Sign in with
Sign up | Sign in

Microsoft Pledges to Protect Your Data From Snooping

By - Source: Microsoft | B 23 comments

Brad Smith, General Counsel & Executive Vice President of Legal & Corporate Affairs at Microsoft, recently updated Microsoft's blog with a post assuring customers that their personal data is safe from government snooping. The company is taking steps to ensure governments use a legal process rather than technological brute force to access customer data.

"Like many others, we are especially alarmed by recent allegations in the press of a broader and concerted effort by some governments to circumvent online security measures – and in our view, legal processes and protections – in order to surreptitiously collect private customer data," Smith writes. "In particular, recent press stories have reported allegations of governmental interception and collection – without search warrants or legal subpoenas – of customer data as it travels between customers and servers or between company data centers in our industry."

In light of the allegations, Microsoft has decided to expand encryption across all services, reinforce legal protections for customer data, and enhance the transparency of the company's software code, making it easier for customers to reassure themselves that products do not contain back doors. For the latter, Microsoft plans to open transparency centers in Europe, the Americas and Asia so that government customers can review the company's source code and make sure no back doors are installed.

On the encryption front, customer content moving between users and Microsoft will be encrypted by default. All key platform, productivity and communications services will encrypt customer content as it moves between data centers. Microsoft will also use best-in-class industry cryptography to protect these channels, including Perfect Forward Secrecy and 2048-bit key lengths. All of this will be in place by the end of 2014, and much of it is effective immediately, he writes.

"We also will encrypt customer content that we store. In some cases, such as third-party services developed to run on Windows Azure, we'll leave the choice to developers, but will offer the tools to allow them to easily protect data," Smith adds. "We're working with other companies across the industry to ensure that data traveling between services – from one email provider to another, for instance – is protected."

As for reinforcing legal protections, Microsoft will take new steps to reinforce legal protections for customer data. As an example, Microsoft will notify businesses and government customers if the company receives legal orders related to their data. If a gag order prevents Microsoft from doing so, then the company will challenge it in court. Microsoft will also assert available jurisdictional objections to legal demands when governments request customer content stored in another country.

"Except in the most limited circumstances, we believe that government agencies can go directly to business customers or government customers for information or data about one of their employees – just as they did before these customers moved to the cloud – without undermining their investigation or national security," he writes. "And when those limited circumstances arise, courts should have the opportunity to review the question and issue a decision."

To read the full blog, head here.

Display 23 Comments.
This thread is closed for comments
  • 8 Hide
    rantoc , December 8, 2013 9:03 AM
    "Legal process", in other word the gov do as they please with peoples data... as always!
  • 1 Hide
    realAMDfreak , December 8, 2013 9:51 AM
    Great move by Microsoft. Hope they will stick to the promised plan.
  • 3 Hide
    tolham , December 8, 2013 10:10 AM
    this is a good way for MS to win some hearts and minds after falling so far behind on the latest tech trends.
  • 8 Hide
    bunz_of_steel , December 8, 2013 10:12 AM
    What about holding the government accountable for such privacy invasion acts? Shouldn't their be some congressmen going to jail.... err house arrest in their mansion? Just saying...
  • 1 Hide
    dextermat , December 8, 2013 10:46 AM
    hahahah, it's already too late!
  • -1 Hide
    a490920 , December 8, 2013 11:27 AM
    they 1st thing microsoft do when they found a window system bug is share it with their goverment,only then they started to fix the bug......marketing is full of crap.
  • 2 Hide
    imkvn , December 8, 2013 12:12 PM
    I highly doubt that they want to protect you. In the documents that snowden leaked it shows Microsoft and skype (which is a branch of microsoft) a provider of intel ever since 2007.
  • 3 Hide
    vmem , December 8, 2013 12:45 PM
    Quote:
    "Legal process", in other word the gov do as they please with peoples data... as always!


    there's very little a company can do about their own government, especially the US government. even the UN can't stop it so yeah...
  • 2 Hide
    belardo , December 8, 2013 12:46 PM
    Microsoft... a company you can "trust".
  • 0 Hide
    MajinCry , December 8, 2013 1:34 PM
    Microsoft has had a backdoor in Windows since 95 for the NSA. This is all just nonsensical PR.
  • 2 Hide
    theco0n , December 8, 2013 1:47 PM
    Love how its still cool to bash MSFT. Like other companies aren't leaking data. AKA Google.
  • 1 Hide
    teknic111 , December 8, 2013 3:24 PM
    lol...Anyone who believes this is a fool. The world is now in need of open decentralized services. That is the future of cloud computing and IT services. Never again can a corporation be trusted with your data!
  • 0 Hide
    awesomedude911 , December 8, 2013 5:30 PM
    great now they are going to release their cloud data crap. They are saying that they are safe so we feal safe with them having our data.

    Actions speak louder than words... I would like it if they would keep selling windows 7
  • 1 Hide
    knowom , December 8, 2013 5:30 PM
    Awww no rioting and lynching? Only on Black Fridays apparently! How far society as fallen from holding regimes accountable!
  • 2 Hide
    tolham , December 8, 2013 6:04 PM
    Quote:
    What about holding the government accountable for such privacy invasion acts? Shouldn't their be some congressmen going to jail.... err house arrest in their mansion? Just saying...


    what should happen and what will happen are very different things. the US federal government has been slowly disarming us with emotional-driven gun control while feeding the military-industrial-complex, and they own the prison system and regulate our incomes. the candidates on the ballot sheet are all bought and paid for by the time we get a chance to vote. there is no way of holding the government accountable.
  • 3 Hide
    kinggraves , December 8, 2013 8:06 PM
    It doesn't matter how much encryption they use when MS willingly hands the keys over to the feds, meanwhile the government can keep turning a blind eye to the monopolization that prevents people from having other choices. No MS hate here, every major corp follows this. Google, Apple, Verizon, Ma Bell, whoever they need on board.

    There's a way to hold the government accountable, US citizens are just not capable of using it. A good chunk of our population has been brainwashed into thinking that patriotism means always agreeing with Uncle Sam and to go against the status quo is terrorism. Many whine about how the government treats them, but they're afraid to take a day off work and protest it. Many complain about their work conditions, but when it comes time to strike they don't follow through. Fighting the power actually means fighting, not signing a petition and going back to your life.
  • 1 Hide
    Dwallin60 , December 9, 2013 12:32 AM
    Tolham there is a way to hold the government accountable; it is called Common Law County Grand Juries in all 3141 counties in U.S.A. Presently there are none, but they are forming NY state and other place according to a plan put forth at www.nationalLibertyAlliance.com which is a huge training site for County Grand Jurors of which it takes 25 to convene. Chief Justice Scalia says they still exist and can be resurrected. So let's get busy and quit saying what CAN'T be done.
  • -1 Hide
    JOSHSKORN , December 9, 2013 12:50 AM
    Whoah, whoah, whoah!! Stop the Presses!!! Microsoft pledges to protect SOMETHING!?!?!? I suppose we don't need antivirus, antimalware, a registry cleaner nor PC optimizer, then.
  • 0 Hide
    MajinCry , December 9, 2013 3:23 AM
    @Otacon: Not my fault if you're far too lazy to google.

    http://www.washingtonsblog.com/2013/06/microsoft-programmed-in-nsa-backdoor-in-windows-by-1999.html
  • 0 Hide
    back_by_demand , December 9, 2013 4:20 AM
    I am less bothered about Government intrusion than I am about private companies selling my data for advertising. The various Governments of the world have been spying on the population since the 1950's, but I seriously doubt Hoover's G-Men sold your data on so you could get junkmail about penis-pills. So if Microsoft's promise is to stick something in the OS to stop Google from mining my browsing habits I could seriously care less if the Government knows what porn sites I fap to.
Display more comments