Microsoft Finally Releases Info About Law Enforcement Snooping On Skype, Other User Data

The Citizen's Guide to the Future
March 21 2013 2:38 PM

Microsoft Finally Releases Info About Law Enforcement Snooping On Skype, Other User Data

113921012
Microsoft CEO Steve Ballmer announces Microsoft's purchase of Skype in 2011

Photo by KIMIHIRO HOSHINO/AFP/Getty Images

Today, Microsoft finally caved. After mounting criticism over its lack of transparency, the company has for the first time detailed government surveillance of services like Skype, Hotmail, and SkyDrive.

Ryan Gallagher Ryan Gallagher

Ryan Gallagher is a journalist who reports on surveillance, security, and civil liberties.

Earlier this year, I and other Internet freedom advocates backed a letter calling on Microsoft to clarify the security policies around Skype due to “persistently unclear and confusing” statements about the access it can provide governments for surveillance conversations. Now, Microsoft has responded by publishing a transparency report—recognizing what it calls “broadening public interest in how often law enforcement agencies request customer data,” and following a trend set by Google and Twitter.

The report reveals that in 2012, Microsoft and Skype received a total of 75,378 law enforcement requests, 4,713 of which were specific requests targeting Skype. These requests affected some 137,424* user accounts of services including Skype, Hotmail, Outlook.com, SkyDrive, Xbox LIVE, Microsoft Account, and Office 365. The exact number of Skype users targeted was 15,409, and the top five requesting countries were Turkey (11,434), United States (12,227), United Kingdom (10,494), Germany (9,105), and France (9,005). Microsoft says that in 18 percent of the cases, no customer data was disclosed; about 79.8 percent of requests resulted in the disclosure of non-content information (metadata like IP addresses and “to” and “from” fields in an email); and 2.2 percent of the requests to Microsoft resulted in communications content (like the content of an email) being disclosed.

Advertisement

Interestingly, an FAQ published as part of the report notes that Skype-to-Skype calls made using the “full client” are encrypted peer-to-peer. In theory, this means calls made from one person to another using the computer version of Skype remain difficult for governments to eavesdrop on without the use of a spy Trojan. This appears to address, at least in part, a question Skype has previously refused to answer about its eavesdropping capabilities. The FAQ also acknowledges that a “thin” version of Skype used as an app on a cellphone or tablet device is not as secure and can be subject to snooping because it routes calls over a wireless or mobile network.

Microsoft says it did not disclose content of any Skype communications in 2012, and data that were disclosed included “SkypeID, name, email account, billing information and call detail records if a user subscribed to the Skype In/Online service, which connects to a telephone number.” However, security expert Chris Soghoian of the ACLU has already expressed some reservations about this. “Microsoft's response on Skype is very carefully worded,” he tweeted today, adding that Skype leaking cryptography keys to help authorities decrypt communications would “not be considered release of content.”

More questions will no doubt surface in the days ahead as the report comes under closer scrutiny. But it is certainly a positive step for Microsoft to have listened to criticism and embraced greater transparency—albeit belatedly. Notably, the company has also followed a recently applauded decision by Google to disclose some vague details about secret FBI national security letters that it has received. Microsoft says the feds requested data such as “the name, address, length of service, and local and long distance toll billing records” of between 11,000 and 14,996 of its users in a four-year period spanning 2009 to 2012. This information is requested by the authorities if it is deemed “relevant to an authorized investigation to protect against international terrorism or clandestine intelligence activities.” A controversial clause of NSLs that gags companies from revealing specific details about them was last week ruled unconstitutional by a California judge.

Microsoft says it will continue to release updated transparency reports every six months, in line with what Google has been doing since 2010. “As we continue to move forward, Microsoft is committed to respecting human rights, free expression, and individual privacy,” Brad Smith, Microsoft general counsel, wrote in a blog post.

Correction, March 21, 2013: Due to an editing error, this post originally misstated the number of Microsoft user accounts affected by law enforcement requests.

Future Tense is a partnership of SlateNew America, and Arizona State University.

TODAY IN SLATE

Doublex

Crying Rape

False rape accusations exist, and they are a serious problem.

Scotland Is Just the Beginning. Expect More Political Earthquakes in Europe.

No, New York Times, Shonda Rhimes Is Not an “Angry Black Woman” 

Brow Beat
Sept. 19 2014 1:39 PM Shonda Rhimes Is Not an “Angry Black Woman,” New York Times. Neither Are Her Characters.

The Music Industry Is Ignoring Some of the Best Black Women Singing R&B

How Will You Carry Around Your Huge New iPhone? Apple Pants!

Medical Examiner

The Most Terrifying Thing About Ebola 

The disease threatens humanity by preying on humanity.

Television

The Other Huxtable Effect

Thirty years ago, The Cosby Show gave us one of TV’s great feminists.

There’s a Way to Keep Ex-Cons Out of Prison That Pays for Itself. Why Don’t More States Use It?

Why Men Can Never Remember Anything

The XX Factor
Sept. 19 2014 1:11 PM Why Men Can Never Remember Anything
Behold
Sept. 19 2014 11:33 AM An Up-Close Look at the U.S.–Mexico Border
  News & Politics
Foreigners
Sept. 19 2014 1:56 PM Scotland’s Attack on the Status Quo Expect more political earthquakes across Europe.
  Business
Moneybox
Sept. 19 2014 3:24 PM Why Innovators Hate MBAs
  Life
Inside Higher Ed
Sept. 19 2014 1:34 PM Empty Seats, Fewer Donors? College football isn’t attracting the audience it used to.
  Double X
The XX Factor
Sept. 19 2014 3:07 PM Everything Is a "Women's Issue"
  Slate Plus
Slate Picks
Sept. 19 2014 12:00 PM What Happened at Slate This Week? The Slatest editor tells us to read well-informed skepticism, media criticism, and more.
  Arts
Brow Beat
Sept. 19 2014 4:03 PM Kern Your Enthusiasm: The Ubiquity of Gotham
  Technology
Future Tense
Sept. 19 2014 12:38 PM Forward, March! Nine leading climate scientists urge you to attend the People’s Climate March.
  Health & Science
Medical Examiner
Sept. 19 2014 12:13 PM The Most Terrifying Thing About Ebola  The disease threatens humanity by preying on humanity.
  Sports
Sports Nut
Sept. 18 2014 11:42 AM Grandmaster Clash One of the most amazing feats in chess history just happened, and no one noticed.