clock menu more-arrow no yes mobile

Filed under:

Report: How Skype secrets got into the hands of the NSA

Microsoft granted the National Security Agency access to private emails and Skype calls through its Prism spying program as early as 2011, according to documents obtained by The Guardian.

Polygon has reached out to Microsoft for clarification on the report as well as what sort of information the company is sharing from Kinect, Skype and Xbox Live via the Xbox One. Skype powers all chats on the Xbox One.

According to the report, files provided by former CIA employee Edward Snowden show the NSA has been collecting Skype content and emails sent through since February 2011. These files share more information on the Prism program and the depth of its interaction with other major technology companies.

The files state Microsoft helped the NSA to bypass its own encryption programs after concerns the NSA would be unable to intercept Outlook content, worked with the FBI to give NSA easier access to its SkyDrive cloud storage program and that data collected through Prism is routinely shared with the CIA and FBI. According to the report, in July 2012 the NSA said the company had tripled the amount of transmissions collected from Skype — which Microsoft announced it had purchased in May 2011 — with Prism.

During the unveiling event for the Xbox One earlier this year, Microsoft announced the next-generation console's chat capabilities would be powered by Skype. The service will allow for group video calls and can be controlled with voice commands through the Kinect. The company also revealed the Xbox One will require the Kinect to function, and the peripheral will feature a standby mode that will allow users to turn it on at any time with voice commands.

In a statement to The Guardian, Microsoft said it has a legal obligation to provide information under a "national security request."

"We have clear principles which guide the response across our entire company to government demands for customer information for both law enforcement and national security issues," reads the statement. "First, we take our commitments to our customers and to compliance with applicable law very seriously, so we provide customer data only in response to legal processes.

"Second, our compliance team examines all demands very closely, and we reject them if we believe they aren't valid. Third, we only ever comply with orders about specific accounts or identifiers, and we would not respond to the kind of blanket orders discussed in the press over the past few weeks, as the volumes documented in our most recent disclosure clearly illustrate.

"Finally when we upgrade or update products legal obligations may in some circumstances require that we maintain the ability to provide information in response to a law enforcement or national security request. There are aspects of this debate that we wish we were able to discuss more freely. That's why we've argued for additional transparency that would help everyone understand and debate these important issues."

The mandatory use of Kinect with the Xbox One as well as its seemingly always-on state has raised privacy concerns over the past few months. In June the company announced the Kinect's camera and microphone will not record or upload conversations.

We will update this story when Microsoft responds.

Sign up for the newsletter Sign up for Patch Notes

A weekly roundup of the best things from Polygon