Microsoft defends against data sharing allegations

National Security Agency HQ

As Microsoft continue to be accused of sharing personal information following the infamous PRISM leak earlier this year, the company today released a blog post explaining their allegations and reporting that the government is stopping them from their constitutional right to share information. While awaiting the Attorney General's decision on whether they have the right to share all National Security requests they have received, Microsoft have revealed "as much information" as they currently can.

In regards to Outlook, the company has confirmed that they do not provide direct access to email messages. They affirmed that in the case of requests for information, data is reviewed, and then released, following a lengthy legal process. Similarly, all SkyDrive data is only given out following specific demands - there is no free access to users' information. They say requests are treated the same in the US as they are internationally.

Recent changes to the way Skype calls were moved around Microsoft's data centres prompted concern and doubt about the service's integrity in regard to government interference. In the post, Microsoft responded to the claims, assuring us that these changes were not made to facilitate the government, and that once again, legal requests are reviewed and treated similarly to that of Outlook and SkyDrive.

For business customers, Microsoft added emphasis on the high regard they hold for security and encryption. Microsoft often redirect the requests to customers, and allegedly never allow the government to break encryption, and never shares encryption keys.

In summary, the company stated:

Microsoft does not provide any government with direct and unfettered access to our customer’s data. Microsoft only pulls and then provides the specific data mandated by the relevant legal demand.

If we do receive approval to share more information, we’ll publish it immediately.

These announcements are a bold move in an ongoing saga over data which has ruptured the tech industry over the past few months. Clearly, all the big corporations feel violated and vulnerable to questioning, and are doing everything to protect their appearance and integrity.

Source: TechNet | Image: NSA

Report a problem with article
Previous Story

Microsoft Research uses Kinect to translate sign language

Next Story

Nokia sponsors new Windows Phone camera app dev contest

57 Comments

Commenting is disabled on this article.

If I was Microsoft, I would tell the Feds...F-Off and share whatever info people legally have a right to know, which is all of it. I mean what is the worse the feds could do, try to shut MS down? Won't happen because every corporation in the world who depends on MS would be all over the US Government. I'd take my chances. In fact of I worked at MS an knew the details, I'd go public with it like Snowden did.

NSA finished building that huge 100 zetabyte database in Utah's desert. Curious to what kind of things they're gonna store in that much space...

Izlude said,
NSA finished building that huge 100 zetabyte database in Utah's desert. Curious to what kind of things they're gonna store in that much space...
facts sgow they are pulling so much data already, they would never view it all. Its just being stored. Which is stupid. How is storing info going to help you prevent terrorism.

Lets just say someone is planning something. If you have the data but cant get to it for a decade or more, how is finding it later going to help after the terror plot has already taken place? Its stupid and a waste of taxpayer dollars.

Funny how the Feds don't have money to pay for things we need. But anything military based or based on intelligence...they seem to have an unlimited supply of cash. More borrowing and yet the stupid and uniformed complain about helpful things like Obama-care.

It doesn't make sense because it has nothing to do with terrorism, never did. It was designed for YOU and me, the citizenry. Looking at it from that perspective, it all makes perfect sense to most.

Obama care COULD have been a great thing for those that don't have health care, instead it was written by insurance companies and will end up being another cash delivery system to large corporations that you now HAVE to pay. Again, the intention never was that noble.

That's just some PR crap. I don't think Snowden exaggerated stuff.
MS doing some own ass cleaning to protect its image or due to non-disclosure stuff.

The NSA COLLECTS data and builds profiles on everyone. Most will never have any impact on their lives, but quite a few will. When (insert alphabet agency or LE here) wants to "focus" on you, they can simply pull up your profile and actually listen to your conversations, read your mail, look at your GPS info, it's absolutely the perfect way to control the masses and target individuals. Only the uber naive use the "I'm doing anything wrong" bit, plenty of people that didn't do anything wrong became government targets for whatever reason. FISA court is the definition of rubber stamping, 1 rejection a decade average. Most of the mechanisms you believe are protecting you are only there to give you a false sense of security. It's worse than 1984, much worse. You want to trust Microsoft (or any company), that's your business, I certainly don't.


National Security requests they have received

The whole thing was they were letting the NSA have access to data without a legal request so how does publishing legal requests prove anything??

exotoxic said,

The whole thing was they were letting the NSA have access to data without a legal request so how does publishing legal requests prove anything??

So exactly what would satisfy you? That's the conspiracy nut angle...all evidence presented is rejected.

I call BS. Does anyone recall this article? http://www.neowin.net/news/man...-of-private-skydrive-folder

Neowin
He claims that all of his SkyDrive files were stored in private folders, meaning that no one but him (and Microsoft, apparently) could access them.... WMPoweruser points out that this isn't the first time that Microsoft has blocked someone's Microsoft Account over what they put in their SkyDrive. Back in February, a German photographer was booted from the service after he stored four partially nude photos in a private folder.

Here's their response, from this article:

Microsoft
Microsoft does not provide any government with direct and unfettered access to our customer's data. Microsoft only pulls and then provides the specific data mandated by the relevant legal demand.

And then there's Snowden, that pesky little guy who's leaked documents that Microsoft is buddy buddy with the NSA. He says otherwise:


• Outlook.com encryption unlocked even before official launch
• Skype worked to enable Prism collection of video calls
http://www.guardian.co.uk/worl...nsa-collaboration-user-data

So we have 1 statement by a Microsoft PR rep, claiming they did nothing wrong. And in the other corner, you have... everything they did wrong. What to believe, what to believe...

greenwizard88 said,
I call BS. Does anyone recall this article? http://www.neowin.net/news/man...-of-private-skydrive-folder

Here's their response, from this article:

And then there's Snowden, that pesky little guy who's leaked documents that Microsoft is buddy buddy with the NSA. He says otherwise:http://www.guardian.co.uk/worl...nsa-collaboration-user-data

So we have 1 statement by a Microsoft PR rep, claiming they did nothing wrong. And in the other corner, you have... everything they did wrong. What to believe, what to believe...

So Microsoft having control over their servers equates to unrestricted NSA access... how?

lexp said,
The funny thing is that by law they must deny these allegations.

Yeah, and that is why any media statement made by them should be taken with an open mind.

lexp said,
The funny thing is that by law they must deny these allegations.

What law is that? Nothing in any clearance I ever had required me to lie. The answer would be the truthful, "I can't say."

Taking a logical approach, the burden of proof is on the person making the claim to prove it and there's been no evidence presented. No one is under any obligation to prove it false.

Spicoli said,
Taking a logical approach, the burden of proof is on the person making the claim to prove it and there's been no evidence presented. No one is under any obligation to prove it false.

Although Obama has admitted the existence of Prism

And do they really want to get their mitts on Snowden because he made it up!

Edited by spUrr, Jul 16 2013, 10:59pm :

Spicoli said,
Taking a logical approach, the burden of proof is on the person making the claim to prove it and there's been no evidence presented. No one is under any obligation to prove it false.

Your logic would be right in a Country without FISA courts and an aberration like the Patriot Act....

spUrr said,

Although Obama has admitted the existence of Prism

And do they really want to get their mitts on Snowden because he made it up!

I'm not aware of anyone confirming anything called PRISM. The only thing confirmed was data mining phone records and all the other claims were timed right after that so it appeared they were confirming it. It was actually a pretty clever propaganda move. Governments are getting good at using the Internet.

Spicoli said,

I'm not aware of anyone confirming anything called PRISM. The only thing confirmed was data mining phone records and all the other claims were timed right after that so it appeared they were confirming it. It was actually a pretty clever propaganda move. Governments are getting good at using the Internet.

And everybody believed that Troy was an Homer creation until Heinrich Schleiman found it......

Yes This government has always been good with misinformation.......

Spicoli said,

I'm not aware of anyone confirming anything called PRISM. The only thing confirmed was data mining phone records and all the other claims were timed right after that so it appeared they were confirming it. It was actually a pretty clever propaganda move. Governments are getting good at using the Internet.


The NSA confirmed a program named PRISM in their fact sheet, which they eventually took off of their website. http://www.scribd.com/doc/1469...SA-PRISM-Program-Fact-Sheet

Fritzly said,

Your logic would be right in a Country without FISA courts and an aberration like the Patriot Act....

Ah, the good old "Patriot Act" reference. Please give me title and section references to what you're talking about.

Fritzly said,

And everybody believed that Troy was an Homer creation until Heinrich Schleiman found it......

Yes This government has always been good with misinformation.......

Okay, was there a point somewhere? All I'm hearing is accusations yet no evidence. Logically that requires me to reject accusations.

Spicoli said,

I can fabricate a document too. A link to a real government site?

Really? You're asking for a link to a "real government site" when I stated "they eventually took [it] off of their website?"

The release of the fact sheet (and it's takedown) was pretty well-covered by the media, I'm somewhat surprised you didn't see it yourself. Anyways, basically the NSA published the fact sheet (and, yes, I did read it off of the NSA website. and, yes, it did explicitly mention "PRISM"), then silently took it off of their website. The fact sheet (and it's removal) was (as I said) well-covered by the media, here are a few examples:

http://www.theverge.com/2013/6...-issues-fact-sheet-on-prism has a portion of the letter, explicitly mentioning "PRISM"

http://www.usatoday.com/story/...cret-program-obama/2403999/ - I quote - "PRISM is not an undisclosed collection or data mining program," Clapper said in a fact sheet that accompanied his statement.

http://www.motherjones.com/moj...fact-sheet-prism-disappears

http://www.theverge.com/2013/6...-prism-inaccurate-statement - gives possible reason (request to fix an inaccuracy) and then an update saying it had been taken offline

It was also covered on the Rachel Maddow Show, if you're a fan of MSNBC


Do you need any more proof? (Most of) these are well-respected news outlets, it's highly unlikely that they would all post the same mistake and then nobody would correct them on it.

I can't believe that people actually didn't think this was already going on before now. I mean, did you seriously think that the government couldn't get your emails and such? No matter what you think, this has always happened and will continue to happen, in all countries and from all companies, get over it.

LightEco said,
I can't believe that people actually didn't think this was already going on before now. I mean, did you seriously think that the government couldn't get your emails and such? No matter what you think, this has always happened and will continue to happen, in all countries and from all companies, get over it.

Well actually the combined pressure from multiple 'trade' partners/ countries may very make some changes.Sure anyone with half a clue knew what was going on (which is why I also find it hard to believe that due to PRISM, they have thwarted some planned terror attacks[would you plan a terror attack via a system you don't own or control!?]). Of course it's all about how they did it behind everyone back(they could've secretly told their NATO partners, but they didn't.. And now governments are wondering to what extent is this occurring. The German government along with others now have a lead as to how an estimated $200 billion per year, is lost to espionage.

old Grauniad has always been an anti Microsoft house.. read anything by Charles Arthur, the man's nose is permanently glued to the you know where of Apple.

Dot Matrix said,
The Guardian is click baiting, and it's working. More NSA drama to keep up interest and clicks.

Personally I believe that things are even worse..... unless you are comfortable with drones spying over people....

Fritzly said,

Personally I believe that things are even worse..... unless you are comfortable with drones spying over people....

Police have been using helicopters for decades. Is it suddenly worse if you put the pilot on the ground?

Spicoli said,

Police have been using helicopters for decades. Is it suddenly worse if you put the pilot on the ground?

Are you really so unaware of the differences? Honestly I do not think so therefore....

Fritzly said,
Personally I believe that things are even worse..... unless you are comfortable with drones spying over people....

I kind of like the idea of being watched by drones. It's not like they're singling me out and serving me ads or something.

It's because they're called 'Drones', it makes them seem more menacing. They should totally call them "Super happy no pilot flying thing" then people would be a lot happier.

Dot Matrix said,
The Guardian is click baiting, and it's working. More NSA drama to keep up interest and clicks.
Oh noes. Did Snowden leak something about your favorite company. Of course that can't be true then.

subcld said,
i noticed heavy media focus on microsoft more than google or apple or facebook

I'm more interested in the careful decisions on when to use the word 'spying' vs. 'surveillance', one being significantly more loaded than the other.

It's not hard to trigger an emotional response from an audience with the right buzz words. People are being played like a deck of cards, and I don't mean by the government.

subcld said,
i noticed heavy media focus on microsoft more than google or apple or facebook

That's because of Snowden's leak stating that Microsoft has given NSA direct access to some of their servers.

Historically Google has been much better than Microsoft at disclosing requests they've got, and which resulted in that they handed over some data.

i think the news about government access every call and every email is extremely exaggerated. government doesn't have time and resources to read or listen to every email or phone call. that guy wanted to be famous out of nobody. neither he believes in freedom nor government read every individual email.

Na they have the time and resources sort of. If they have Access to the data 90% of it can be filtered down to what is relevant. The software / machines handling data can just do simple search's for names of people with terror records or links and keywords. These can be further filtered down also.

I am not saying the amount of data wont be huge but when filtered down it would be substantially less. If they search only through a few 100,000 of these a day and only catch 1 person thats better than doing nothing and allowing loads of crap to happen and carry on.

I feel cheated they didn't just say they were doing it, I personally have nothing to hide and don't really care if they spy on me as long as they dont go viewing my webcam while i sleep / have sex im fine with it.

Absolutely. The NSA could have controlled the uproar by publishing a detailed and understandable description of PRISM when it first started. There still would have been fallout, but it would have been on a much smaller scale, especially as at the time the internet was nothing like what it is today.

THey surely don't have time... but I as a PhD student can tell you something: There are algorithms to narrow the search from millions to hundreds, and they are quite impressive, do you want an example? how do you think google gives you the search results... considering they have millions of webpages indexed.

NathanLiu said,
Absolutely. The NSA could have controlled the uproar by publishing a detailed and understandable description of PRISM when it first started. There still would have been fallout, but it would have been on a much smaller scale, especially as at the time the internet was nothing like what it is today.

That never would have happened, the NSA tell people exactly how it collects data, so then all the bad guys they're looking for now how to go around it and avoid it? You don't think that would be worse?

I also agree that it's overblown at this point. This whole notion that they have hooks and backdoors into every online service in the US? I don't think that's the case, and while there is systems to filter through large data sets that's being collected you can't keep up with the shear scale of it all. The NSAs budget is documented and it's not really that big. I haven't looked it up in quite some time but I believe it's something like $1billion or so last I heard. With the rate companies like FB, Google, MS and so on keep adding and beefing up their own datacenters and collect data more and more each minute there's just so much the NSA can keep up with. And you have to remember they're not just looking at what's on these services, there's phone calls from land lines, cellphones, things going through satellites. I really don't think they're collecting as much data as people think they are.

GP007 said,

That never would have happened, the NSA tell people exactly how it collects data, so then all the bad guys they're looking for now how to go around it and avoid it? You don't think that would be worse?

I also agree that it's overblown at this point. This whole notion that they have hooks and backdoors into every online service in the US? I don't think that's the case, and while there is systems to filter through large data sets that's being collected you can't keep up with the shear scale of it all. The NSAs budget is documented and it's not really that big. I haven't looked it up in quite some time but I believe it's something like $1billion or so last I heard. With the rate companies like FB, Google, MS and so on keep adding and beefing up their own datacenters and collect data more and more each minute there's just so much the NSA can keep up with. And you have to remember they're not just looking at what's on these services, there's phone calls from land lines, cellphones, things going through satellites. I really don't think they're collecting as much data as people think they are.

Have you ever wondered why you find in the budgets entries like hundreds of dollars for a toilet etc. etc.? because that is the way to pull money in black ops and agencies like the NSA.
Besides:
http://money.cnn.com/2013/06/0...urveillance-cost/index.html#

Arceles said,
THey surely don't have time... but I as a PhD student can tell you something: There are algorithms to narrow the search from millions to hundreds, and they are quite impressive, do you want an example? how do you think google gives you the search results... considering they have millions of webpages indexed.

True, they definitely leave the majority of work to technology, which is why I find their statements hard to believe... "All data" is filtered, and supposedly at the hardware layer(i.e. In the server room, although makes more sense at the telco itself); any suspicious content would then be flagged for further review by personnel;Same as what occurs at an echelon station.

I think back 3 out 4 years ago when Microsoft updated their EULA.I wouldn't be surprised if things started to happen around then.

S3P€hR said,
i think the news about government access every call and every email is extremely exaggerated. government doesn't have time and resources to read or listen to every email or phone call. that guy wanted to be famous out of nobody. neither he believes in freedom nor government read every individual email.

If you actually believe that, then it's what the NSA are counting on; the continued ignorance of the population so they can continue their dirty work.

After everything that has been brought to light over the last several weeks, anyone who turns a blind eye to this and claims "oh they can look into my stuff as much as I want, I have nothing to hide" or "the government would never do something like this, I believe in my democracy" is an accomplice to this violation of your basic constitutional rights and freedoms, and deserves whatever storm they bring down on themselves from the likes of the NSA and CIA.

The story of the toilet and the screwdriver were accurate and true; this has always been the way to create black funds.... in the private and public sector...

Fritzly said,
The story of the toilet and the screwdriver were accurate and true; this has always been the way to create black funds.... in the private and public sector...

If you're going to stand by something being accurate and true when it's more commonly understood as a joke in a movie, you'd better have more than your own word to back it up. You don't want to come across as just-another-tinfoil-hat.

Arceles said,
THey surely don't have time... but I as a PhD student can tell you something: There are algorithms to narrow the search from millions to hundreds, and they are quite impressive, do you want an example? how do you think google gives you the search results... considering they have millions of webpages indexed.

There are impressive algorithms out there, and they can narrow data down significantly, but what they can't do is create something out of nothing. That is, no algorithm can determine the content of a conversation from metadata alone.

These systems exist to raise flags, not to expose detail. Detail is wasteful and dramatically more difficult to process. Contrary to what that guy shouting into the post office trash can down the street says, the government doesn't have alien technology ahead of its time, letting it monitor our every heartbeat.

Detail is also monstrously boring. For all that people feel offended by being watched, you'd think they thought their lives were somehow original enough and interesting enough to merit somebody else's attention. Data scientists know this, analysts know this. Everybody who would ever actually work with data and algorithms know this. It's just the terrified, paranoid, next-gen conservatives who, knowing absolutely nothing about the technology behind their fears, fear it all the more.

-=MagMan=- said,

If you actually believe that, then it's what the NSA are counting on; the continued ignorance of the population so they can continue their dirty work.

After everything that has been brought to light over the last several weeks, anyone who turns a blind eye to this and claims "oh they can look into my stuff as much as I want, I have nothing to hide" or "the government would never do something like this, I believe in my democracy" is an accomplice to this violation of your basic constitutional rights and freedoms, and deserves whatever storm they bring down on themselves from the likes of the NSA and CIA.


so you really believe that guy liked american people!!!? and yet escaped to china and russia that are both probably top on list of spying their own citizens. china is for sure number one. if you believe any diverse country who is not spying on people think twice. this is what they do. my point is there is billions of email and phone calls every hour. how they can listen or read all of them? or may be they just do spy on immigrants which is fine to me.

Joshie said,

If you're going to stand by something being accurate and true when it's more commonly understood as a joke in a movie, you'd better have more than your own word to back it up. You don't want to come across as just-another-tinfoil-hat.

Intelligent people always complete their homework before making a statement; others do not..... and expose themselves for what they are....

http://news.cnet.com/2009-1009_3-5404307.html

Fritzly said,

Intelligent people always complete their homework before making a statement; others do not..... and expose themselves for what they are....

http://news.cnet.com/2009-1009_3-5404307.html


But you didn't actually complete your homework. A little poking around turns up far more detail--and the devil is always in the details.

Remember, anything that makes a great headline is most likely being misrepresented.

http://www.washingtonpost.com/...11/05/19/AGoGKHMH_blog.html

http://www.govexec.com/federal...yth-of-the-600-hammer/5271/

The requirement to equally distribute the total overhead across all expenses equally is more believable and explains the line items in your own link, where it's clear that the hammer itself was still just a few dollars buried under an overhead that the article didn't care to investigate.

Now I've given you a plausible explanation. You have a choice between acknowledging it or sticking to a belief with no substantial evidence at all, backed only by common suspicions of agencies with authority.

Joshie said,

But you didn't actually complete your homework. A little poking around turns up far more detail--and the devil is always in the details.

Remember, anything that makes a great headline is most likely being misrepresented.

http://www.washingtonpost.com/...11/05/19/AGoGKHMH_blog.html

http://www.govexec.com/federal...yth-of-the-600-hammer/5271/

The requirement to equally distribute the total overhead across all expenses equally is more believable and explains the line items in your own link, where it's clear that the hammer itself was still just a few dollars buried under an overhead that the article didn't care to investigate.

Now I've given you a plausible explanation. You have a choice between acknowledging it or sticking to a belief with no substantial evidence at all, backed only by common suspicions of agencies with authority.

Not really:

http://www.pogo.org/our-work/t...y/2002/ns-wds-20021108.html