Report: Microsoft collaborated closely with NSA
By Brandon Griggs
(CNN) — Most of the big tech companies implicated in the ongoing controversy over secret government Web surveillance insist they turned over data about users to the National Security Agency only after being compelled by court orders.
But a new report claims that Microsoft willingly collaborated with the NSA and even allowed federal agents to circumvent the company’s own encryption system to spy on users’ messages.
The latest bombshell from the UK’s Guardian newspaper, which along with the Washington Post broke the NSA snooping story last month, says that Microsoft helped the NSA circumvent its encryption to intercept Web chats on its new Outlook.com portal. The Guardian, citing “top-secret” documents, said the NSA already had access to pre-encrypted e-mail on Microsoft’s Outlook, including Hotmail.
The NSA allegedly listened in on numerous video calls made via Skype, which Microsoft bought two years ago. And Microsoft also worked with the FBI this year to give the NSA easier access to its cloud storage service SkyDrive, which has more than 250 million users worldwide, according to the Guardian’s report, published Thursday.
In a statement, Microsoft immediately denied many of the Guardian’s claims, saying the company turns over data on customers only in response to legal requests.
“First, we take our commitments to our customers and to compliance with applicable law very seriously, so we provide customer data only in response to legal processes. Second, our compliance team examines all demands very closely, and we reject them if we believe they aren’t valid.
“Third, we only ever comply with orders about specific accounts or identifiers, and we would not respond to the kind of blanket orders discussed in the press over the past few weeks, as the volumes documented in our most recent disclosure clearly illustrate,” the company said.
“To be clear, Microsoft does not provide any government with blanket or direct access to SkyDrive, Outlook.com, Skype or any Microsoft product.”
News reports, based in part on documents provided by former NSA contractor Edward Snowden, have described a classified U.S. intelligence system called Prism that examines e-mails, videos, online chats and other data that it collects via requests made under the Foreign Intelligence Surveillance Act.
The revelations about Prism have alarmed everyone from members of Congress and foreign leaders to privacy activists and citizens who organized anti-NSA protests across the United States on the Fourth of July.
Like Apple, Facebook, Google, Yahoo and other tech titans linked by news reports to the Prism program, Microsoft has been working in recent weeks to convince customers that it values their privacy and safeguards their personal data against wanton snooping by a government trying to root out terrorists.
In lobbying for greater transparency on national security-related requests, Microsoft revealed last month that it had received between 6,000 and 7,000 criminal and national security warrants, subpoenas and other orders in the last six months of 2012. These requests affected between 31,000 and 32,000 consumer accounts — a tiny fraction of the company’s hundreds of millions of users — and came from local, state and federal agencies, Microsoft said.
“When we upgrade or update products legal obligations may in some circumstances require that we maintain the ability to provide information in response to a law enforcement or national security request,” Microsoft said in its statement Thursday.
“There are aspects of this debate that we wish we were able to discuss more freely. That’s why we’ve argued for additional transparency that would help everyone understand and debate these important issues.”