“We are taking steps to ensure governments use legal process rather than technological brute force to access customer data.”
Following the lead of tech companies such as Google and most recently, Yahoo, Microsoft is expanding encryption across its services. The software giant also says it will reinforce legal protections for user data, vowing transparency regarding legal orders and saying it will fight gag orders. Also on the transparency front, Microsoft said it will open its source code so its users can be assured “there are no back doors.” Among the early implications from reports based on the Edward Snowden leaks was that tech companies were granting the NSA direct access to user data, something the companies have denied.
Some see Microsoft’s moves as too little, too late. And as we wrote over the summer, Microsoft reportedly helped the NSA get around the company’s own encryption to enable access to Web chats and more. The Guardian reported that the NSA then shared the information with the CIA and the FBI. Microsoft reiterated that it only complies with the government when legally required, and that it did not “respond to blanket orders.”
In Wednesday’s blog post, Smith said Microsoft is “especially alarmed” by recent reports about government surveillance. “Government snooping potentially now constitutes an ‘advanced persistent threat,’ alongside sophisticated malware and cyberattacks,” he wrote.
Smith was referring to a report based on the Snowden leaks that said the NSA was tapping into Google and Yahoo’s data centers without the companies’ knowledge. “The idea that the government may be hacking into corporate data centers was a bit like an earthquake, sending shock waves across the tech sector,” Smith told the New York Times’ Bits blog.
The Microsoft encryption announcement comes on the heels of the latest revelation from the Snowden leaks: that the NSA is tracking cellphone locations around the world, the Washington Post reported Wednesday.
Photo of Microsoft logo from Reuters archives