Microsoft To Encrypt Data Center Links; Says NSA Hacking Would Be Unconstitutional

from the and-now-what? dept

We were somewhat surprised to see Microsoft recently admit that in the wake of the revelation that the NSA had infiltrated the private data links between Yahoo and Google's data centers that it had not yet decided to encrypt its own such links. Google had very quickly moved to encrypt those links and Yahoo has recently done so as well (though it took a little while). Now Microsoft is saying that it's going to do the same thing.

While the revealed documents did not directly point to a similar infiltration of Microsoft, there's reason to believe it was also compromised. Other Snowden documents mentioned in the linked article above note that Microsoft is listed as having data accessible under the same program, referred to as MUSCULAR. Perhaps more interesting is Microsoft making it clear that it believes any such infiltration would be a serious legal violation:
When asked about the NSA documents mentioning surveillance of Microsoft services, Smith issued a sharply worded statement: “These allegations are very disturbing. If they are true these actions amount to hacking and seizure of private data and in our view are a breach of the protection guaranteed by the Fourth Amendment to the Constitution.”
Of course, just because something is a Constitutional violation doesn't necessarily mean that there's much of a legal remedy. Any lawsuit would immediately lead to claims of sovereign immunity and national security to try to kill off any such lawsuit. It's the same thing the feds have done every time they've been challenged on this stuff. The only real way to deal with this is to make sure that the companies actually protect user data in a manner that makes it nearly impossible for the government to break in as it has in the past.

Filed Under: brad smith, datacenters, encryption, infiltration, nsa, nsa surveillance
Companies: microsoft

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. icon
    Mike Masnick (profile), 27 Nov 2013 @ 5:03pm


    I don't get it, people have known for years that those links were vulnerable, maybe even enemies of the US, those companies have servers all around the world and they didn't thought others would peek?

    Not really true. Most people quite reasonably assumed that those links weren't vulnerable, because they're not accessible to the outside world. Just like, if I have two computers connected at home, I don't encrypt the data exchange between them because I have a reasonable belief that no one unauthorized is sitting between them.

    The issue here is that it appears that *most likely* an outside party, such as Level3 who helped run these networks, gave the NSA access (perhaps under court order). But an outside party, such as the "enemies of the US" you state, wouldn't have access to these links directly. So not sure how they would go about getting access. NSA is able to because it can issue a court order and force Level3 to throw a tap on the line. Not so much with others.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: I Invented Email
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.