Microsoft’s Surveillance Collaboration: Voluntary Aid, or New Legal Tactic?
In July of last year, Microsoft began publicly testing an online e-mail and chat service called Outlook.com. Soon afterward, according to the British newspaper the Guardian, the company reengineered it in a way that allowed the National Security Agency’s PRISM surveillance program collect chat data before it was encrypted.
Privacy campaigners and surveillance experts are now pondering whether Microsoft’s actions were forced by a previously unknown legal tactic, or whether the company voluntarily made the changes to aid surveillance. The Guardian report marks the first time that a major Internet company has been described to have modified its systems to enable government surveillance, as opposed to simply providing access to data it already held....
...In its statement Thursday, Microsoft hinted that some of its actions were made under legal duress. It said that “when we upgrade or update products legal obligations may in some circumstances require that we maintain the ability to provide information in response to a law enforcement or national security request.”...
Timeline: How the World Was Misled About Government Skype Eavesdropping
...All of these details provide significant insight into how the NSA is able to monitor Skype video and audio chats, shedding light on the likely reason why the company refused to answer questions last year about its eavesdropping capabilities. In 2008, Skype was happy to go on record saying that it could not monitor chats due to its encryption, but that policy clearly changed after the PRISM cooperation began in 2011.
In addition, the documents revealed by Snowden call into question false public statements made by Microsoft regarding Skype and its security. The standout example of this is the claim in its transparency report that it handed over the content of zero Skype communications in 2012. But the company also deceptively stated in its transparency report that calls made between Skype-Skype users were encrypted peer-to-peer, as I noted last month, implying that they did not pass through Microsoft’s central servers and could not be eavesdropped on. Indeed, prior to the disclosure of the secret NSA documents, Skype’s Mark Gillett even had the audacity to accuse journalists raising questions about its eavesdropping capabilities (including me) of misleading Skype users about “our approach to user security and privacy.”...
