Did Microsoft hand the NSA access to encrypted messages?

Zafar Anjum

lynch

From left to right: Former Chief Privacy Officers, Peter Cullen and Richard Purcell, along with current Chief Privacy Officer, Brendon Lynch, who discussed  Microsoft's approach of privacy at Microsoft. (File photo; Courtesy Microsoft)

In July last year, when the news broke that Microsoft had allegedly collaborated closely with US intelligence services to allow users' communications to be intercepted, it severely dented the image of the tech giant.

According to top-secret documents obtained by the Guardian, which broke the story, Microsoft had allegedly helped the National Security Agency to circumvent the company's own encryption, and that the agency had pre-encryption stage access to email on Outlook.com, including Hotmail. It was also alleged that the company provided NSA easier access via Prism to its cloud storage service SkyDrive (with over 250 million users worldwide) and allowed video calls through Skype to be logged. Later disclosures and reports of the NSA’s surveillance methods revealed the companies did not voluntarily provide information.

Almost a year later, Microsoft has come out in the open to protect the privacy of the Internet users (the company's officials maintain that they have been vocal on this topic right from the beginning). In a strongly-worded blog post today, Microsoft's top lawyer Brad Smith has called upon the US government to act on "unfinished business" a year after the breaking of the news of the extent of the National Security Agency's cyber-spying operations.

Microsoft's general counsel has set out five areas where he believes the government needs to take more action in the wake of Edward Snowden's revelations. While there had been some "initial positive reforms," Smith said in his blog post, "the reality is clear. The US government needs to address important unfinished business to reduce the technology trust deficit it has created."

Echoing similar sentiments in Redmond, Washington today, Brendon Lynch, Microsoft's Chief Privacy Officer, said that Microsoft does not surrender data to the government unless the company is approached with proper legal justifications (subpoenaed) and then too the company tries to direct the government agencies to go to the corporate customers for data instead of knocking on the doors of Microsoft.

During the NSA's now infamous illegal data gathering phase, Microsoft was not willingly providing any upfront data gathering facilities to the NSA, Lynch clarified. Whatever data the NSA was gathering, it was doing it on its own and through its own mechanisms (such as through ISPs) but we have strengthened even those loopholes with stronger data encryption methods, he told a group of international media touring the Microsoft campus. "People will not be using technology they do not trust and governments might be putting that trust to risk," he said.

1  2  Next Page