NSA's PRISM Given Access To Microsoft's Encrypted Data
July 11, 2013

NSA’s PRISM Given Access To Microsoft’s Encrypted Data

Michael Harper for redOrbit.com - Your Universe Online

The Guardian today released further details about the NSA's PRISM campaign which allows easier access to American citizens' data through major tech companies like Apple, Google and Microsoft.

According to the British news source, Microsoft worked closely with the NSA to give it access to user information when requested, including helping them around encryption used to protect users. This report, which was provided to The Guardian by Edward Snowden, also claims that Microsoft allowed the NSA to collect audio and video captured by Skype calls.

These reports also claim the information gathered via PRISM is routinely shared with other agencies in what the documents call a "team sport."

Microsoft has commented today, saying they had no other legal option than to comply with the NSA's requests. Google and Yahoo! are currently battling with the NSA to allow them to be more transparent about what information is requested through PRISM to answer questions from users.

"When we upgrade or update products we aren't absolved from the need to comply with existing or future lawful demands," said Microsoft in a statement to the Guardian.

The company also claims they only allow the NSA access to the data if they receive requests for it. Microsoft and others have claimed no outside agency has "direct access" to their servers and that they only hand out user data when requested as a part of an investigation.

"There are aspects of this debate that we wish we were able to discuss more freely. That's why we've argued for additional transparency that would help everyone understand and debate these important issues," concludes Microsoft.

The Guardian also claims Microsoft gave the NSA tools to help them get around the encryption used in web chats on its new Outlook.com. What's more, the company allegedly gave the feds pre-encryption access to email on Outlook.com, including Hotmail, before it transitioned into Outlook.com. They've also reportedly worked with the NSA in other capacities to help them gain access to user information and work around the encryption Microsoft uses to protect this data from snoopers.

All told, the British newspaper claims Microsoft worked with the NSA to give them easier access to data from Hotmail, Outlook.com, data found on their cloud-based SkyDrive servers, and communication between users on Skype.

According to these documents, the NSA was originally concerned they wouldn't be able to get around Microsoft's encryption for their web chats on Outlook.com. Some five months later, Microsoft is said to have worked up a way to give them special workarounds so as not to be mired in decryption tactics. The documents show that the FBI and Microsoft had tested this encryption workaround in December 2012, two months before Microsoft released the Outlook.com portal.

Other documents obtained by The Guardian show that Microsoft was working with the NSA for several months to give it access to SkyDrive data without a special request to do so. The NSA hailed Microsoft's work with them, saying it would "result in a much more complete and timely collection response."

"This success is the result of the FBI working for many months with Microsoft to get this tasking and collection solution established."