Responding to leaks that Microsoft shared information from customers' emails and Skype calls with the National Security Agency, the company's general counsel writes that Microsoft "does not provide any government with direct and unfettered access to our customer's data," and has asked the U.S. Attorney General for permission to "share publicly more complete information about how we handle national security requests for customer information."
Writing on Microsoft's TechNet blog, general counsel and executive vice president of legal and corporate affairs Brad Smith says, "We believe the U.S. Constitution guarantees our freedom to share more information with the public, yet the Government is stopping us."
Smith says there are "significant inaccuracies in the interpretations of leaked government documents reported in the media last week," in which Microsoft reportedly granted the NSA access to private emails and Skype calls through the Prism program since 2011.
"We do not provide any government with direct access to emails or instant messages. Full stop," Smith writes. "Like all providers of communications services, we are sometimes obligated to comply with lawful demands from governments to turn over content for specific accounts, pursuant to a search warrant or court order."
Smith then goes on to describe Microsoft's "obligation to comply with the law by providing specific information in response to lawful government orders," detailing what it shares from Skype, the voice over IP chat system that will power Xbox One communication.
As with other services, we only respond to legal government demands, and we only comply with orders for requests about specific accounts or identifiers. The reporting last week made allegations about a specific change in 2012. We continue to enhance and evolve the Skype offerings and have made a number of improvements to the technical back-end for Skype, such as the 2012 move to in-house hosting of "supernodes" and the migration of much Skype IM traffic to servers in our data centers. These changes were not made to facilitate greater government access to audio, video, messaging or other customer data. Looking forward, as Internet-based voice and video communications increase, it is clear that governments will have an interest in using (or establishing) legal powers to secure access to this kind of content to investigate crimes or tackle terrorism. We therefore assume that all calls, whether over the Internet or by fixed line or mobile phone, will offer similar levels of privacy and security. Even in these circumstances Microsoft remains committed to responding only to valid legal demands for specific user account information. We will not provide governments with direct or unfettered access to customer data or encryption keys.
Smith says that based on the aggregate data Microsoft has been permitted to release shows that only "fractions of a percent" of customers have been subject to a government demand related to criminal law or national security.
Mandatory use of Kinect with the upcoming Xbox One has raised privacy concerns since the console's announcement. In June the company announced the Kinect's camera and microphone will not record or upload conversations, and said that Xbox One owners' privacy is a "top priority."
Microsoft does not detail what information, if any, it may have shared from Xbox Live or Kinect with the NSA. Polygon has reached out to the company seeking additional information.