NSA Leaks Suggest Microsoft May Have Misled Public Over Skype Eavesdropping

The Citizen's Guide to the Future
June 13 2013 10:34 AM

NSA Leaks Suggest Microsoft May Have Misled Public Over Skype Eavesdropping

166721853
Niklas Zennstrom, co-founder of Skype

Photo by YOSHIKAZU TSUNO/AFP/Getty Images

Revelations about the Internet spying system PRISM have put the international spotlight on the extent of the U.S. government’s secret surveillance. But the disclosures also raise important questions about the role the world’s largest Internet companies played in hoodwinking the public over the controversial spying.

Ryan Gallagher Ryan Gallagher

Ryan Gallagher is a journalist who reports on surveillance, security, and civil liberties.

Last week, the Guardian and the Washington Post reported that Internet giants including Google, Microsoft, Facebook, and Yahoo are involved in an NSA program that enables the government to monitor emails, file transfers, photos, videos, chats, and other private data. The companies have denied providing the NSA with “direct access” to their servers. However, executives from unnamed companies linked to PRISM have since acknowledged some level of participation in the NSA program—which appears to involve using broad court orders issued under the Foreign Intelligence Surveillance Act to gain access to foreigners’ private communications.

Advertisement

There were many striking details in the Washington Post’s scoop about PRISM and its capabilities, but one part in particular stood out to me. The Post, citing a top-secret NSA PowerPoint slide, wrote that the agency has a specific “User’s Guide for PRISM Skype Collection” that outlines how it can eavesdrop on Skype “when one end of the call is a conventional telephone and for any combination of 'audio, video, chat, and file transfers' when Skype users connect by computer alone.” (Emphasis added.)

This piece of information is significant for a number of reasons. Last year, speculation arose in the hacker community that Skype, which was purchased by Microsoft in 2011 and had been difficult to wiretap, had become compliant with law enforcement demands. I pressured Skype to disclose its eavesdropping capabilities, but the company refused to discuss the matter. After a range of advocacy groups published an open letter calling for more clarity on the issue, Microsoft eventually released a transparency report detailing information about law enforcement requests for user data. The report devoted an entire section to Skype and claimed that in 2012, it hadn’t handed any communications content over to authorities anywhere in the world. Microsoft also said in notes accompanying the transparency report that calls made between Skype-Skype users were encrypted peer-to-peer, implying that they did not pass through Microsoft’s central servers and could not be eavesdropped on—except maybe if the government deployed a spy Trojan on a targeted computer to bypass encryption.

But the NSA “PRISM Skype Collection” guide casts doubt on whether any Skype communications are beyond the NSA’s reach. That the NSA claims to be able to grab all Skype users’ communications also calls into question the credibility of Microsoft’s transparency report—particularly the claim that in 2012 it did not once hand over the content of any user communications. Moreover, according to a leaked NSA slide published by the Post, Skype first became part of the NSA’s PRISM program in February 2011—three months before Microsoft purchased the service from U.S. private equity firms Silver Lake and Andreessen Horowitz.

The PRISM system operates under FISA, which can be used to secretly demand user data and force gag orders on companies so that they cannot disclose their involvement in the surveillance. Microsoft told me in an emailed statement that it “went as far as it was legally able in documenting disclosures in its Law Enforcement Requests Report,” adding that “there should be greater transparency on national security requests and Microsoft would like the government to take steps to allow companies to do that.” 

However, even if Microsoft were under a FISA gag, it could still have put a vague disclaimer on its Skype transparency report noting that for unspecified national security reasons it could not provide details of all cases in which it handed over communications content. True, no other companies disclose FISA requests, either, but at least they acknowledge handing over some communications when presented with search warrants. Microsoft portrayed Skype communications as totally beyond the reach of the government. Indeed, the company apparently chose to claim that it handed over the content of zero communications in 2012—while at the same time complying with a FISA surveillance program that enables the NSA to sift through Skype communications. If reports of Microsoft’s participation in secret FISA-PRISM surveillance are accurate, the company disingenuously created a false sense of security by implying that users’ communications were not being turned over to the government.

Following the revelations about PRISM, Microsoft has joined forces with other Internet giants to call on the U.S. government to be more transparent on FISA surveillance. But Microsoft—like Google, Facebook, and others—cannot claim to be a passive victim in this story. Unlike Twitter, it did not push back against excessive U.S. government surveillance requests until the leaked documents were disclosed, and in some cases may have been complicit in misleading the public over the extent of the snooping. That is why it is crucial that while the U.S. government is the center of international attention in the PRISM saga, the companies linked to the program should feel the full heat of the spotlight, too.

Future Tense is a partnership of SlateNew America, and Arizona State University.

TODAY IN SLATE

Altered State

The Plight of the Pre-Legalization Marijuana Offender

What should happen to weed users and dealers busted before the stuff was legal?

The Extraordinary Amicus Brief That Attempts to Explain the Wu-Tang Clan to the Supreme Court Justices

Amazon Is Officially a Gadget Company. Here Are Its Six New Devices.

The Human Need to Find Connections in Everything

It’s the source of creativity and delusions. It can harm us more than it helps us.

How Much Should You Loathe NFL Commissioner Roger Goodell?

Here are the facts.

Food

How to Order Chinese Food

First, stop thinking of it as “Chinese food.”

How the First Benghazi Committee Hearing Humbled the Hillary Clinton State Department

You Shouldn’t Spank Anyone but Your Consensual Sex Partner

Moneybox
Sept. 17 2014 5:10 PM The Most Awkward Scenario in Which a Man Can Hold a Door for a Woman
  News & Politics
Jurisprudence
Sept. 18 2014 10:42 AM Scalia’s Liberal Streak The conservative justice’s most brilliant—and surprisingly progressive—moments on the bench.
  Business
Business Insider
Sept. 17 2014 1:36 PM Nate Silver Versus Princeton Professor: Who Has the Right Models?
  Life
Outward
Sept. 18 2014 11:25 AM Gays on TV: From National Freakout to Modern Family Fun
  Double X
The XX Factor
Sept. 18 2014 11:40 AM Where Pregnant Women Aren't Allowed to Work After 36 Weeks  
  Slate Plus
Slate Fare
Sept. 17 2014 9:37 AM Is Slate Too Liberal?  A members-only open thread.
  Arts
Music
Sept. 18 2014 11:40 AM Where the Girls At? Jhené Aiko, Marsha Ambrosius, Ledisi, and the other brilliant women of R&B who aren’t getting their due in 2014.
  Technology
Future Tense
Sept. 18 2014 10:07 AM “The Day It All Ended” A short story from Hieroglyph, a new science fiction anthology.
  Health & Science
Bad Astronomy
Sept. 18 2014 7:30 AM Red and Green Ghosts Haunt the Stormy Night
  Sports
Sports Nut
Sept. 17 2014 3:51 PM NFL Jerk Watch: Roger Goodell How much should you loathe the pro football commissioner?