Microsoft hits out at NSA reports and Obama Justice department

Software giant Microsoft says NSA leak reports have overstated the level of access given to the US government of customers' data, but also complains the Justice Department is acting contrary to the First Amendment.

|
Bogdan Cristel/Reuters
The Microsoft logo is seen at their offices in Bucharest, Romania, March 20, 2013.

Microsoft Corp. says it's been getting a raw deal, subject to what it complains are exaggerations of its compliance with US government data collection deals but also bound by a gag order from the Obama Justice Department that prevents it from fully defending itself.

The Guardian reported on July 11, citing files provided by former National Security Agency (NSA) contractor Edward Snowden, that "Microsoft has collaborated closely with US intelligence services to allow users' communications to be intercepted, including helping the National Security Agency to circumvent the company's own encryption."

The paper reported that Microsoft "helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal"; that the agency "already had pre-encryption stage access to email on Outlook.com, including Hotmail;" and that Microsoft "worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide."

Hogwash, says Microsoft General Counsel Brad Smith in a blog post released on a company website yesterday.

In a letter to Attorney General Eric Holder also sent yesterday, Mr. Smith complained that the government has been slow to respond to requests by Microsoft and other companies mentioned in stories connected to Mr. Snowden's leaks that they be allowed to publicly address the nature and extent of their cooperation with the government. "In my opinion, these issues are languishing amidst discussions among multiple parts of the Government, the Constitution itself is suffering, and it will take the personal involvement of you or the President to set things right," Smith wrote to Mr. Holder.

In his blog, Smith complains "there are significant inaccuracies in the interpretations of leaked government documents reported in the media last week. We have asked the Government again for permission to discuss the issues raised by these new documents, and our request was denied by government lawyers." 

He then goes on to disclose what he can. He writes: "We do not provide any government with direct access to emails or instant messages. Full stop." He writes that Microsoft provides access to information only in response to court orders and warrants, that it has not given the US or any other government access to its encryption keys or a means to break its encryption, and that "we do not provide any government with the technical capability to access user content directly or by itself. Instead, governments must continue to rely on legal process to seek from us specified information about identified account."

This doesn't necessarily mean one or the other side is wrong or lying on all of this. For instance, the Guardian wrote that the NSA "already had pre-encryption stage access to email on Outlook.com, including Hotmail." It could theoretically have that access without any help from Microsoft, and Smith does not categorically state what the NSA might have access to – just what Microsoft has or hasn't done.

Likewise with this claim in the Guardian article: "In July last year, nine months after Microsoft bought Skype, the NSA boasted that a new capability had tripled the amount of Skype video calls being collected through Prism (a US government data collection and analysis program)." It's certainly possible that NSA's "new capability" was created without the help or knowledge of Microsoft. Smith certainly doesn't rule it out.

"All of us now live in a world in which companies and government agencies are using big data, and it would be a mistake to assume this somehow is confined to the United States," he writes. "Agencies likely obtain this information from a variety of sources and in a variety of ways, but if they seek customer data from Microsoft they must follow legal processes."

But Smith rejects the assertion of closer collaboration made in the Guardian article. He writes:

Cutting through the technical details, all of the information in the recent leaked government documents adds up to two things. First, while we did discuss legal compliance requirements with the government as reported last week, in none of these discussions did Microsoft provide or agree to provide any government with direct access to user content or the ability to break our encryption. Second, these discussions were instead about how Microsoft would meet its continuing obligation to comply with the law by providing specific information in response to lawful government orders.

What does Microsoft want to share publicly that it says the Obama justice department is preventing? I'd sure like to know. Smith strongly implies that it's important, and relevant. And while the company disagrees with some of the assertions made by Snowden and the Guardian, they're in agreement with Snowden that something unconstitutional is going on. Smith concludes:

"The world needs a more open and public discussion of these practices. While the debate should focus on the practices of all governments, it should start with practices in the United States. In part, this is an obvious reflection of the most recent stories in the news. It’s also a reflection of something more timeless. The United States has been a role model by guaranteeing a Constitutional right to free speech. We want to exercise that right. With U.S. Government lawyers stopping us from sharing more information with the public, we need the Attorney General to uphold the Constitution."

And this gets to the heart of the matter stemming from the Snowden revelations. There has been a proliferation of secret warrants and secret orders in the past decade, many from the Foreign Intelligence Surveillance Court, whose rules require secrecy compliance from private companies and individuals.

Snowden with his leaks has basically argued that the government's mantra of "trust us" is overblown. Now Microsoft, albeit for different reasons, is saying the same.

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to Microsoft hits out at NSA reports and Obama Justice department
Read this article in
https://www.csmonitor.com/World/Security-Watch/Backchannels/2013/0717/Microsoft-hits-out-at-NSA-reports-and-Obama-Justice-department
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe