(NASDAQ:MSFT) is strengthening security and privacy further in response to reports that government agencies may be able to access user data without permission.
The Washington Post
reported that the company is renewing efforts to encrypt traffic
on its Web services such as Outlook and Skype. The paper's sources said that top executives at the software company are meeting this week to discuss beefing up encryption, which makes it much harder for spies or malicious hackers to compromise one's privacy.
“We’re focused on engineering improvements that will further strengthen security,” Brad Smith, a Microsoft general counsel, told shareholders last week, “including strengthening security against snooping by governments.”
Last month, documents leaked by former National Security Agency contractor Edward Snowden detailed how the NSA can tap into Google
(NASDAQ:GOOG) and Yahoo
(NASDAQ:YHOO) servers, allowing the spies to collect any communications they wish. The two web companies vowed to strengthen encryption on data that moves between their data centers to prevent this. The documents also refer to Hotmail and Windows Live, but Microsoft cannot yet confirm that the government is tapping its wires in the same way. Still the company is concerned.
Is Microsoft truly making an about-face? The company is hardly known for its commitment to user privacy. The Electronic Frontier Foundation’s Who Has Your Back
scorecard in 2012 gave Microsoft one star out of four for user privacy, but it got four stars out of six this year. One beef that the Internet freedom crowd has with Microsoft is that it doesn’t notify users of government requests for data. Twitter
(NYSE:TWTR) got a perfect score, while Apple
(NASDAQ:AAPL) got a single star. Microsoft says that it only provides data to the government when legally obliged to do so. The EFF says that despite its engineering clout, Microsoft remains behind on encryption technology.
In Edward Snowden’s revelations, it came out that Microsoft was the first company to comply with PRISM, the secret program that allegedly gave the intelligence community backdoor access to user communications. When Redmond launched Outlook.com in the summer of 2012, the NSA had trouble circumventing encryption of web chats, and Microsoft helped them figure it out a few months later
. Some documents indicated that NSA analysts could read pre-encrypted emails.
Way back in 1999, Heise
, a German computer-security publication, wrote that researchers found evidence that the NSA had its own key
for a driver that works with Internet Explorer.
It was found because “Microsoft's developers had failed to remove or 'strip' the debugging symbols used to test this software before they released it. Inside the code were the labels for the two keys. One was called ‘KEY’. The other was called ‘NSAKEY’.”
Though there hasn’t been an exodus of users, the threat of coming under Uncle Sam’s gaze is already making it harder for US tech firms to compete abroad. Most big Web services like Google are banned in China but as we wrote earlier this week
, enterprise-level tech companies like Cisco
(NASDAQ:CSCO) are seeing sales sink in China since the Snowden revelations came out.
However, beefing up crypto and calling for limits to the NSA’s information-hoovering could be just a marketing ploy on Microsoft's part. The company is positioning itself as the anti-Google. Thanks to growing awareness of internet privacy and some slightly creepy moves on Google’s part over the years, there is certainly room for a tech giant to offer privacy. The “Scroogled” campaign tries to paint Google as Big Brother. (Word on the internet is that these t-shirts
are really popular on Google’s campus; this is what passes for irony these days.) But the kettle might be calling the pot black in this case. Especially after the damning PRISM revelations were made public, it will be hard for the companies involved to ingenuously market themselves to users at home and abroad as a privacy-focused service.
No positions in stocks mentioned. The author of this article is a member of the Electronic Frontier Foundation.
The information on this website solely reflects the analysis of or opinion about the performance of securities and financial markets by the writers whose articles appear on the site. The views expressed by the writers are not necessarily the views of Minyanville Media, Inc. or members of its management. Nothing contained on the website is intended to constitute a recommendation or advice addressed to an individual investor or category of investors to purchase, sell or hold any security, or to take any action with respect to the prospective movement of the securities markets or to solicit the purchase or sale of any security. Any investment decisions must be made by the reader either individually or in consultation with his or her investment professional. Minyanville writers and staff may trade or hold positions in securities that are discussed in articles appearing on the website. Writers of articles are required to disclose whether they have a position in any stock or fund discussed in an article, but are not permitted to disclose the size or direction of the position. Nothing on this website is intended to solicit business of any kind for a writer's business or fund. Minyanville management and staff as well as contributing writers will not respond to emails or other communications requesting investment advice.