June 13, 2013
from
RT Website
Microsoft may have
misled millions of Skype users around the world by
making claims last year that have since been
contradicted by intelligence leaked by former NSA
contractor Edward Snowden.
National Security Agency documents leaked
by Snowden to the Guardian and Washington Post last
week have grabbed the attention of Americans concerned over the NSA’s
blanketing surveillance of communications involving United States citizens.
The NSA is regularly retaining the phone records
for millions of Verizon customers, the documents revealed, and a separate
program called PRISM allegedly lets federal investigators access Internet
use information for customers of the biggest online services.
One of those documents, a slideshow examining
how the NSA has access to conversations conducted over nine major Internet
services, may have caught Silicon Valley giant Microsoft in a lie.
Ryan Gallagher of Slate noted this week that one of the slides cited
by the Washington Post was labeled a “User’s Guide for PRISM Skype
Collection,” suggesting that the NSA has in place a method for eavesdropping
on conversations conducted over the popular Web client acquired in 2011 by
Microsoft.
According to the slide, NSA agents can listen in or watch Skype chats,
“when one end of the call is a conventional
telephone and for any combination of 'audio, video, chat, and file
transfers' when Skype users connect by computer alone.”
“This piece of information is significant for a number of reasons,”
wrote Gallagher, but the most crucial perhaps is how it compares to
Microsoft’s remarks last year.
As RT wrote in 2012, Microsoft was awarded a
patent that summer that provides for,
“legal intercept” technology that allows for
agents to “silently copy communication transmitted via the communication
session” without asking for user authorization.
At the time, Gallagher was one of the most
critical reporters examining the patent, and grilled Microsoft relentlessly
to see if this meant that a program previously considered highly-encrypted
and tough to crack could provide a backdoor to government agents at the drop
of a hat.
However, Skype Corporate VP of Product
Engineering & Operations Mike Gillet also explained to
ExtremeTech.com that the company was making changes in its infrastructure,
but that they were being done to “improve the Skype user experience.”
“Skype rejected the charge in a comment
issued to the website Extremetech, saying the restructure was an upgrade
and had nothing to do with surveillance,” Gallagher wrote at the time,
“But when I repeatedly questioned the
company on Wednesday whether it could currently facilitate wiretap
requests, a clear answer was not forthcoming. Citing ‘company policy,’
Skype PR man Chaim Haas wouldn’t confirm or deny, telling me only that
the chat service ‘co-operates with law enforcement agencies as much as
is legally and technically possible.’”
This week, Gallagher revisited the issue and
explained how Microsoft’s explanation last year is now under fire thanks to
NSA leak.
Gallagher recalled that Microsoft was driven to
releasing a transparency report last year, in which a significant chunk was
set aside solely for details on settling requests for Skype data made by law
enforcement.
“The report devoted an entire section to
Skype and claimed that in 2012, it hadn’t handed any communications
content over to authorities anywhere in the world.
Microsoft also said in notes accompanying
the transparency report that calls made between Skype-Skype users were
encrypted peer-to-peer, implying that they did not pass through
Microsoft’s central servers and could not be eavesdropped on - except
maybe if the government deployed a spy Trojan on a targeted computer to
bypass encryption,” Gallagher wrote.
Now enter the “User’s Guide for PRISM Skype
Collection” slide, and the story is much different.
“That the NSA claims to be able to grab all
Skype users’ communications also calls into question the credibility of
Microsoft’s transparency report - particularly the claim that in 2012 it
did not once hand over the content of any user communications,”
Gallagher wrote.
“Moreover, according to a leaked NSA slide
published by the Post, Skype first became part of the NSA’s PRISM
program in February 2011 - three months before Microsoft purchased the
service from U.S. private equity firms Silver Lake and Andreessen
Horowitz.”
In a statement emailed from Microsoft to Slate,
the company said it,
“went as far as it was legally able in
documenting disclosures in its Law Enforcement Requests Report” and that
“there should be greater transparency on national security requests and
Microsoft would like the government to take steps to allow companies to
do that.”
Microsoft’s statement came the same week that
one of their largest competitors, Google, pleaded with the government to let
them provide more details in their regular transparency reports published
online.
In a letter sent to US Attorney General Eric
Holder and Federal Bureau of Investigation Director Robert Mueller
on Tuesday, Google asked the Obama administration to allow it to share more
information.
"Google's numbers would clearly show that
our compliance with these requests falls far short of the claims being
made," said David Drummond, Google's chief legal officer. "Google has
nothing to hide.”
During testimony made Thursday morning before
Congress, Mueller said the NSA leaks attributed to Snowden,
“have caused significant harm to our nation
and to our safety” and that the FBI and Justice Department will take
“all necessary steps to hold the person responsible.”
Meanwhile, US Reps. John Conyers
(D-Michigan) and Justin Amash (R-Michigan) plan to propose
legislation this week that would require that the government provides
“specific and articulable facts” before it requests phone records of US
citizens.