Microsoft’s Response to NSA Backdoor Allegations: It’s Not True. It’s Also Complicated. We Can’t Explain It, but We Wish We Could.

It's all becoming clear now. Oh, wait. Sorry. It's still not clear.

  • Share
  • Read Later

The Guardian recently released another report in the seemingly never-ending saga surrounding the NSA’s Prism program.

The latest article contends that The Guardian has gotten its hands on documents that apparently detail cooperation between Microsoft, the FBI and the NSA to make it easy for security agencies to keep an eye on communications facilitated by various Microsoft products.

Here are the bullet points from The Guardian‘s article:

The documents show that:

• Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;

• The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;

• The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;

• Microsoft also worked with the FBI’s Data Intercept Unit to “understand” potential issues with a feature in Outlook.com that allows users to create email aliases;

• In July last year, nine months after Microsoft bought Skype, the NSAboasted that a new capability had tripled the amount of Skype video calls being collected through Prism;

• Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a “team sport”.

The Guardian then re-iterates claims from its earlier Prism reports that allege an NSA official needs to obtain warrants before collecting information about a U.S. citizen unless “the NSA operative has a 51% belief that the target is not a US citizen and is not on US soil at the time.” The Guardian also states that “the NSA is able to collect Americans’ communications without a warrant if the target is a foreign national located overseas.”

So up to this point in the article, we’re left with allegations of Microsoft working hand-in-hand with the FBI and the NSA to make it easier to snoop, but that if you’re a U.S. citizen who’s located in the U.S., it takes a bit more legwork before analysts can start collecting dirt on you.

Microsoft has responded directly to The Guardian‘s article. I’ll drop the entire response in here since it’s somewhat short, and we’ll need to comb through it a bit:

We have clear principles which guide the response across our entire company to government demands for customer information for both law enforcement and national security issues.

First, we take our commitments to our customers and to compliance with applicable law very seriously, so we provide customer data only in response to legal processes. Second, our compliance team examines all demands very closely, and we reject them if we believe they aren’t valid.  Third, we only ever comply with orders about specific accounts or identifiers, and we would not respond to the kind of blanket orders discussed in the press over the past few weeks, as the volumes documented in our most recent disclosure clearly illustrate. To be clear, Microsoft does not provide any government with blanket or direct access to SkyDrive, Outlook.com, Skype or any Microsoft product.

Finally when we upgrade or update products legal obligations may in some circumstances require that we maintain the ability to provide information in response to a law enforcement or national security request. There are aspects of this debate that we wish we were able to discuss more freely. That’s why we’ve argued for additional transparency that would help everyone understand and debate these important issues.

The last sentence of the second paragraph is the money-quote: “To be clear, Microsoft does not provide any government with blanket or direct access to SkyDrive, Outlook.com, Skype or any Microsoft product.” That quip goes directly against the allegations made in The Guardian‘s article.

However, the last two sentences of the final paragraph should leave us all wondering if Microsoft might tell us more if it could just somehow sneak off and meet us in secret on a windy beach with enough background noise to drown out the bug planted inside the battery compartment of its Windows Phone 8 handset: “There are aspects of this debate that we wish we were able to discuss more freely. That’s why we’ve argued for additional transparency that would help everyone understand and debate these important issues.”

In summary, the formula for this Prism business seems to be that when tech companies are accused of giving the NSA direct access to their communications, the response seems to be similar from company to company: We comply only when required by law in specific instances, and we don’t give up direct access to our stuff. We’d also reeeeaaally like to get some things off our chest, but we can’t.

6 comments
Froyoschi500
Froyoschi500

What a disgrace for the government not to care about its own people. So much for so called freedom. It most definitely does not exist. May God protect the kind people of this world and punish those with evil hearts and intentions. 

PaulDirks
PaulDirks

You're clearly missing the point.

Microsoft does not provide any government with blanket or direct access to SkyDrive, Outlook.com, Skype or any Microsoft product. 

But we DO design the products to facilitate access whenever requested. This is just Clipper revisited. 



JesseKuch
JesseKuch

I wonder if there are any legal ramifications for these companies if you don't live in the US? 

MatthewValHall
MatthewValHall

Microsoft: "Your Privacy is our Priority" ha ha ha ha...liars.

LonBeyer
LonBeyer

Which basically means, like most down to earth intelligent individuals already conceive, no one is listening to our conversations and watching videos of us on a secret screen somewhere, unless they have reason to. 

But keep those tinfoil hats on, ya buncha boobs.