Is Microsoft The Biggest Big Brother Of Them All?

    July 14, 2013

Microsoft made headlines yesterday when its CEO, Steve Ballmer, announced a massive restructuring of the company. His vision is to have Microsoft provide everything for your life through a number of devices – including phones, TVs, computers and tablets.

It’s a marvelous idea, and one that has the potential to put Microsoft back on top. It’s also a terrifying idea in the context of recent revelations regarding the company’s reported willingness to work closely with the NSA by handing over private communications. Microsoft wants customers to live in their world, but is their world safe from the prying eyes of the NSA and FBI?

Are you worried about Microsoft’s reported involvement with the NSA? Would you trust your data with the company? Let us know in the comments.

In a report published by The Guardian on Thursday, the publication reveals that leaked documents from Edward Snowden reveal a massive collaboration between Microsoft and the NSA/FBI. It’s not the usual kind of collaboration between tech companies and the feds where both work together to improve infrastructure security. Instead, the leaked documents claim that Microsoft worked with the NSA to provide it direct access to its services, including Skype, while helping its agents to bypass encryption.

Here’s everything that Microsoft and the NSA are reportedly working on, courtesy of The Guardian:

  • Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new portal;
  • The agency already had pre-encryption stage access to email on, including Hotmail;
  • The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;
  • Microsoft also worked with the FBI’s Data Intercept Unit to “understand” potential issues with a feature in that allows users to create email aliases;
  • In July last year, nine months after Microsoft bought Skype, the NSA boasted that a new capability had tripled the amount of Skype video calls being collected through Prism;
  • Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a “team sport”.
  • The Skype revelation is especially interesting as reports emerged in July of last year that Microsoft was allowing government agencies to access Skype calls. The company said the claims were untrue, and that it only worked with law enforcement when it “follows appropriate prodcedures;” but it definitely seems suspect when the reports emerged in the same month that the recently leaked documents say the NSA started to collect more call data.

    In a separate but equally damning report from June, Bloomberg revealed that Microsoft intentionally shares exploits for its products with government agencies. These are the kind of security exploits that hackers use to gain access to your computer, and Microsoft reportedly lets the NSA have their way with these exploits for a bit before fixing them.

    What makes this all the more troubling is that the first PRISM leak paints Microsoft as a company that’s more than willing to work with the government. A leaked slide from early June had a timeline of when each tech company joined the PRISM program. Microsoft is listed as being the first with a join date of September 11, 2007. The next wasn’t until the next year when Yahoo allegedly joined the program in 2008.

    All of the above raises some very pressing questions that Microsoft needs to answer, but unfortunately, it can’t. That’s why the company is fighting back against the government to reveal the extent of its cooperation with the NSA.

    In late June, Microsoft submitted a filing to the secret FISA court requesting that it be allowed to publish aggregate NSA data request numbers. It joined Google in arguing that it had a First Amendment right to do so. It also recognizes that publishing these numbers, even in aggregate form, would help to improve transparency from the company and government. This transparency would apparently set the record straight on Microsoft’s alleged cooperation with the NSA and let the American people know that they aren’t handing over everything.

    In fact, Microsoft said just as much in a statement to The Guardian regarding these latest leaks:

    We have clear principles which guide the response across our entire company to government demands for customer information for both law enforcement and national security issues. First, we take our commitments to our customers and to compliance with applicable law very seriously, so we provide customer data only in response to legal processes.

    Second, our compliance team examines all demands very closely, and we reject them if we believe they aren’t valid. Third, we only ever comply with orders about specific accounts or identifiers, and we would not respond to the kind of blanket orders discussed in the press over the past few weeks, as the volumes documented in our most recent disclosure clearly illustrate.

    Finally when we upgrade or update products legal obligations may in some circumstances require that we maintain the ability to provide information in response to a law enforcement or national security request. There are aspects of this debate that we wish we were able to discuss more freely. That’s why we’ve argued for additional transparency that would help everyone understand and debate these important issues.

    The last paragraph in the above statement is the most important. Microsoft says that it would like to discuss the matter in more detail, but the current law slaps them with very strict gag orders that prevents it from doing so. It appears that Microsoft is confident that the American people would be put at ease regarding its cooperation with the NSA if only it was allowed to discuss it.

    It should also be noted that Microsoft’s frustration with the NSA is not exclusive. Many tech companies have come forward to say that they would love to publish more information regarding its cooperation with government. The secrecy that the government enforces does nobody any favors, and in fact, is only driving customers away from services owned by Microsoft, Google and the like. By publishing this information, Microsoft could go from the biggest big brother of them all to a company being forced to comply with court orders that it doesn’t agree with, much like Yahoo.

    Do you think Microsoft is willingly working with the NSA to collect your information? Or is it simply caught in a fight it can’t win? Let us know in the comments.