NSA Leaks Suggest Microsoft May Have Misled Public Over Skype Eavesdropping

The Citizen's Guide to the Future
June 13 2013 10:34 AM

NSA Leaks Suggest Microsoft May Have Misled Public Over Skype Eavesdropping

166721853
Niklas Zennstrom, co-founder of Skype

Photo by YOSHIKAZU TSUNO/AFP/Getty Images

Revelations about the Internet spying system PRISM have put the international spotlight on the extent of the U.S. government’s secret surveillance. But the disclosures also raise important questions about the role the world’s largest Internet companies played in hoodwinking the public over the controversial spying.

Ryan Gallagher Ryan Gallagher

Ryan Gallagher is a journalist who reports on surveillance, security, and civil liberties.

Last week, the Guardian and the Washington Post reported that Internet giants including Google, Microsoft, Facebook, and Yahoo are involved in an NSA program that enables the government to monitor emails, file transfers, photos, videos, chats, and other private data. The companies have denied providing the NSA with “direct access” to their servers. However, executives from unnamed companies linked to PRISM have since acknowledged some level of participation in the NSA program—which appears to involve using broad court orders issued under the Foreign Intelligence Surveillance Act to gain access to foreigners’ private communications.

Advertisement

There were many striking details in the Washington Post’s scoop about PRISM and its capabilities, but one part in particular stood out to me. The Post, citing a top-secret NSA PowerPoint slide, wrote that the agency has a specific “User’s Guide for PRISM Skype Collection” that outlines how it can eavesdrop on Skype “when one end of the call is a conventional telephone and for any combination of 'audio, video, chat, and file transfers' when Skype users connect by computer alone.” (Emphasis added.)

This piece of information is significant for a number of reasons. Last year, speculation arose in the hacker community that Skype, which was purchased by Microsoft in 2011 and had been difficult to wiretap, had become compliant with law enforcement demands. I pressured Skype to disclose its eavesdropping capabilities, but the company refused to discuss the matter. After a range of advocacy groups published an open letter calling for more clarity on the issue, Microsoft eventually released a transparency report detailing information about law enforcement requests for user data. The report devoted an entire section to Skype and claimed that in 2012, it hadn’t handed any communications content over to authorities anywhere in the world. Microsoft also said in notes accompanying the transparency report that calls made between Skype-Skype users were encrypted peer-to-peer, implying that they did not pass through Microsoft’s central servers and could not be eavesdropped on—except maybe if the government deployed a spy Trojan on a targeted computer to bypass encryption.

But the NSA “PRISM Skype Collection” guide casts doubt on whether any Skype communications are beyond the NSA’s reach. That the NSA claims to be able to grab all Skype users’ communications also calls into question the credibility of Microsoft’s transparency report—particularly the claim that in 2012 it did not once hand over the content of any user communications. Moreover, according to a leaked NSA slide published by the Post, Skype first became part of the NSA’s PRISM program in February 2011—three months before Microsoft purchased the service from U.S. private equity firms Silver Lake and Andreessen Horowitz.

The PRISM system operates under FISA, which can be used to secretly demand user data and force gag orders on companies so that they cannot disclose their involvement in the surveillance. Microsoft told me in an emailed statement that it “went as far as it was legally able in documenting disclosures in its Law Enforcement Requests Report,” adding that “there should be greater transparency on national security requests and Microsoft would like the government to take steps to allow companies to do that.” 

However, even if Microsoft were under a FISA gag, it could still have put a vague disclaimer on its Skype transparency report noting that for unspecified national security reasons it could not provide details of all cases in which it handed over communications content. True, no other companies disclose FISA requests, either, but at least they acknowledge handing over some communications when presented with search warrants. Microsoft portrayed Skype communications as totally beyond the reach of the government. Indeed, the company apparently chose to claim that it handed over the content of zero communications in 2012—while at the same time complying with a FISA surveillance program that enables the NSA to sift through Skype communications. If reports of Microsoft’s participation in secret FISA-PRISM surveillance are accurate, the company disingenuously created a false sense of security by implying that users’ communications were not being turned over to the government.

Following the revelations about PRISM, Microsoft has joined forces with other Internet giants to call on the U.S. government to be more transparent on FISA surveillance. But Microsoft—like Google, Facebook, and others—cannot claim to be a passive victim in this story. Unlike Twitter, it did not push back against excessive U.S. government surveillance requests until the leaked documents were disclosed, and in some cases may have been complicit in misleading the public over the extent of the snooping. That is why it is crucial that while the U.S. government is the center of international attention in the PRISM saga, the companies linked to the program should feel the full heat of the spotlight, too.

Future Tense is a partnership of SlateNew America, and Arizona State University.

TODAY IN SLATE

Medical Examiner

The Most Terrifying Thing About Ebola 

The disease threatens humanity by preying on humanity.

I Bought the Huge iPhone. I’m Already Thinking of Returning It.

Scotland Is Just the Beginning. Expect More Political Earthquakes in Europe.

Students Aren’t Going to College Football Games as Much Anymore

And schools are getting worried.

Two Damn Good, Very Different Movies About Soldiers Returning From War

The XX Factor

Lifetime Didn’t Think the Steubenville Rape Case Was Dramatic Enough

So they added a little self-immolation.

Politics

Blacks Don’t Have a Corporal Punishment Problem

Americans do. But when blacks exhibit the same behaviors as others, it becomes part of a greater black pathology. 

Why a Sketch of Chelsea Manning Is Stirring Up Controversy

How Worried Should Poland, the Baltic States, and Georgia Be About a Russian Invasion?

Trending News Channel
Sept. 19 2014 1:11 PM Watch Flashes of Lightning Created in a Lab  
  News & Politics
Weigel
Sept. 20 2014 11:13 AM -30-
  Business
Business Insider
Sept. 20 2014 6:30 AM The Man Making Bill Gates Richer
  Life
Quora
Sept. 20 2014 7:27 AM How Do Plants Grow Aboard the International Space Station?
  Double X
The XX Factor
Sept. 19 2014 11:33 AM Planned Parenthood Is About to Make It a Lot Easier to Get Birth Control
  Slate Plus
Slate Picks
Sept. 19 2014 12:00 PM What Happened at Slate This Week? The Slatest editor tells us to read well-informed skepticism, media criticism, and more.
  Arts
Brow Beat
Sept. 20 2014 3:21 PM “The More You Know (About Black People)” Uses Very Funny PSAs to Condemn Black Stereotypes
  Technology
Future Tense
Sept. 19 2014 5:03 PM White House Chief Information Officer Will Run U.S. Ebola Response
  Health & Science
Bad Astronomy
Sept. 20 2014 7:00 AM The Shaggy Sun
  Sports
Sports Nut
Sept. 18 2014 11:42 AM Grandmaster Clash One of the most amazing feats in chess history just happened, and no one noticed.