In response to recent allegations that the company helped the NSA access private emails and Skype video calls, Microsoft General Counsel Brad Smith says in a blog post that "we do not provide any government with direct access to emails or instant messages. Full stop." In order to dispel the allegations against it, Microsoft has asked the US Attorney General to "personally take action" to allow the company to share information about how it handles requests for customer information — requests that are made in secret under sealed "National Security Letters."
Until the Attorney General responds, Microsoft says it wants to share as much information as possible, and that "there are significant inaccuracies" in reports alleging that the company hands user data to the government. "We do not provide any government with the ability to break the encryption, nor do we provide the government with the encryption keys," Smith says. "When we are legally obligated to comply with demands, we pull the specified content from our servers where it sits in an unencrypted state, and then we provide it to the government agency."
"We do not provide any government with the ability to break encryption."
Since details about the government's data collection program under PRISM were leaked in June, Microsoft and other major tech companies have asked the US to relax secrecy around data collection. Currently, the government prevents these companies from detailing secret national security requests, even including the number of requests they receive.
We do not provide any government with the ability to break the encryption, nor do we provide the government with the encryption keys.— Brad Smith (@BradSmi) July 16, 2013
Smith says that while Microsoft discussed legal compliance requirements with the government, "in none of these discussions did Microsoft provide or agree to provide any government with direct access to user content or the ability to break our encryption." The subject of "direct access" has been a major point of confusion, with initial reports about PRISM indicating that the NSA may have an intimate relationship with Microsoft, Google, Yahoo, Apple, and other companies that host large quantities of private user data.
In the same vein as other challenges to secrecy in national security requests, Microsoft is making a constitutional appeal. "We believe the US constitution guarantees our freedom to share more information with the public, yet the government is stopping us," Smith writes. "With US government lawyers stopping us from sharing more information with the public, we need the Attorney General to uphold the constitution."
"In short, when governments seek information from Microsoft relating to customers, we strive to be principled, limited in what we disclose, and committed to transparency," Smith writes. "Agencies likely obtain this information from a variety of sources and in a variety of ways, but if they seek customer data from Microsoft they must follow legal processes." Unfortunately, when even the legal processes behind federal surveillance are kept hidden from the public by a government obsessed with secrecy, we'll have to continue to take the government — and Microsoft — at their word.