The Latest Leaks Contradict Claims Made In Microsoft's Own 'Law Enforcement Requests Report'

from the protecting-your-privacy-except-for-these-large-exceptions dept

The Guardian's recent revelations of Microsoft's very cozy "teamwork" with the NSA and FBI rendered many of the software giant's statements on privacy completely hollow. Among the details leaked was the surprising amount of access to Skype Microsoft provided to these agencies.

One document boasts that Prism monitoring of Skype video production has roughly tripled since a new capability was added on 14 July 2012. "The audio portions of these sessions have been processed correctly all along, but without the accompanying video. Now, analysts will have the complete 'picture'," it says.

Eight months before being bought by Microsoft, Skype joined the Prism program in February 2011.

According to the NSA documents, work had begun on smoothly integrating Skype into Prism in November 2010, but it was not until 4 February 2011 that the company was served with a directive to comply signed by the attorney general.

The NSA was able to start tasking Skype communications the following day, and collection began on 6 February. "Feedback indicated that a collected Skype call was very clear and the metadata looked complete," the document stated, praising the co-operation between NSA teams and the FBI. "Collaborative teamwork was the key to the successful addition of another provider to the Prism system."
This document seems to contradict Microsoft's statement on Skype in March of this year in its 2012 Law Enforcement Requests Report.
Skype received 4,713 requests from law enforcement. Those requests impacted 15,409 accounts or other identifiers, such as a PSTN number. Skype produced no content in response to these requests, but did provide non-content data, such as a SkypeID, name, email account, billing information and call detail records if a user subscribed to the Skype In/Online service, which connects to a telephone number.
[All emphasis in the original.]

Perhaps "producing content" means something different to Microsoft than it does the NSA, or the general public for that matter. The leaked documents state "Skype video production has roughly tripled since July 2012" with the agent noting they've been collecting audio all along.

No doubt this discrepancy will be greeted with a semantic discussion, involving different ways of interpreting words like "producing" or "content." Perhaps Microsoft feels providing direct access isn't the same as "producing content." Or maybe Microsoft means it just hasn't produced content for law enforcement, and anything given to the FBI falls outside of its definition of that term. But if the FBI's requests are considered to be outside the definition of "law enforcement," Microsoft confuses the issue early in its report by referring to content disclosed to governments.
It’s insightful, I believe, to look at the governments to whom customer content was disclosed. Of the 1,558 disclosures of customer content, more than 99 percent were in response to lawful warrants from courts in the United States. In fact, there were only 14 disclosures of customer content to governments outside the United States. These were to governments in Brazil, Ireland, Canada and New Zealand.
Obviously, Microsoft isn't allowed to discuss much of its work with the NSA and the FBI, but the disclosure here makes it sound as if it's safeguarding the privacy of Skype users, when in reality it's simply holding the door open for the feds.



Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    Ninja (profile), Jul 12th, 2013 @ 8:08am

    Microsoft contracts and deals with Governments are probably at risk now...

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Jul 12th, 2013 @ 8:50am

    Re:

    Microsofts contracts and deals with EVERYONE are probably at risk now...

     

    reply to this | link to this | view in thread ]

  3.  
    icon
    Baldaur Regis (profile), Jul 12th, 2013 @ 8:54am

    Perhaps "producing content" means something different to Microsoft than it does the NSA, or the general public for that matter.
    Can't wait to hear their definitions of "audio" and "video" and how these things are just metadata.

     

    reply to this | link to this | view in thread ]

  4. This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Jul 12th, 2013 @ 9:04am

    YEAH, and Google is lying TOO.

    You keep omitting all mention of the NSA's MAJOR source, so often that it's laughable.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Lord Binky, Jul 12th, 2013 @ 9:08am

    Re: YEAH, and Google is lying TOO.

    Are you sure it's the NSA's MAJOR source.... or is the Russian's MAJOR source....Shit, I've been infected by with OOTB1. Help me!

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Lord Binky, Jul 12th, 2013 @ 9:10am

    Re:

    Don't worry, there's little difference, they are all just bits.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Anonymous Coward, Jul 12th, 2013 @ 9:21am

    Yeah, Microsoft. Not.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Jul 12th, 2013 @ 9:22am

    I find this rather shocking. And I'm not easily shocked!

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anonymous Coward, Jul 12th, 2013 @ 9:27am

    99 percent? Where else do you see that kind of "efficiency" and so few mistakes?

    I'll tell you where - NOWHERE. The less than 1 percent is just so it doesn't seem like Microsoft is giving them COMPLETE CONTROL and access, but that's exactly what they're doing.

     

    reply to this | link to this | view in thread ]

  10.  
    icon
    Ninja (profile), Jul 12th, 2013 @ 9:27am

    Re: Re:

    I think the general public won't flock away as easily but Governments? I mean, with Microsoft you would be clearly at risk of being a victim of espionage whereas open software would provide easy scrutiny...

     

    reply to this | link to this | view in thread ]

  11.  
    icon
    Christopher Weigel (profile), Jul 12th, 2013 @ 9:36am

    Well, technically, if they just hand the data over, they're not "responding to a request"...

     

    reply to this | link to this | view in thread ]

  12.  
    icon
    Baldaur Regis (profile), Jul 12th, 2013 @ 9:46am

    Re:

    Now that's a very good point. From the article: Skype received 4,713 requests from law enforcement. Does MS consider the NSA 'law enforcement'?

     

    reply to this | link to this | view in thread ]

  13.  
    icon
    Christopher Weigel (profile), Jul 12th, 2013 @ 9:53am

    Re: Re:

    Or do they just count the one "give us everything" order as one single request?

     

    reply to this | link to this | view in thread ]

  14.  
    icon
    Internet Zen Master (profile), Jul 12th, 2013 @ 9:54am

    In Microsoft's defense

    This is the kind of thing that happens when companies aren't allowed to disclose their dealings with the federal government. They're forced to lie to their customers about things like consumer privacy as a result or face the government's wrath.

    And sadly, even if Skype had never been bought by Microsoft in the first place, it was already participating in the PRISM program (having joined the program 8 months prior to its acquisition by Microsoft).

     

    reply to this | link to this | view in thread ]

  15.  
    icon
    lucidrenegade (profile), Jul 12th, 2013 @ 9:59am

    Re: YEAH, and Google is lying TOO.

    Come on OOTB, everyone knows you have a picture of Larry Page in your spank bank.

     

    reply to this | link to this | view in thread ]

  16.  
    icon
    Baldaur Regis (profile), Jul 12th, 2013 @ 10:16am

    This is the kind of thing that happens when U.S.companies aren't allowed to disclose their dealings with the federal government.

    Which begs the question: Is a stateless corporation possible? What would it look like? Do you have to be a criminal if you prefer to work without government oversight?

     

    reply to this | link to this | view in thread ]

  17.  
    icon
    Squirrel Brains (profile), Jul 12th, 2013 @ 10:34am

    Now there can be dueling "Scroogled" and "Microshafted" campaigns.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Anonymous Coward, Jul 12th, 2013 @ 10:42am

    Re: Re: Re:

    Yep. Microsoft have just become the largest incentive for governments to change to Linux and other FLOSS items.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Anonymous Coward, Jul 12th, 2013 @ 10:42am

    Re: Re:

    Does MS consider the NSA 'law enforcement'?

    Kinect cannot discriminate between law enforcement and rogue policy makers.

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Anonymous Coward, Jul 12th, 2013 @ 11:00am

    there isn't one 'social network' service that isn't tied to the USA law enforcement of one sort or another. the shameful thing is, that if any of the services were to deny access, they would be hauled into court on some trumped up charges or other. the really shameful thing is that law enforcement has not only been using these services but are allowed to use them for their own nefarious purposes! how can any court, any government truly expect the people to accept this practice? they are talking, perfectly innocently in 99% of cases, about ordinary daily, mundane things and some arsehole god know's where in some bunker equally god know's where is listening in ,just in case one might say something that means absolutely nothing but gives law enforcement the chance to raid a house, arrest some kid and haul them off to prison. keep them locked up for months on bail that there isn't a hope in hell of any ordinary family being able to raise, and all because some idiot wants to get a win under their belt, like with Arron, God rest him! what sort of country is this? who in their right mind wants to live under a regime like this?

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Stubby, Jul 12th, 2013 @ 11:20am

    Re: In Microsoft's defense

    "And sadly, even if Skype had never been bought by Microsoft in the first place, it was already participating in the PRISM program (having joined the program 8 months prior to its acquisition by Microsoft)."

    And this fact was not unbeknownst to Microsoft, who purchased it regardless.

     

    reply to this | link to this | view in thread ]

  22.  
    icon
    Ninja (profile), Jul 12th, 2013 @ 11:28am

    Re:

    I'm trying to find something to joke with Apple here and amusingly one synonym for wiretap in Portuguese is "grampo" which translates literally to English as "staple" (as in your communications were stapled). So could we consider a "Sappled" campaign as the 3rd contestant?

    I personally giggled while going through this thought process =/

     

    reply to this | link to this | view in thread ]

  23.  
    icon
    Ninja (profile), Jul 12th, 2013 @ 11:30am

    Re: Re: YEAH, and Google is lying TOO.

    "Come on OOTB, everyone knows you have a picture of Larry Page naked in your spank bank."

    FTFY. Further jokes involving spanking are intended.

     

    reply to this | link to this | view in thread ]

  24.  
    icon
    Internet Zen Master (profile), Jul 12th, 2013 @ 11:50am

    Re: Re: In Microsoft's defense

    And why wouldn't Microsoft buy Skype? It's one of the most (if not most) recognized brands in the VoIP market. I mean, why bother creating your own product when you can just BUY the best product in the market and add it to your collection of products? Business-wise it made perfect sense, participation in a privacy-violating program like PRISM be damned.

     

    reply to this | link to this | view in thread ]

  25.  
    icon
    Hephaestus (profile), Jul 12th, 2013 @ 12:41pm

    Re: In Microsoft's defense

    An interesting thought. If they lied to the public wouldn't that mean that they have violated SEC regulations?

    That is unless there is a secret interpretation of SEC regulations that the public isn't allowed to know about.

     

    reply to this | link to this | view in thread ]

  26.  
    icon
    Hephaestus (profile), Jul 12th, 2013 @ 12:43pm

    Re: Re: In Microsoft's defense

    You know this would make a really neat shareholder lawsuit against Microsoft and every other company involved in PRISM.

     

    reply to this | link to this | view in thread ]

  27.  
    icon
    Vic B (profile), Jul 12th, 2013 @ 1:39pm

    ... and we prevent Chinese companies from purchasing US communication companies on "national security" grounds...

     

    reply to this | link to this | view in thread ]

  28.  
    identicon
    Anonymous Coward, Jul 12th, 2013 @ 1:51pm

    Re:

    Corporations are people until it is inconvenient for governments.

     

    reply to this | link to this | view in thread ]

  29.  
    identicon
    Rekrul, Jul 12th, 2013 @ 2:27pm

    This wouldn't be nearly as easy to do if people didn't insist on convenience over security.

    The only reason every Skype user needs an account is so that the main server can track IP addresses and match them up with names, so that when you tell it to "call" one of your contacts, it knows what IP address to use. This lets the company easily track all calls.

    A secure VOIP app, besides using strong public-key encryption, would require the user to directly enter the IP address of the person they want to contact, and then would connect directly to that address. To do this, the program could use one of the publicly available sites that return your IP address when you access them to tell the user what IP address to give to their friend. Of course, this would require that one person send an email to the other with the IP address to use, if it's changed from the last time they talked, but there wouldn't be one central organization that could track where and when each call was made.

     

    reply to this | link to this | view in thread ]

  30.  
    identicon
    Anonymous Coward, Jul 12th, 2013 @ 2:32pm

    Re:

    Are you kidding? They've utterly whored themselves out to them. The government is the only place they're safe.

     

    reply to this | link to this | view in thread ]

  31.  
    identicon
    Anonymous, Jul 12th, 2013 @ 3:29pm

    Re: Re: In Microsoft's defense

    I've never used Skype. Never trusted it. Now look.
    I never trusted or used a proxy called hidemyass either, and I was right about that too.

     

    reply to this | link to this | view in thread ]

  32.  
    identicon
    Anonymous Coward, Jul 12th, 2013 @ 9:48pm

    I can't wait for the revelations of blackmail for some of the affairs, crimes and outright evil deeds that our rich and famous have done. Once this type of thing starts, a secret war of blackmail material is amassed using any and all available methods.

    Who watches the watchers?

     

    reply to this | link to this | view in thread ]

  33.  
    identicon
    Anonymous Coward, Jul 13th, 2013 @ 7:11pm

    Linux > Micro$hit

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This