CloudRegulationSecuritySurveillance-ITWorkspace

Microsoft Considers Encryption To Protect Customers From Government Spies

Max 'Beast from the East' Smolaks covers open source, public sector, startups and technology of the future at TechWeekEurope. If you find him looking lost on the streets of London, feed him coffee and sugar.

Follow on: Google +

The company is worried its data centres might have been tapped by the NSA

Microsoft is thinking about encrypting its traffic in the wake of revelations about surveillance practices used by the US national Security Agency (NSA) and GCHQ.

The company executives are due to meet later this week to decide how and when the encryption will be applied, according to the Washington Post.

Late last month, it emerged that the NSA could have harvested massive amounts of information going through the fibre optic channels connecting data centres owned by Yahoo and Google. Microsoft assumes that its network infrastructure has also been compromised.

Yahoo has already announced it will encrypt all of its traffic and products by early 2014. Google was going to encrypt all internal communications even before Snowden started leaking the NSA data, and these plans were “accelerated” in June.

Taking precautions

Classified documents disclosed by Snowden suggest that traffic moving between data centres owned by some of the world’s biggest Internet companies was collected outside the US, where the privacy guidelines are less restrictive, and then processed by an NSA programme codenamed ‘MUSCULAR’, operated in partnership with UK’s GCHQ.

IVY PHOTOSAccording to the Washington Post, two previously unreleased NSA slides related to MUSCULAR mention not just Google and Yahoo services, but also Hotmail and Windows Live Messenger. A separate email refers to now defunct Microsoft Passport.

The NSA maintains that its surveillance efforts were always limited to “valid foreign intelligence targets” and not the US citizens. However, the Agency’s internal documents refer to “bulk access” and “high volume” of information.

Even though Microsoft doesn’t have solid proof that MUSCULAR was tapping into its traffic, it has decided to join its competitors in offering encrypted services. At a recent shareholder meeting, Microsoft general counsel Brad Smith was speaking about introducing new engineering features aimed at improving security, including “strengthening security against snooping by governments.”

More and more organisations are turning to encryption as the means to safeguard the privacy of their customers, including Facebook, Wikipedia and file hosting service Mega, launched by Kim Dotcom. The measure is considered to offer protection against government agencies, competitors and hackers alike.

Microsoft, Google, Apple, Intel, Oracle, LinkedIn and Twitter are all members of the Digital Due Process Coalition, which was created to support legislation aimed at limiting the scope of state surveillance.

Test your Microsoft knowledge! Take our quiz!