How is it even legal for Microsoft and or OEMs to irreparably lock people out of their data with Bitlocker and without telling them?

Question

This question and topic follows the following one created by Anonymous on May 24, 2025:

"How is it even legal for microsoft to lock people out of there computers with bitlocker?"

Since the question has been conveniently locked and one cannot reply to the "Accepted answer" written by user @quietman7 MVP Alumni , here's a new similar question, developing more relevant points.

1. People are not just being locked out of their computers, which can always be re-formatted and re-installed (paying a certain price in terms of time, efforts, complications, and in some cases money). People are being locked out of their data, which is much worse! A computer can be recovered, lost data cannot.
2. User quietman7 MVP Alumni states: "There is nothing illegal in regards to your issue". Quite the opposite! Or at least it should be illegal if it's not. This definitely should be illegal. Let me prove it to us all with a more tangible example.

In the end, data is data, regardless of where it is saved, if for example in a computer hard disk drive or handwritten with a pen on old-fashioned paper notebooks, or printed on Kodak photographic paper. What Microsoft (in case of automatic Windows updates) and computer manufacturers (in case of purchasing a new computer) are doing, corresponds to the following scenario:

Imagine a Microsoft employee (in case of updates), or a Dell/Lenovo/HP/Whatever other brand employee (in case of new PC purchases) reaches your home or workplace, enters, opens your cabinet drawers and pulls out ALL your documents, all of them: official papers, tax papers, personal and family memories and photographs, magazines, books, hobby stuff, everything, whatever 'data' you have. Then they cut and scramble the data entirely, in a way that only knowing a certain 'scrambling key' can restore them. Then they store this key.... on the ground, on the street!!!! knowing that, sooner or later, wind and stuff are going to take that key away, and they DON'T WARN YOU on what they've just done!

In this scenario, you must intuit on your own power of intuition what just happened. And you must intuit, and do it quickly, that you have to run outside, on the street, grab that key and store it safely!

Since you don't have supernatural powers, if they don't clearly and explicitly tell, inform, and warn you on what they've just done, you're not going to save that key anywhere. Until, one day, wind will blow the key away from the street, you'll open your folder cabinet looking for that important document or deceased relative picture, and you'll find just a pile of useless codes. Somebody has just destroyed your data.

How is that not illegal?

You have just lost everything, things that can never be recovered. Things that not even all the money of the world would be able to re-buy.

In other words: how is it not illegal if I take all your data, scramble it, throw the key away knowing that it will be lost, NOT inform you about it, and time-bomb it so that, suddenly, one day, you lose everything?

CONCLUSION:

How could this barbaric abuse and crime be at least barely 'tolerable'? In two cases:

• WINDOWS UPDATES: If I send an update in your computer and (potentially) disintegrate all your data (unless you retrieve a certain key and save it somewhere), you must be informed. I must make a huge, gigantic, warning sign appear on your screen repeatedly, until you have acknowledged unequivocally that you have read it, understood it, and that you have saved the key somewhere safe.

• OEMs' PRE-ENCRYPTED COMPUTERS: If I sell you a computer which automatically (potentially) destroys all your data as you save it (unless you retrieve a certain key and save it somewhere), you must be informed. I must at least add a huge, clear, and visible warning note inside the box, so that when you buy it and open the box you are certainly informed and made aware of the fact that you must retrieve and save the key and of the risk of not doing it.

Data is property, and invaluable property, since it's unique and cannot be purchased. If I do something to your property or modify it in a way that causes it to self-destruct sooner or later, unless you do something before, I must absolutely inform you that you must do something. Otherwise, I am responsible for destroying your property.

The fact that the bomb does not explode immediately but is time-rigged and will explode later, doesn't make the person who set it up less guilty of the destruction that will follow.

Answer 1

Hello,

BitLocker is enabled after you sign into your Microsoft Account at OOBE (Out-of-Box-Experience). Your device should not come prelocked; otherwise, your BitLocker recovery key wouldn't be backed up.

I believe the issue that a lot of people are having with BitLocker is that their PC doesn't automatically back up their recovery key after completing the OOBE. I guess there's some sort of disconnect that happens when backing up the recovery key. This is the big issue that causes people to want lawsuits against Microsoft.

However, there is a way that you can back up your BitLocker recovery to your Microsoft account, and to other destinations as well.

To do this, open the Start Menu, and then type Device Encryption. Push Enter, and then you should see a list of drives that are encrypted with BitLocker. Select "Back up your recovery key". You want to select "Save to your Microsoft Account", and then make sure to check https://aka.ms/recoverykey for your recovery key.

Repeat this for any other drives you may have, and then should you choose, you can also print out your recovery key, save it to a USB drive, or save it to a file.

The whole point of BitLocker is to prevent unwanted people from accessing your data in a few means. As said above, Windows sometimes "breaks" (if you will) and doesn't do that job properly, leaving you in that scenario.

I'm not trying to sound mean or anything, but this is also why people recommend that you keep backups of your data (3-2-1 rule), so that in case something like this happens, you can easily restore.

As for your updates, not all updates are harmful. Most are beneficial. It's just the minority of updates that cause issues for people. Updates shouldn't cause data loss either; Windows is pretty good at rolling back updates and telling you what went wrong. Again, it's just the small times that Windows updates cause issues, and that's why restore points exist; so that you are able to restore to a last known good configuration.

If I have not answered all of your questions, please reply, and I will do my best to help you.

Hope this helps.