Microsoft isn’t alone. Alex Hern, of the Guardian:
“The problem is, this is a technically legal activity that we all agree to when we sign up to certain cloud services – whether knowingly or not,” says Charlie Howe, director, EMEA at Skyhigh Networks, a cloud security software firm, of Microsoft’s snooping.
“For instance, I would guess that most people don’t actually read the full Terms and Conditions before using a new application, and they would probably be surprised by what they are actually agreeing to when they click the ‘accept’ button on certain cloud services.”
In all cases cited by Hern, each provider’s terms of service allow them to access user email in cases when the provider thinks that it would be reasonable to protect that provider’s service. This is pretty ambiguous, allowing each company some wiggle room as to what may be considered “reasonably necessary to protect the property” of the company in question. Even FastMail, cited by some (including yours truly) as a great way to roll your own email service, has this in their Terms and Conditions (emphasis mine):
The Service Provider will not monitor, edit, or disclose any personal information about you (including your credit card information) or your use of the Service, including its contents, without your prior permission unless required or allowed by law, or where the Service Provider has a good faith belief that such action is necessary to: (1) conform to legal requirements or comply with legal process; (2) protect and defend the rights or property of the Service Provider; (3) enforce the TOS; (4) act to protect the interests of its members or others
Basically, if you want to be absolutely certain that nobody will be snooping your email account, you need to run your own email server. But I’m not aware of FastMail ever using this power, nor Apple, nor Yahoo. Microsoft, obviously, has snooped email accounts and, if you believe Michael Arrington, so has Google.