The Latest Leaks Contradict Claims Made In Microsoft's Own 'Law Enforcement Requests Report'

from the protecting-your-privacy-except-for-these-large-exceptions dept

The Guardian’s recent revelations of Microsoft’s very cozy “teamwork” with the NSA and FBI rendered many of the software giant’s statements on privacy completely hollow. Among the details leaked was the surprising amount of access to Skype Microsoft provided to these agencies.

One document boasts that Prism monitoring of Skype video production has roughly tripled since a new capability was added on 14 July 2012. “The audio portions of these sessions have been processed correctly all along, but without the accompanying video. Now, analysts will have the complete ‘picture’,” it says.

Eight months before being bought by Microsoft, Skype joined the Prism program in February 2011.

According to the NSA documents, work had begun on smoothly integrating Skype into Prism in November 2010, but it was not until 4 February 2011 that the company was served with a directive to comply signed by the attorney general.

The NSA was able to start tasking Skype communications the following day, and collection began on 6 February. “Feedback indicated that a collected Skype call was very clear and the metadata looked complete,” the document stated, praising the co-operation between NSA teams and the FBI. “Collaborative teamwork was the key to the successful addition of another provider to the Prism system.”

This document seems to contradict Microsoft’s statement on Skype in March of this year in its 2012 Law Enforcement Requests Report.

Skype received 4,713 requests from law enforcement. Those requests impacted 15,409 accounts or other identifiers, such as a PSTN number. Skype produced no content in response to these requests, but did provide non-content data, such as a SkypeID, name, email account, billing information and call detail records if a user subscribed to the Skype In/Online service, which connects to a telephone number.

[All emphasis in the original.]

Perhaps “producing content” means something different to Microsoft than it does the NSA, or the general public for that matter. The leaked documents state “Skype video production has roughly tripled since July 2012” with the agent noting they’ve been collecting audio all along.

No doubt this discrepancy will be greeted with a semantic discussion, involving different ways of interpreting words like “producing” or “content.” Perhaps Microsoft feels providing direct access isn’t the same as “producing content.” Or maybe Microsoft means it just hasn’t produced content for law enforcement, and anything given to the FBI falls outside of its definition of that term. But if the FBI’s requests are considered to be outside the definition of “law enforcement,” Microsoft confuses the issue early in its report by referring to content disclosed to governments.

It’s insightful, I believe, to look at the governments to whom customer content was disclosed. Of the 1,558 disclosures of customer content, more than 99 percent were in response to lawful warrants from courts in the United States. In fact, there were only 14 disclosures of customer content to governments outside the United States. These were to governments in Brazil, Ireland, Canada and New Zealand.

Obviously, Microsoft isn’t allowed to discuss much of its work with the NSA and the FBI, but the disclosure here makes it sound as if it’s safeguarding the privacy of Skype users, when in reality it’s simply holding the door open for the feds.

Filed Under: , , ,
Companies: microsoft, skype

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “The Latest Leaks Contradict Claims Made In Microsoft's Own 'Law Enforcement Requests Report'”

Subscribe: RSS Leave a comment
Internet Zen Master (profile) says:

In Microsoft's defense

This is the kind of thing that happens when companies aren’t allowed to disclose their dealings with the federal government. They’re forced to lie to their customers about things like consumer privacy as a result or face the government’s wrath.

And sadly, even if Skype had never been bought by Microsoft in the first place, it was already participating in the PRISM program (having joined the program 8 months prior to its acquisition by Microsoft).

Stubby says:

Re: In Microsoft's defense

“And sadly, even if Skype had never been bought by Microsoft in the first place, it was already participating in the PRISM program (having joined the program 8 months prior to its acquisition by Microsoft).”

And this fact was not unbeknownst to Microsoft, who purchased it regardless.

Internet Zen Master (profile) says:

Re: Re: In Microsoft's defense

And why wouldn’t Microsoft buy Skype? It’s one of the most (if not most) recognized brands in the VoIP market. I mean, why bother creating your own product when you can just BUY the best product in the market and add it to your collection of products? Business-wise it made perfect sense, participation in a privacy-violating program like PRISM be damned.

Ninja (profile) says:

Re: Re:

I’m trying to find something to joke with Apple here and amusingly one synonym for wiretap in Portuguese is “grampo” which translates literally to English as “staple” (as in your communications were stapled). So could we consider a “Sappled” campaign as the 3rd contestant?

I personally giggled while going through this thought process =/

Anonymous Coward says:

there isn’t one ‘social network’ service that isn’t tied to the USA law enforcement of one sort or another. the shameful thing is, that if any of the services were to deny access, they would be hauled into court on some trumped up charges or other. the really shameful thing is that law enforcement has not only been using these services but are allowed to use them for their own nefarious purposes! how can any court, any government truly expect the people to accept this practice? they are talking, perfectly innocently in 99% of cases, about ordinary daily, mundane things and some arsehole god know’s where in some bunker equally god know’s where is listening in ,just in case one might say something that means absolutely nothing but gives law enforcement the chance to raid a house, arrest some kid and haul them off to prison. keep them locked up for months on bail that there isn’t a hope in hell of any ordinary family being able to raise, and all because some idiot wants to get a win under their belt, like with Arron, God rest him! what sort of country is this? who in their right mind wants to live under a regime like this?

Rekrul says:

This wouldn’t be nearly as easy to do if people didn’t insist on convenience over security.

The only reason every Skype user needs an account is so that the main server can track IP addresses and match them up with names, so that when you tell it to “call” one of your contacts, it knows what IP address to use. This lets the company easily track all calls.

A secure VOIP app, besides using strong public-key encryption, would require the user to directly enter the IP address of the person they want to contact, and then would connect directly to that address. To do this, the program could use one of the publicly available sites that return your IP address when you access them to tell the user what IP address to give to their friend. Of course, this would require that one person send an email to the other with the IP address to use, if it’s changed from the last time they talked, but there wouldn’t be one central organization that could track where and when each call was made.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...