Microsoft is said to have given the US National Security Agency access to its users’ Skype calls, Outlook emails and SkyDrive contents for the past three years. A new report based on leaked documents suggests that the company offered the data as part of a US government surveillance initiative called Prism.
The Guardian’s report is said to be derived from ‘top-secret documents’ acquired by the paper, that suggest the private information and conversations of the public were shared between Microsoft, US intelligence firms and a number of Silicon Valley companies.
Documents provided by an informant show that Microsoft helped the NSA bypass certain encryption measures, allowing the firm to monitor Outlook.com web chats, and that the surveillance agency had pre-encryption access to Outlook and Hotmail messages.
In one document, the routine sharing of collected data through Prism with the CIA, FBI, NSA and other authorities was referred to as a “team sport”.
It is also claimed that Microsoft worked with the FBI and NSA to allow access to the company’s cloud-based SkyDrive service, and the contents of user accounts. The FBI also worked with Microsoft to better understand the creation ad use of Outlook email aliases.
In July, the NSA is said to have boasted that new capabilites had allowed it to triple the amount of Skype calls it was collecting as part of the Prism initiative.
The leaked documents come at a time where Silicon Valley companies are said to be at odds with the Obama administration, and are urging congress to allow them freedom to disclose the extent of their data capture and cooperation with the NSA, in order to ease privacy concerns. Executives in several tech companies have suggested that this collaboration with the NSA is driven through what the Guardian calls ‘legal compulsion’.
In a statement, Microsoft said, “When we upgrade or update products we aren’t absolved from the need to comply with existing or future lawful demands.” It stressed that it discloses customer data with agencies like the NSA, “only in response to government demands and we only ever comply with orders for requests about specific accounts or identifiers”.
If you want the full story – and there is a lot more to say – check out the Guardian’s report on the matter here.