Report: Microsoft helped NSA circumvent its own encryption

Microsoft says it does not give the NSA blanket access to its users' communications

Microsoft helped the U.S. National Security Agency circumvent the company's own encryption in order to conduct surveillance on email accounts through Outlook.com, according to a new report in the Guardian.

Microsoft-owned Skype also worked with U.S. intelligence agencies last year to allow them to collect video conversations through the service, according to the U.K. newspaper, citing secret documents. Microsoft also worked with the U.S. Federal Bureau of Investigation this year to allow easier access to its cloud storage service, SkyDrive, the Guardian reported.

[What's in the cards for Android 5.0]

Microsoft and Skype have both emphasized their privacy protections as a benefit of using their services. Microsoft has criticized Google's privacy practices, saying in its Scroogled campaign that Google shares personal information on the Android mobile operating system with app developers.

Skype's privacy policy reads: "Skype is committed to respecting your privacy and the confidentiality of your personal data, traffic data and communications content."

Microsoft, in a statement, said it follows "clear principles" when responding to government demands for customer information.

"First, we take our commitments to our customers and to compliance with applicable law very seriously, so we provide customer data only in response to legal processes," the company said. "Second, our compliance team examines all demands very closely, and we reject them if we believe they aren't valid. Third, we only ever comply with orders about specific accounts or identifiers, and we would not respond to the kind of blanket orders discussed in the press over the past few weeks."

Microsoft does not provide "any government with blanket or direct access to SkyDrive, Outlook.com, Skype or any Microsoft product," the company added. "There are aspects of this debate that we wish we were able to discuss more freely."

The NSA routinely shares information it collects from Prism, its email and Web communications monitoring program, with the FBI and Central Intelligence Agency, the newspaper reported. One NSA document described Prism as a "team sport," the Guardian said.

The NSA's Prism program targets Internet communications of people outside the U.S., according to recent reports in the Guardian and other outlets. The U.S. Foreign Intelligence Surveillance Court has allowed the NSA to collect mass Internet communications when NSA officials believe that there is a 51 percent chance those communications come from outside the U.S., according to news reports.

A spokesman for the U.S. Office of the Director of National Intelligence didn't immediately respond to a request for comments on the new report.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.

Editors' Picks
Join the discussion
Be the first to comment on this article. Our Commenting Policies