We all know companies like Microsoft, Google, Apple, Facebook and others, have been sharing information with the authorities in the US for quite some time, but now it’s come to light that Microsoft even allowed the NSA to record video conversations people were having using the VOIP service, Skype.
This might seem like not such a big deal, since one of Skype’s more attractive features is its encryption. Indeed Skype’s own website says: “All Skype-to-Skype voice, video, and instant message conversations are encrypted. This protects you from potential eavesdropping by malicious users.” The encryption is described as being a high level, 256bit encryption, the same sort used by the “US Government to protect sensitive information.” How ironic.
According to the Guardian’s newly discovered documents, Microsoft aided the NSA in getting past its own encryption, so that chat and video calls could be recorded. It also allowed the government organisation to bypass encryption on the Outlook email platform.
On top of that, it also purportedly worked with the FBI in order to give better access to services like Skydrive.
All of this came about some time in mid 2012, when Microsoft began testing new privacy features on its Outlook platform. The NSA apparently became concerned that it wouldn’t be able to dip its hand into the information cookie jar and come out with a handful of personal information on people, including conversation logs and live recordings. Fortunately, Microsoft was willing to cooperate and before releasing the new protective features into the wild, it made sure the NSA could bypass them.
Skype though? That’s been part of PRISM for over two years. Work began on bringing it under the PRISM umbrella back in 2010, but it took until early 2011 to implement it properly. Not only has the NSA been able to record all metadata from Skype conversations and video calls since February 2011, but it’s been able to record all content as well.
Microsoft’s response was somewhat typical: overly wordy and full of ass covering measures. “We have clear principles which guide the response across our entire company to government demands for customer information for both law enforcement and national security issues,” reads the statement. “First, we take our commitments to our customers and to compliance with applicable law very seriously, so we provide customer data only in response to legal processes.”
It did however say that it wasn’t involved in any blanket information gathering, that the only data it sent to the NSA was on individual requests on individual accounts/people.
Towards the end, it’s clear that Microsoft wished it could be more open with the activities too, something that a lot of tech firms have been lobbying the Obama administration to allow them to do.
“Finally when we upgrade or update products legal obligations may in some circumstances require that we maintain the ability to provide information in response to a law enforcement or national security request. There are aspects of this debate that we wish we were able to discuss more freely. That’s why we’ve argued for additional transparency that would help everyone understand and debate these important issues.”
KitGuru Says: Well, I think this will finally end my 10 year run of using Skype. It’s a shame as it was always such a good service. To TeamSpeak!