In early 2025, the FBI requested BitLocker encryption recovery keys from Microsoft for laptops involved in a fraud investigation related to Guam's COVID-19 unemployment assistance program. Microsoft complied, revealing that it handles around 20 similar requests annually, though many fail because users don't store their recovery keys on Microsoft's servers. BitLocker, a full-disk encryption tool in Windows, has evolved over nearly two decades. While Windows 11 Home users have limited control over encryption, Pro users can manage the process and store recovery keys outside Microsoft's cloud, addressing privacy concerns. To encrypt a Windows PC's disk without relying on Microsoft, users need Windows 11 Pro. Upgrading costs $99 through the Microsoft Store, but cheaper third-party options are available. After securing a valid Pro key, users can upgrade without losing data or apps. If the disk is already encrypted and the recovery key is with Microsoft, the disk must be decrypted first. This involves toggling off device encryption and waiting for the process to complete. Once decrypted, users can activate BitLocker again, save the recovery key in a secure location, and choose to encrypt the entire disk or just the used portion. The encryption process can take considerable time, especially for larger disks. Users are advised to select full-disk encryption to ensure that deleted data isn't recoverable. They should also opt for the “new encryption mode” and may run a BitLocker system check. After a restart, the actual encryption begins, securing the disk without storing sensitive recovery keys with Microsoft.