Microsoft ‘Closely Collaborated’ With NSA To Decrypt Messages

The latest Edward Snowden leak has shown how Microsoft worked closely with US intelligence to ensure access to encrypted messages and Skype communications was straightforward.

According to documents seen by the Guardian, Microsoft had already guaranteed the National Security Agency (NSA) access to emails and chat on Outlook.com before the website was generally released, by offering a way around its encryption.

Microsoft ‘only doing what it’s told’

Microsoft said it had to ensure agencies could access emails so that when court orders came in, the process of opening up messages was simpler.

“When we upgrade or update products we aren’t absolved from the need to comply with existing or future lawful demands,” Microsoft said.

As the tech titan has previously noted, Microsoft said it is obliged to hand over customer data to the likes of the FBI and the NSA where an order is obtained. The firm said it will only hand over information where it believes an order to be valid and would never accept “blanket orders” to hoover up numerous users’ data.

“We only ever comply with orders about specific accounts or identifiers.”

As for Skype, work began on introducing it into the PRISM programme in November 2010 before it became an official part of the data collection initiative in February 2011.

According to the leaked document, a new capability added on 14 July 2012 allowed it to triple the amount of monitoring of Skype video communications.

Even before Microsoft bought Skype in 2011, it had been claimed the world’s best-known VoIP company had worked closely with law enforcement, as part of a programme called Project Chess. Sources said a small team within Skype explored the legal and technical issues surrounding ease of access for intelligence agency snoops.

The political fallout from the Snowden revelations is not disappearing. Two French human rights groups have now filed a legal complaint against the NSA, FBI and the various technology companies said to be involved in the PRISM programme.

The International Federation for Human Rights (FIDH) and the French Human Rights League (LDH) filed their complaint with the Public Prosecutor of the Tribunal de Grande Instance of Paris. A prosecutor will have to decide whether to open a formal investigation.

The filing refers to “fraudulent access to an automated data processing system, collection of personal data by fraudulent means, wilful violation of the intimacy of the private life and the use and conservation of recordings and documents obtained through such means”.

“This blatant intrusion into individuals’ lives represents a serious threat to individual liberties and, if not stopped, may lead to the end of the rule of law,” the groups said in a joint statement.

Apparently not all tech companies willingly hand over date to NSA. Hewlett-Packard told TechWeekEurope it would fight any such request.

What do you know about Internet security? Find out with our quiz!