Microsoft NSA sharing accused by The Guardian, denied in statement

Jul 11, 2013
1

Today a new report has been released on the NSA's involvement in spying on citizens here in the United States, this time specifically centered on their connections with Microsoft. Though The Guardian goes through the NSA's PRISM checkpoints on Microsoft one by one: secret files on Silicon Valley's involvement with PRISM, Outlook email involvement, Skype video call collection, the Windows company has denied it all - so to speak.

What's reported this afternoon by files (new files, it would seem) from Edward Snowden to The Guardian is that Microsoft may have had a much lighter piece in this puzzle being shown thus far simply because they hadn't yet had their chapter read. As they put it, the following bullet-points are true:

• Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;

• The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;

• The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;

• Microsoft also worked with the FBI's Data Intercept Unit to "understand" potential issues with a feature in Outlook.com that allows users to create email aliases;

• Skype, which was bought by Microsoft in October 2011, worked with intelligence agencies last year to allow Prism to collect video of conversations as well as audio;

• Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a "team sport".

It's the "Team Sport" comment you'll find the social networks and quick-comments encircling, while this report continues a string of suggestions from The Guardian that companies such as Apple, Google, Facebook, and Yahoo all offered "direct access" to everyday average citizen information. Of course each of these companies have denied such things in kind:

Microsoft's statement on the report suggests that they've only acted according to the same rules as inflicted on the rest of the United States and businesses therein. The statement, reproduced here in full, directly mentions SkyDrive, Outlook.com, Skype, and "any Microsoft product" in the company's assurance that "blanket or direct access" was never given to the US Government.

"We have clear principles which guide the response across our entire company to government demands for customer information for both law enforcement and national security issues.

First, we take our commitments to our customers and to compliance with applicable law very seriously, so we provide customer data only in response to legal processes. Second, our compliance team examines all demands very closely, and we reject them if we believe they aren't valid. Third, we only ever comply with orders about specific accounts or identifiers, and we would not respond to the kind of blanket orders discussed in the press over the past few weeks, as the volumes documented in our most recent disclosure clearly illustrate. To be clear, Microsoft does not provide any government with blanket or direct access to SkyDrive, Outlook.com, Skype or any Microsoft product.

Finally when we upgrade or update products legal obligations may in some circumstances require that we maintain the ability to provide information in response to a law enforcement or national security request. There are aspects of this debate that we wish we were able to discuss more freely. That's why we've argued for additional transparency that would help everyone understand and debate these important issues." - Microsoft

It would appear that two things are true. The first is that the NSA have had one massive amount of information shared that they did not intend to be shared, made popular by the keyword "PRISM" and the surveillance programs it involves and is associated with. The second is that Microsoft, like several other major technology companies appearing in documents mentioning the NSA this year, have had a similar media nightmare because of the leaks from the NSA.

It's not known at this time what involvement Microsoft had or has specifically with the NSA and their programs related to PRISM. Stick around and find out more as we find out more, and stay smart!


Must Read Bits & Bytes