake up tomorrow banned from this account, would it be a
disaster?”

If the answer is “yes” you should take corrective action right away and make
that answer “no.” Or at least minimize the number of accounts for which the
answer is “yes”.

The reality is that this could happen to anyone, for any or no reason. Don’t
pin your life to an online account you have no real right to.

~~~
ryanmarsh
By your logic Apple completely owns me. I have no idea what to do about that.
To start with I could run my own email server on my own domain (something I
did years ago and have no appetite for in the modern mail deliverability
cesspool). That’s just email. If they wanted to disable my phone or apps I
rely on I’d be equally screwed. Is there a way to live digitially today that
isn’t at the pleasure of some large tech company?

~~~
AH4oFVbPT4f8
When was the last time you backed up your email? I recently moved off of Gmail
to Fastmail just to make it easier to have a backup copy outside of Google's
control. I keep most of my photography (500GB) in OneDrive spread across three
machines and yet I still have multiple external hard drive copies just incase
OneDrive does a complete wipe across all my systems.

For the apps, couldn't you create a new account (sure you'd have to buy the
apps again) and be back up and running?

~~~
stevehawk
It's funny. I go through great lengths to encrypt and back up most things of
mine but the one thing I just realized I was overlooking? Fastmail. It exists
on their server and on my phone in their mobile app but I never thought to
just setup Thunderbird/IMAP and keep a local copy updated every so often. It's
easy to overlook something.

~~~
jolmg
Does Thunderbird keep a local, accessible copy of whole accounts when using
IMAP? Since the traditional way of using IMAP is by keeping the mails on the
server and interacting with them via the server, I would think it doesn't.

Personally, I'm using nodejs-notify[1] to watch all mailboxes of all accounts
via IMAP IDLE, and have it execute mbsync[2] when it receives an event to sync
the account with a local Maildir. I got my MUA (mu4e[3]) configured to use
those Maildirs without doing any IMAP itself.

[1] [https://aur.archlinux.org/packages/nodejs-
imapnotify/](https://aur.archlinux.org/packages/nodejs-imapnotify/)

[2]
[https://www.archlinux.org/packages/community/x86_64/isync/](https://www.archlinux.org/packages/community/x86_64/isync/)

[3]
[https://www.archlinux.org/packages/community/x86_64/mu/](https://www.archlinux.org/packages/community/x86_64/mu/)

~~~
jocoda
thunderbird can be configured to store mail locally. look at the folder
properties /synchronization. has an option for offline use

------
jimnotgym
This is a stark reminder about the dangers of signing your life over to saas.
If you are in the EU you might want invoke your right to an electronic,
transferable copy under GDPR

~~~
flyinghamster
What's especially infuriating is the dark pattern that began with Windows 8
and has become worse in Windows 10: hiding that you can create a local account
instead of using a Microsoft clown, er, cloud account.

The more I see things like this happening, the less I want to entrust anything
important to MS, Google, Amazon, etc.

~~~
bmarquez
Yes, not only does Microsoft push their cloud account for login, they also
spam ads in their notification bar. Going from memory, exact words may vary:

\- "Install Microsoft Authenticator to log in with your phone"

\- "Sign up for OneDrive to protect against ransomware attacks"

\- "Do more with Microsoft Edge!" (this one shows up when you change your
default browser)

I prefer my operating system to not upsell me.

~~~
jackhack
There is also : "There must be a problem with your Microsoft account. Click
here to fix it" alert on the notification bar.

The only problem with my Microsoft account seems to be that I didn't create
one. Not a problem to me, but obviously a problem at Microsoft. |But then I'm
only the guy who BOUGHT the computer and deliberately avoided creating a MSFT
account. What do I know? Funny how there's no "go away and never bother me
again" option on that alert.

more and more, Microsoft makes me feel like a visitor in my own home
(computer).

~~~
dm319
> Microsoft makes me feel like a visitor in my own home (computer).

I think it started with XP. If you tried to avoid installing windows genuine
advantage (by deselecting it during the update procedure), it would come up
again, then come up with increased frequency. Until in my case, it somehow
just started installing itself of it's own accord.

~~~
Multicomp
But wasn't WGA somewhat a part of verifying a given installation of Windows
wasn't pirated?

~~~
yebyen
You mean that Windows installation that you bought (directly or indirectly),
that potentially didn't have this WGA feature on it when you bought it?

~~~
yebyen
No clue why am I being downvoted? Maybe it will help to show my point if I say
more... Windows didn't always have WGA on it, but people have been paying for
Windows for decades. My first Windows license was Windows for Workgroups. 95
and 98 didn't have WGA, and earlier versions of XP didn't have it either. WGA
came labeled as a "Critical Security Update."

People paid money and bought computers that came bundled with Windows
licenses, and then they paid money for Windows major updates, and then
ultimately Microsoft decided to bundle most of the updates for free. But one
day in one of the free updates, they added in WGA (how is this not bait and
switch of loyal paying customers? My operating system needs to phone home for
security reasons?). But you had to opt-in. Then they decided in a later free
update that it wasn't such a great idea to allow their users to permanently
opt out, and their software got increasingly aggressive about making sure WGA
was always enabled. You could opt out, but it tried again. And finally you
just couldn't opt out anymore.

Then they used dark patterns to ensure you would think you needed a Microsoft
account just to log into their computers. Wait was it your computer? Now this
article about someone whose Microsoft account was closed without explanation
and they're up shit-creek for it.

Is this not all absolutely part of the same conversation? It's a long history
with a lot going on in it. This is not a rant against Microsoft, but a
cautionary tale against depending on SaaS and letting it creep into your
stack, as that's apparently also what Windows has become now, too.

I was 10 years old in the 1990's and recently I realized that I had actually
convinced (or suppressed) in my memory that IE was never really a monopoly,
but the historical statistics on browsers tell a very different story. So
maybe my memory is not so good about IE, and given that I switched to an Open
Source system in my teenage years and didn't look back, perhaps that can be
excused, but still most people actually haven't. (Hell, some are still using
IE...)

I guess it's true that, with the coming of the Internet, and the possibility
that you could easily download and pirate Windows, if everyone knows this and
WGA doesn't happen in 2008, then your security is legitimately at risk if
Microsoft can't profit off of Windows, because then they won't have any
incentive left to provide updates except at cost... and you need updates (we
need you to get updates, it's like a vaccine that herd immunity only works to
stamp out the disease if most people get innoculated.)

Microsoft is much bigger now than when the internet was new, and I think are
not really worried about making a profit off of Windows anymore. But as a
Windows user, I think that understanding of the history and assessment of the
current state of where we are at with Windows profitability and updates would
be troubling, for me.

~~~
dm319
You have absolutely hit the nail on the head, and the way you describe the WGA
update is exactly as I remember. I didn't want it installed. Back then
resources were a bit more scarce and both startup programs as well as regular
ones seemed to significantly slow the boot times. I also didn't want a piece
of software that would use both CPU and network resources that was of
absolutely no use to me.

The feeling of being given the option to choose, then being coerced strongly
(with my resistance) and then being forced upon my laptop gave a strange sense
of having been violated.

In a way I'm glad it happened. I was so annoyed / possibly angry? that it
prompted me to find a different OS, and my only regret was not finding it
earlier.

------
bad_user
The takeaway for the rest of us is that you should never depend so much on one
big company. Put your eggs in multiple baskets, preferably the smaller players
(but not too small, as that might mean incompetent).

E.g. my email, calendar and contacts are at FastMail with my own domain, cloud
storage is at Dropbox but looking to migrate to pCloud (after their recent
fiasco). For notes I use Evernote, but investigating Standard Notes. I also
don’t buy DRM-ed books or other products, e.g. I buy DRM-free audio books from
Downpour. I have a Spotify account but I regularly buy the music I like. I
have an iPhone but I’ll be damned if I’ll let Apple dictate my web browser
therefore I use Firefox and apps that play along with it.

My Google and Microsoft accounts are basically unused. I use Docs at times but
I regularly back them up automatically. I don’t even use Google’s Search
anymore. I have some apps purchased for Android but I stopped using Android
for now. If they block me for anything, I couldn’t care less.

These companies that have products in multiple markets are after lock-in of
their users by any means necessary. Don’t fall into that trap. The
alternatives cost more, but your freedom and privacy are worth it.

~~~
emodendroket
Fastmail sounds alright, but realistically whoever your e-mail provider is
you're in trouble if they go away.

~~~
Klathmon
Use your own domain at the very least. Preferrably one that is your legal name
so that if anyone ever tries to take it (either from just buying it if it
lapses, or just attacking it/you) you have some legal protection in the US
from the ACPA.

Then it's just a matter of keeping backups of your email.

~~~
codazoda
Agreed. I use my own domain and I use my providers email forwarding to a sass
email client. If my email provider pisses me off I just change my forwarding
to some other provider. I may lose old mail, if the provider goes away
completely, but that's not too big a deal for me and backups could solve it if
it was important.

Now, if my domain host goes belly up, I'll probably have a somewhat painful
process of porting my domains elsewhere. It's still doable but it would
probably mean a few days of downtime.

------
hyperman1
A few years ago, google tried introducing a real name policy on google plus.
Accounts were being banned left and right. Google removed everything including
gmail when they decided your name was wrong on plus.

That was when I realized I could not participate in plus: I realized how
important my gmail account had become. I am diversifying and backing up today,
but gmail stays a single point of failure.

The result: Even if google drive and a lot of their services sound really
nice, I simply do not dare using them. I can't even take the risk of paying
them: Anything non-gmail is a chance for them to obliterate my digital life.

Opening a second account is probably a bad idea: One day some algorithm will
find out and either merge them or simply nuke both.

Not shooting at google specifically, this AskHN proves microsoft is just as
bad. But it sounds to me these companies will have to do something or lose
user trust.

~~~
ddebernardy
> Opening a second account is probably a bad idea: One day some algorithm will
> find out and either merge them or simply nuke both.

Nuking both would be nuts except in extreme edge cases. It could potentially
nuke the accounts of all spouses and parents and kids who share a laptop at
home. Granted, everyone has their own writing style and computers seem good at
identifying text written by people based on the latter, but that's still a big
risk for the tech company.

~~~
hyperman1
The point is: They are, for all relevant criteria, nuts.

It is cheaper and less risky for them to be completely insane pants-on-head
bonkers once in a while than to find out what has happened and tell you. They
don't care as they are big, you are small, and unless you annoy them enough to
actually notice you, nothing is going to happen.

------
ThoAppelsin
I've got another thing to become suspicious about, which again involves VPN.

I live in Turkey, I use VPN (on AWS at Ohio) not to circumvent anything else
than the imposed restrictions of my own country, and not some other countries'
or companies'. Along with countless others, Wikipedia and Imgur are some well-
known websites that are made unaccessible from Turkey. With Windows 10's VPN
client, you don't even recognize that you are on VPN. The overhead is so low
(relative to the basic internet speeds), that I don't even notice that VPN is
on most of the time. I usually open it when I want to visit some Wikipedia
page, and turn it back off after recognizing delay/lag on the games I'm
playing online. Not even videos load recognizably slower, not on my VPN on AWS
at least.

Within last 10 days, I had encountered the news about Dragon Ball Z - Season 1
being free on Microsoft Store, one like this I just found searching:
[https://www.neowin.net/news/first-season-of-dragon-ball-z-
no...](https://www.neowin.net/news/first-season-of-dragon-ball-z-now-free-to-
download-on-windows-10-and-xbox-one)

I wanted to give both the anime and the Microsoft Store's video section a try,
and did nothing more than just opening the Microsoft Store, finding the
content, getting it for free and watching the first episode. My guess is that
this might have been the problem.

If this really is the case, then I could not possibly know I was fooling
Microsoft Store: \- I did not and still do not know if the content was not
available, free or paid, from Turkey. There were no indications of the content
being unavailable to Turkey on the Store page. \- Microsoft Store did not ask
me if I am from Ohio, I never said I was from Ohio. I regularly use VPN for
personal reasons, unrelated to this matter. I did not use VPN to make
Microsoft Store think that I am from Ohio. Microsoft Store itself may have
falsely assumed that I am from Ohio, and granted me the right to watch a
content for free. It is Microsoft Store's fault for immediately assuming my
location from the way I connect to the Internet.

If my guesses are true, then Microsoft's Microsoft Store is the culprit for
being overly presumptuous about my location, not asking me for approval, hence
not putting me responsible, and giving me free access to some content as a
result. I may not be put responsible for Microsoft's presumptions that I
haven't approved.

~~~
mirimir
> I wanted to give both the anime and the Microsoft Store's video section a
> try, and did nothing more than just opening the Microsoft Store, finding the
> content, getting it for free and watching the first episode. My guess is
> that this might have been the problem.

I agree. It's very likely that, by using a US VPN, you circumvented geo-
restriction in the Microsoft Store. You could test that by creating another
Microsoft account, under a fake name, using a commercial VPN service with a
non-US exit. Then try to get the Dragon Ball Z episode from Microsoft Store.
If you need help, feel free to email me.

------
wnsire
>"We canno't provide details about why your account is closed and won't
reactivate it"

This type of behaviour should be banned by the European Union.

You should be provided with the exact reason of why your account is being
closed , regardless of who is the provider of the service.

It's unacceptable that companies like Microsoft, Facebook, Airbnb feel entitle
to behave like this knowing how critical the service provided by those
companies are for some organization. Plus the fact that those suspensions are
usually done automatically by an algorithm powered by Machine Learning or
something similar.

This type of mechanism could destroy an entire organization if the account of
CEOs , CTOs, CFOs are suddenly locked down without possibility to access their
emails , their contacts, their meetings and others business critical
information.

This is outrageous.

~~~
stouset
Often times companies are _legally barred_ from disclosing this information.
For example, in the financial services sector, if a person’s account is linked
to certain forms of financial crimes, it is strictly illegal for the company
to tell the owner why their account was suspended and/or funds frozen.

The intent is to not reveal that the account had been linked to (for example)
financing of terrorist organizations, but in reality I think it causes more
problems than it solves. A real criminal who has their account shut down is
probably going to be pretty aware of what the reason is. On the other hand,
many times something like this can happen due to a mistake by a government
agency, an account takeover, or some other situation where the owner of the
account has no idea what went wrong or how to fix it, and finds themselves
blackballed by multiple financial institutions with no recourse.

I’m not a fan of PayPal by any shot, but I would wager a nontrivial number of
the customer support nightmare stories we’ve all read actually come down to
this, and their hands are completely tied.

~~~
wnsire
> Often times companies are legally barred from disclosing this information.

You are talking specifically about the financial and banking industry. Working
in the banking industry , compliance regulation prevents banks from
communicating about why your funds are frozen so the SEC can investigate and
determine whether are not a fraud or suspicious activity were committed.

Such thing does not exist in the IT Industry. Microsoft ran their in house
auditing tools , determined the account was suspiscious , set a flag
"is_suspicious" as "true" in their database and the next day a batch ran and
suspsended their account.

IT Audit for GAFA is 100% automated , there is no human interaction unlike
Banking , Insurance and Finance.

Hence, the fact that BFA must communicate after the investigation about what
fraud you committed to properly charge you in court and banned you from the
services( You can even be banned in an entire country from owning a bank
account depending on the severity ) but they must tell you why.

That is not the case for tech, it is completely unregulated which is why it's
making me this upset.

~~~
stouset
Microsoft is a large company with many services, and some of them may
intersect with this type of regulation through law enforcement. The financial
sector isn’t the only area of business that have these types of restrictions,
and it’s often significantly easier from a business and engineering
perspective to block an account entirely than to cherry pick which services
can and cannot be used.

This is particularly true when products frequently gain new features or
integrations with other company-provided services, as changes in one system
might allow an account that’s partially suspended to be able to perform
legally-forbidden actions in another (think: something like iMessage gaining
Apple Pay support). Yes, you _can_ solve these things with engineering, but
not only can that easily cost more than it’s worth, but you also open yourself
to massive company risk if you fuck it up and regulators catch wind.

~~~
splonk
> The financial sector isn’t the only area of business that have these types
> of restrictions, and it’s often significantly easier from a business and
> engineering perspective to block an account entirely than to cherry pick
> which services can and cannot be used.

Yeah, I used to work on a fraud detection team for another company, where some
guy got some traction online complaining about how his payment account got
shut down. All sorts of bluster about how he scrupulously followed the terms
and conditions and how he couldn't possibly be doing anything fraudulent and
how we were stealing his money, and lots of bad publicity in threads like
this.

Turns out the FBI was investigating the guy for hosting child porn on another
service using the same account, and we weren't allowed to respond in any way
to his complaining online. So we shut down all his accounts and couldn't
really do anything to defend ourselves against his complaints.

In my experience, like 90+% of the loudest complainers of account shutdowns
are completely full of it, and are guilty of very obvious violations that they
somehow fail to mention when blogging about it. I'm not going to say that
false positives from machine learning systems never happen, but people who
loudly complain about their accounts being frozen don't have a good track
record, and since most companies aren't going to discuss exactly why they got
shut down in the open, the prevailing narrative seems to be that the large
faceless corporation doesn't care.

------
zokier
Call them? Escalate, escalate, escalate until you get an answer.

[https://support.microsoft.com/en-us/help/4051701/global-
cust...](https://support.microsoft.com/en-us/help/4051701/global-customer-
service-phone-numbers)

------
Gys
Exactly the same thing happened to me while using Azure free tier. 2-3 y ago.
It was a new account which i only used for a few days. Only to make a few test
calls to their geo location api (i think). I needed that for a service that i
was building. Then i got this same message. No idea why. I did get two phone
calls to upgrade my account (!) but they could not explain why this happened,
nor get more details. Very, very strange. I switched to Google and never
looked back

~~~
pc86
There are dozens of stories of identical things happening to Google accounts
so it's not as if they are any better.

~~~
cerberusss
Exactly. These giant companies should really only be used as interchangeable
infrastructure. I have my own personal domain. At the moment, I use Google to
handle my mail. If they no longer want me as a customer, I'll update my
domain's MX records and move to another company.

~~~
stefano
What happens if your domain registrar bans you? Is it something they can do?

~~~
youseecomrade
I would be even more worried about DNS/domain hijacking if the HN stories I
hear are true. Not only technical issues but social engineering of the domain
ownership.

Whatever you do (custom domain or not), you're always exposed.

~~~
cerberusss
Yeah but I don't really know what to do about that, except for using a domain
provider with 2FA.

And of course you're always exposed, I'm not sure why you'd mention that. It's
no reason to just give up and do nothing.

------
BjoernKW
While this certainly is not exactly a decent way of dealing with people and a
less than stellar customer experience, Microsoft isn't the judicial system but
a private entity. This being a civil law affair there are no formal charges
and you're not accused of anything but merely (and potentially ) in breach of
contract.

If you sue them they'll have to reveal what they think you did. Other than
that you're probably only entitled to access to your data so you can transfer
it to another provider, as well as maybe a prorated refund if applicable (and
you'd probably have to hire a lawyer for that, too, because they possibly
won't answer any further inquiries on your part).

You mentioned a university licence. Many vendors explicitly prohibit usage of
such licences for purposes other than educational ones. This might be the
cause of your problem, for example if you used your account for hosting a
commercial application on Microsoft Azure.

~~~
ThoAppelsin
I did not use my account for any commercial purposes, and I don't have much to
say for the rest, read them like "you are a poor customer, who won't be able
to afford, and should not afford a lawyer to recover your $100-300 loss, for
your own interest". Sad that this is reality, or someone perpetuates this fact
in such an acceptant manner.

~~~
BjoernKW
I don't endorse this behaviour at all I'm merely stating the facts (probably
as outlined in the contract you've entered with Microsoft). If you feel you've
been wronged you should certainly hire a lawyer. At the very least then you'll
know what it is they think you did.

Another option would be talking to a consumer organization (not sure if this
is applicable because a university licence might not qualify as a consumer
licence).

Other than that: Caveat emptor. I know this sounds trite and doesn't really
help in your current situation but when you entered that contract you very
likely agreed to the terms Microsoft now uses against you.

~~~
emodendroket
> Other than that: Caveat emptor. I know this sounds trite and doesn't really
> help in your current situation but when you entered that contract you very
> likely agreed to the terms Microsoft now uses against you.

Yes of course, he should have simply not used e-mail.

~~~
wongarsu
Or use an email provider that offers better terms?

~~~
emodendroket
Such as?

~~~
mirimir
A few: Autistici, cock.li, CounterMail, ProtonMail, Riseup, ScryptMail,
Tutanota, VFEmail.

~~~
CaptSpify
Don't forget self-hosted

~~~
mirimir
True. But then you may have deliverability issues, right?

~~~
CaptSpify
Some people say they have that, but I've never experienced it. I even run it
out of a residential IP with no issues.

This is probably a good example of YMMV

------
mehblahwhatevs
> Microsoft's own way of justice is against the legal systems in all the
> modern countries, which always makes sure that the accused knows their
> faults, as one of their rights, and for the benefit of the accused not
> getting involved in such acts for a second time, for that they this time
> will know.

Welcome to the modern world.

I read frequently on the /r/androiddev subreddit about Android devs who have
had apps suspended or accounts closed for reasons beyond their comprehension.

I frequently read about people wanting tech platforms to start censoring more
actively (Twitter, FB, Youtube?) and for them to boot controversial people for
using their free speech (even if offensive).

Unfortunately giving "the accused" any sort of recourse doesn't seem to be a
priority when the PR machine is going against a tech company - it's easier for
them to use the banhammer.

~~~
ams6110
Microsoft isn't a government. They can't arrest you, and they can't seize your
property (that you haven't already given them). As a private entity, they can
define the terms by which they provide or revoke services, within some broad
boundaries such as Civil Rights law.

So that can suck, if you don't know why you've been banned or possibly when
you are banned by mistake, but that is the risk of using these kinds of
services.

------
ThoAppelsin
This account had been my oldest digital property, which I had been using for
probably over 10 years now. I haven't been using it any differently than
before, so now I am left absolutely clueless with a sizeable digital property
of mine being lost. I could have kept a copy of everything and not got all-in
to the OneDrive with the On-Demand feature, but I don't know what I could have
done to not lose 3.5 out of 4 years of pre-paid (required) Office 365
University service, because Microsoft simply does not tell.

~~~
DenisM
Email the office of Attorney General of your state with a grievance - you paid
for it, it was yanked from you, no one is picking up the phone. This is what
AG is for - protecting consumers from all kinds of snatch-and-run, big and
small.

Now you might think the AG won't have time for you, but the AG is not sitting
there reading the incoming email and deciding to act. The AG clerk on duty
will check that basic facts and dates are present in your email (make sure to
include them), and ask the BigCo for their side of the story; all that before
anyone even looks at the merit of the case. The BigCo will now face a choice -
continue corresponding with the office of AG (which is billable lawyer time
plus a drain on management brainpower), or shut you up by giving you back your
stuff (which is free).

~~~
mirimir
OP is in Turkey :(

------
rabboRubble
Does anybody know of a MS feature similar to Google Takeout?

I frequently take downloads of my Google content with Google Takeout but
haven't been doing the same for Microsoft. Recently started adding important
content to my MS account, and probably ought to start doing the same for that
service.

edit: yeah, yeah, yeah all the cool kids don't use Microsoft stuff. For some
of us, there may reasons we do, and I suggest this MS service might do the
trick. I'm still testing what all is included in this export. _UPDATE_
apparently this tool just exports a json file including usage information of
each MS service but not the data contained within those usage sessions i.e. a
file I've created in OneDrive Excel. Hmmmm.... going to continue the hunt.

[https://account.microsoft.com/privacy/export](https://account.microsoft.com/privacy/export)

~~~
maimeowmeow
I dont think most people have microsoft accounts, or services so there is
nothing to take out.

~~~
binomialxenon
I'd wager a guess that the majority of Windows users use a Microsoft online
login. Also, Office 365 and OneDrive are both widely used, and there's Skype,
Xbox, and Hotmail/Live Mail/Outlook/whatever.

~~~
maimeowmeow
Thats forced integration, but logging into windows does not imply you store
data on windows services. The only thing that I can see resulting in data
storage is onedrive because its forced down.

------
patrickg_zill
They can claim that they are following the law, but that doesn't mean they
actually are... If you have a university based license then I would suggest
you complain about the suspension of service with your university. Possibly
the person who manages the business relationship with Microsoft has contacts
they can talk to.

Also: keep backups outside of the Microsoft ecosystem.

~~~
ThoAppelsin
It is my personal over-10-years-old account. I merely bought a university
package that is for sale on Microsoft, using this account after getting
registered to my university.

~~~
pnathan
Are you a current student then?

~~~
ThoAppelsin
No, I have graduated by the end of last Spring semester. I purchased the
product while I still was a student last year. I will become Master's student
once again in within two months.

~~~
slenk
Could the university have notified Microsoft that you were currently not
enrolled, and thats why your account was suspended?

------
hkai
If I know anything about corporations, that's because of a due diligence
check. Your name or credit card or face matched someone else, or they thought
you have connections to sanctioned countries, or your finances are dodgy.

Even for spam they wouldn't block you like this right weather. It's due
diligence.

------
DoofusOfDeath
> "Pursuant to our terms, we cannot reactivate your account, nor provide
> details as to why it was closed."

Am I correctly interpreting their statement as saying that they're constrained
by their own self-imposed policies?

------
CommanderData
Imagine your Github repos gone because Microsoft thought you violated TOS.

Well now that's just an eventually.

------
joeax
I've been thinking a lot about this (after hearing about the Airbnb guy [1]
the other day) as it pertains to the cloud i.e. Azure, GCP. I'd hate to be a
company that spends hundreds of thousands moving its infrastructure to the
cloud, then suddenly without warning it's all terminated without cause or
explanation.

On a side note, as a published author on Amazon, I've heard horror stories in
the usual author forums of Amazon doing the same to authors, pulling all their
novels off their site without warning and terminating their account. Amazon
does have some remediation pathways (unlike the AirBnB guy), and many authors
had their accounts restored after weeks or months of perstering support
(although the damage is done).

[1]
[https://news.ycombinator.com/item?id=17523056](https://news.ycombinator.com/item?id=17523056)

------
tootahe45
My account got suspended and kicked me off a month ago by simply accessing the
forwarding section of my Microsoft account. Tried it on another account and
same thing. To this day i am confused about that, and how some of these big
companies with the toughest entry requirements make the dumbest crap.

~~~
nasredin
Yep. Same thing happened here.

New account banned after changing Hotmail settings.

------
withinrafael
Did you have pirated material in OneDrive? Did you pirate Windows, Office, or
any other Microsoft software?

I'm thinking content scanning or Microsoft Account telemetry.

~~~
skt5
I don't think that this matters as much unless you've shared it & Microsoft
got some sort of DMCA notice.

By any chance, did you have child nudity (ex: photo of child bathing, etc.) on
your OneDrive? If so, I wonder if PhotoDNA picked it up (see
[https://www.neowin.net/news/man-arrested-after-microsoft-
fin...](https://www.neowin.net/news/man-arrested-after-microsoft-finds-child-
porn-on-onedrive-account)).

------
lurker_primo
I have nothing useful that I can say here except that this has happened to me.
A few months back, I created a new account on Outlook with a username that I
wanted to adopt for my communication. When I tried to login the next day, the
account had been suspended by Microsoft with a similar reason given. I didn't
do anything further because I had just created the account and had nothing
associated with it.

------
mnm1
Amazon does the same thing from experience. Google too from what I've read
here. This is the dark side of tech companies. In this respect they are all
powerful. Makes it impossible to truly rely or trust any of their services
when they did things like this. We're seeing more and more of these cases and
without proper regulations, what's to stop these companies from abusing their
customers? Nothing. It should really make one think twice about depending on
such services, especially for running a business.

------
beavis2
Yes. Been there, done that.

I was wondering what it was I could have done. I was thinking of all the "grey
area" things I may have been up to - then I paused and thought: "why am I
concerned they could know so much?" because it's possible.

That was the final week I used Windows.

It will get worse before it gets better, and I'm actually thankful.

------
grezql
I hope someone from Microsoft can adress this problem asap. I have office
license + 1 tb of onedrive pictures and important documents which have no
other backup. Also other online accounts are tied to the microsoft account. If
Microsoft shut people down without reasoning I may plan to "decentralise" my
services.

~~~
gnode
I strongly recommend you just go ahead and do so. This is like saying: if the
burglars don't return this guy's stolen property soon, I might just have to
start locking my doors when I go out.

------
roryisok
Contrary to most of the posters on here, I have had nothing but positive
experiences with Windows 10. I don't get served ads in the OS (or don't notice
them). I don't see any upsell. I don't get blue screens. Edge is a competent
and effective browser, and I often use it over Firefox or chrome, though I
still use those for development. I am a happy customer.

I have a paid OneDrive account that stores all my family photos.

Reading this has made me realise it could so easily happen to me. I'm going to
make double sure I back up everything locally too, from now on.

MS only has my photos though. Google really has me by the balls. Ten years of
emails with friends and customers, and pretty much every login I have is tied
to my gmail. If that was taken I away I would be truly boned

~~~
mrfredward
Windows 10 has been bombarding me with "start your Office free trial" ads for
years. I keep disabling the notification, and it keeps coming back when I get
updates.

That's my only complaint, but it isn't a small one. Having advertisements so
deeply baked in to an operating system is disgusting.

~~~
roryisok
Where do these appear? I've honestly never seen them

------
thinkingemote
Were you running any of their cloud servers? If so what were you doing on
there?

Were you storing files? If so what kind of files.

You might find there's some kind of activity you've been doing but thought was
ok, or you were storing files which got flagged for porn or copyright.

------
captainmuon
I find these stories really disturbing. Are there any services (I'm thinking
mostly of email, cloud storage) that explicitly say they will

\- provide a reason if they ban you

\- always let you take out your data (unless not legally possible)

\- have decent customer service ?

------
NullPrefix
If you use the account on Win10, do they lock you out from your whole
computer?

~~~
ThoAppelsin
I just tried to see if I am able to log-in using Microsoft account, and I was.

------
znpy
Most EULAs I have been reading clearly state that the service provider can
recede from the contract at any time without having to provide any
explanation.

This is undoubtedly unfair, but I honestly wonder: if this is even legal?

~~~
emodendroket
If they can force you to agree to mandatory arbitration to use their service
(and in the US they can, according to the Supreme Court), this kind of stuff
is peanuts.

------
JVIDEL
That's the problem we been talking about for years with regards to dependency
on the cloud. Take digital games: you don't own then, when you pay roughly the
same amount you did for a boxed game a decade ago now you barely get a
license, not a right, to play said game on platforms such as valve for as long
as they allow you to.

And it's the same problem with software in general these days, no matter if
you pay you don't own it so you don't have a right to use it.

------
ap46
Folks, it is high time & rather long enough time that we actually bought
domains & setup our own email addresses since now everything is linked with
one & random termination of a free-email account & linked data loss is simply
unacceptable. But that's what you get when you go with a free service
provider.

------
nuclearburrito
I highly recommend Fastmail. Not affiliated other than customer since 2002.
Best email out there IMHO. Paid, but worth it.

~~~
DenisM
How is search nowadays? I left 8 years ago them because search was so bad
compared to Gmail.

~~~
nuclearburrito
Search is great. No issues.

------
boomboomsubban
Search for their support number and call them. While stuck on the phone,
research making the jump to free software.

------
kup0
Almost makes me wonder if legislation requiring companies to "provide details
as to the reason for account closure" is a necessity.

If a company can take everything away from you at the turn of a dime, you
should at least be entitled to know why it was done.

------
ToFab123
This is not first time someone has been kicked out of their
MS/Google/Apple/Cloud provider with any explanation. Has anyone tried to sue
them in order to get the answer to the question "why"?

------
frugalmail
This is a bummer, and not customer friendly.

This is one* of the reasons why I never use single sign on for other services.

* other reasons include:

not wanting SSO to know where I'm going, when I'm going to it. It's none of
their business!

Not wanting a cascading breach

------
EGreg
Once again, this is what happens when you trust some third party organizations
for simple things like storing your data, facilitating group communication, or
even authenticating your very identity!

Why do we do it?

~~~
zokier
> Why do we do it?

Because these sort of stories represent probably something like one in a
million failure rate. That is ridiculously successful. And those "simple
things" you say are really not all that simple.

------
oval-atom
did you originally open the account using an "alternate email"?......and now
they have Temporarily Suspended the account...?

But they give you the option to provide a text able phone number and give you
10 minutes to use the texted Access Code?

I have had that happen 3 times......... they after your cell phone number and
holding your account hostage to get it.

They will not respond to any other option nor give evidence of what they claim
violated any Terms of Use. They just say "Suspected".

------
opportune
Did you perhaps leak an API key?

------
Tomte
MS won‘t tell you, we don‘t know. End of story. What more is there to say?

~~~
endorphone
Generally when someone posts a story like this on HN it's both as a warning to
others about what could happen to them, and also in hopes that someone from
the source company touches base or clarifies. It's seldom the end of the
story.

