> If your company has data that the police want and they can get a warrant, you have no choice but to give it to them.

Yes. The thing is: Microsoft made the design decision to copy the keys to the cloud, in plaintext. And they made this decision with the full knowledge that the cops could ask for the data.

You can encrypt secrets end-to-end - just look at how password managers work - and it means the cops can only subpoena the useless ciphertext. But Microsoft decided not to do that.

I dread to think how their passkeys implementation works.