NSA Leaks Suggest Microsoft May Have Misled Public Over Skype Eavesdropping

Future Tense
The Citizen's Guide to the Future
June 13 2013 10:34 AM

NSA Leaks Suggest Microsoft May Have Misled Public Over Skype Eavesdropping

166721853
Niklas Zennstrom, co-founder of Skype

Photo by YOSHIKAZU TSUNO/AFP/Getty Images

Revelations about the Internet spying system PRISM have put the international spotlight on the extent of the U.S. government’s secret surveillance. But the disclosures also raise important questions about the role the world’s largest Internet companies played in hoodwinking the public over the controversial spying.

Ryan Gallagher Ryan Gallagher

Ryan Gallagher is a journalist who reports on surveillance, security, and civil liberties.

Last week, the Guardian and the Washington Post reported that Internet giants including Google, Microsoft, Facebook, and Yahoo are involved in an NSA program that enables the government to monitor emails, file transfers, photos, videos, chats, and other private data. The companies have denied providing the NSA with “direct access” to their servers. However, executives from unnamed companies linked to PRISM have since acknowledged some level of participation in the NSA program—which appears to involve using broad court orders issued under the Foreign Intelligence Surveillance Act to gain access to foreigners’ private communications.

Advertisement

There were many striking details in the Washington Post’s scoop about PRISM and its capabilities, but one part in particular stood out to me. The Post, citing a top-secret NSA PowerPoint slide, wrote that the agency has a specific “User’s Guide for PRISM Skype Collection” that outlines how it can eavesdrop on Skype “when one end of the call is a conventional telephone and for any combination of 'audio, video, chat, and file transfers' when Skype users connect by computer alone.” (Emphasis added.)

This piece of information is significant for a number of reasons. Last year, speculation arose in the hacker community that Skype, which was purchased by Microsoft in 2011 and had been difficult to wiretap, had become compliant with law enforcement demands. I pressured Skype to disclose its eavesdropping capabilities, but the company refused to discuss the matter. After a range of advocacy groups published an open letter calling for more clarity on the issue, Microsoft eventually released a transparency report detailing information about law enforcement requests for user data. The report devoted an entire section to Skype and claimed that in 2012, it hadn’t handed any communications content over to authorities anywhere in the world. Microsoft also said in notes accompanying the transparency report that calls made between Skype-Skype users were encrypted peer-to-peer, implying that they did not pass through Microsoft’s central servers and could not be eavesdropped on—except maybe if the government deployed a spy Trojan on a targeted computer to bypass encryption.

But the NSA “PRISM Skype Collection” guide casts doubt on whether any Skype communications are beyond the NSA’s reach. That the NSA claims to be able to grab all Skype users’ communications also calls into question the credibility of Microsoft’s transparency report—particularly the claim that in 2012 it did not once hand over the content of any user communications. Moreover, according to a leaked NSA slide published by the Post, Skype first became part of the NSA’s PRISM program in February 2011—three months before Microsoft purchased the service from U.S. private equity firms Silver Lake and Andreessen Horowitz.

The PRISM system operates under FISA, which can be used to secretly demand user data and force gag orders on companies so that they cannot disclose their involvement in the surveillance. Microsoft told me in an emailed statement that it “went as far as it was legally able in documenting disclosures in its Law Enforcement Requests Report,” adding that “there should be greater transparency on national security requests and Microsoft would like the government to take steps to allow companies to do that.” 

However, even if Microsoft were under a FISA gag, it could still have put a vague disclaimer on its Skype transparency report noting that for unspecified national security reasons it could not provide details of all cases in which it handed over communications content. True, no other companies disclose FISA requests, either, but at least they acknowledge handing over some communications when presented with search warrants. Microsoft portrayed Skype communications as totally beyond the reach of the government. Indeed, the company apparently chose to claim that it handed over the content of zero communications in 2012—while at the same time complying with a FISA surveillance program that enables the NSA to sift through Skype communications. If reports of Microsoft’s participation in secret FISA-PRISM surveillance are accurate, the company disingenuously created a false sense of security by implying that users’ communications were not being turned over to the government.

Following the revelations about PRISM, Microsoft has joined forces with other Internet giants to call on the U.S. government to be more transparent on FISA surveillance. But Microsoft—like Google, Facebook, and others—cannot claim to be a passive victim in this story. Unlike Twitter, it did not push back against excessive U.S. government surveillance requests until the leaked documents were disclosed, and in some cases may have been complicit in misleading the public over the extent of the snooping. That is why it is crucial that while the U.S. government is the center of international attention in the PRISM saga, the companies linked to the program should feel the full heat of the spotlight, too.

Future Tense is a partnership of SlateNew America, and Arizona State University.

TODAY IN SLATE

Politics

Smash and Grab

Will competitive Senate contests in Kansas and South Dakota lead to more late-breaking races in future elections?

Even When They Go to College, the Poor Sometimes Stay Poor

Here’s Just How Far a Southern Woman May Have to Drive to Get an Abortion

The Most Ingenious Teaching Device Ever Invented

Marvel’s Civil War Is a Far-Right Paranoid Fantasy

It’s also a mess. Can the movies do better?

Behold

Sprawl, Decadence, and Environmental Ruin in Nevada

Space: The Next Generation

An All-Female Mission to Mars

As a NASA guinea pig, I verified that women would be cheaper to launch than men.

Watching Netflix in Bed. Hanging Bananas. Is There Anything These Hooks Can’t Solve?

The Procedural Rule That Could Prevent Gay Marriage From Reaching SCOTUS Again

  News & Politics
Politics
Oct. 20 2014 7:13 PM Deadly Advice When it comes to Ebola, ignore American public opinion: It’s ignorant and misinformed about the disease.
  Business
Moneybox
Oct. 20 2014 7:23 PM Chipotle’s Magical Burrito Empire Keeps Growing, Might Be Slowing
  Life
Outward
Oct. 20 2014 3:16 PM The Catholic Church Is Changing, and Celibate Gays Are Leading the Way
  Double X
The XX Factor
Oct. 20 2014 6:17 PM I Am 25. I Don't Work at Facebook. My Doctors Want Me to Freeze My Eggs.
  Slate Plus
Tv Club
Oct. 20 2014 7:15 AM The Slate Doctor Who Podcast: Episode 9 A spoiler-filled discussion of "Flatline."
  Arts
Brow Beat
Oct. 20 2014 6:32 PM Taylor Swift’s Pro-Gay “Welcome to New York” Takes Her Further Than Ever From Nashville 
  Technology
Future Tense
Oct. 20 2014 4:59 PM Canadian Town Cancels Outdoor Halloween Because Polar Bears
  Health & Science
Medical Examiner
Oct. 20 2014 11:46 AM Is Anybody Watching My Do-Gooding? The difference between being a hero and being an altruist.
  Sports
Sports Nut
Oct. 20 2014 5:09 PM Keepaway, on Three. Ready—Break! On his record-breaking touchdown pass, Peyton Manning couldn’t even leave the celebration to chance.