Microsoft Petitions US Attorney General For Permission To Disclose Information on Data Requests
The company's new letter to Eric Holder states:
When the Department and FBI denied our requests to share more information, we went to the Foreign Intelligence Surveillance Court (FISC) on June 19 to seek relief. Almost a month later, the Government is still considering its response to our motion.We fully agree with Microsoft's goal and its desire to share more information with US citizens regarding how data is shared with the United States government and the ways in which data sharing can be triggered. We believe US citizens have a right to know the circumstances in which their information may be shared with the government and what the government can and cannot do with that data. The idea that such information constitutes an automatic breach of national security is absurd; it's absolutely possible to discuss issues of liberty, privacy, and anonymity without asking the government to disclose the specific facts of a given investigation.
Last week we requested official permission to publicly explain practices that are the subject of newly-leaked documents that refer to Microsoft and have now been misinterpreted in news stories around the world. This request was rejected. While we understand that various government agencies are trying to reach a decision on these issues, this has been the response for weeks. In the meantime, the practical result of this indecision is continued refusals to allow us to share more information with the public.
But Microsoft has gone farther than simply asking the government to hurry up and rule on its petition -- it's also issued a series of clarifying remarks regarding its relationship with the NSA.
The NSA headquarters building
Microsoft refutes some of the Guardian's claims strongly. It insists it does not provide encryption keys or access to Outlook's encryption mechanisms, and that the government must petition MS to provide information via the legal process. Similarly, it insists that "we still require governments to follow legal processes when requesting customer data" as it regards SkyDrive.Skype is by far the most interesting item on the list. Microsoft states that it's committed to Skype privacy, but notes that "e, it is clear that governments will have an interest in using (or establishing) legal powers to secure access to this kind of content to investigate crimes or tackle terrorism. We therefore assume that all calls, whether over the Internet or by fixed line or mobile phone, will offer similar levels of privacy and security."
Frantic Damage Control:
Skype was already integrated into PRISM before Microsoft bought the company, but that doesn't explain Microsoft's patent on silently recording communications and redirecting it mid-flight to ensure it reaches a third party (granted June 23, 2011). It doesn't explain why, just a few months ago, Microsoft released a privacy report in which it claimed to have turned over zero Skype wiretaps. It doesn't explain why the NSA has been rather gleeful in describing the quality of intercepted data or in referred to the data sharing program as a "team sport." The reason Microsoft is trying to dodge behind this with rhetoric is because it can't explain those facts without royally alienating people. When Mark Gillet took to the Skype blog last year to denounce journalists who questioned the service's encryption and security, he must've been praying that no one would ever find out the truth.
Microsoft repeatedly states that the government is required to follow "legal processes" to access its data, presumably in the hope that you're all rather dim. "Follow legal processes" means exactly nothing if the legal processes are streamlined to guarantee immediate ease of access for the parties in question. "Legal processes" could mean "Drop us an email once a month with the accounts you want so we can get them ready for you." It most certainly does not mean Microsoft was standing up for anyone.
But ultimately, the real problem here is Skype. Microsoft went to great pains to cultivate the illusion that Skype was private or secure while the NSA is thrilled to have access to it and boasting on the topic. It boasted that it turned over no data from Skype in 2012 -- a claim that's absolutely false. Nothing in Microsoft's latest statements proves the Guardian is wrong. Everybody had to hop in bed with the NSA and Prism -- Redmond had no choice on that -- but some companies clearly got a whole lot chummier than others.