Over at the YouTube page for Microsoft’s Your Privacy is Our Priority video, the description features the following promise:
The lines between public and private may never be perfect, but at Microsoft we are going to keep on trying, because your privacy is our priority.
This, in turn, links to a page that discusses Microsoft’s commitment to privacy, and the nifty banner that leads this particular article. That commitment to user privacy, however, goes out the window when words like “national security” and entities like the FBI and the NSA are involved. While this may not come as much of a surprise to anyone, thanks to the realizations about the PRISM surveillance program, courtesy of whistleblower Edward Snowden, if you are going to tout privacy as your company’s strong points, perhaps a little resistance would be nice.
However, thanks to a report appearing in the Guardian, we now know this is clearly not the case. After pouring over the documents leaked by Snowden, the following realizations about Microsoft’s level of cooperation surfaced:
- Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;
- The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;
- The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;
- Microsoft also worked with the FBI’s Data Intercept Unit to “understand” potential issues with a feature in Outlook.com that allows users to create email aliases;
- In July last year, nine months after Microsoft bought Skype, the NSA boasted that a new capability had tripled the amount of Skype video calls being collected through Prism;
- Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a “team sport”.
In a response to Verge.com, spokespeople for Microsoft indicate their actions with the data gathering were in compliance with the law and that it does not allow unfettered access to these agencies:
We have clear principles which guide the response across our entire company to government demands for customer information for both law enforcement and national security issues … To be clear, Microsoft does not provide any government with blanket or direct access to SkyDrive, Outlook.com, Skype or any Microsoft product … There are aspects of this debate that we wish we were able to discuss more freely. That’s why we’ve argued for additional transparency that would help everyone understand and debate these important issues.
Microsoft may not give blanket access to these services, but they don’t appear to push back if there’s a request for it, either. Do these revelations make you reconsider using Microsoft services like Skype and Outlook? Considering Mozilla’s stance against PRISM, it’s doubtful they would willingly turn over access to Thunderbird. Not without a fight, anyway.
Should Microsoft show the same kind of backbone, especially if the company is truly committed to user privacy?