Microsoft’s top lawyer has written a blog post calling on the U.S. government to do more to repair the damage of the Snowden disclosures about the National Security Agency’s far-reaching electronic surveillance practices, including a concrete response to the issue of hacking into data centers that belong to U.S. companies and telecommunications networks that connect them.
Brad Smith, Microsoft’s general counsel and executive vice president of legal and corporate affairs, wrote that the reports have created wide-spread concern around the world about data privacy, which has the potential to hamper further adoption of cloud services. “After all, people won’t use technology they don’t trust,” he wrote.
The post was timed to coincide with one-year anniversary of the start of the scandal. One year ago this week, the Guardian and Washington Post started publishing articles based on classified NSA information leaked to them by former NSA contractor Edward Snowden.
Since the report of potential cable hacking came out, Microsoft (as well as others) has stepped up encryption efforts for data at rest and in transit.
“It’s now apparent that the government intercepted data in transit across the Internet and hacked links between company data centers,” Smith wrote. “Yet more than seven months after the Washington Post first reported that the National Security Agency hacked systems outside the U.S. to access data held by Yahoo and Google, the executive branch remains silent about its views of this practice.”
‘Technology trust deficit’
Smith is not the only technology executive who has publicly called the government out on this issue. Google, Yahoo, Facebook and others have been vocal about it, because it erodes trust in their services.
“The U.S. government needs to address important unfinished business to reduce the technology trust deficit it has created,” Smith wrote.
The outrage is not limited to Internet giants. After a report surfaced indicating that the NSA may have been intercepting and tampering with IT hardware en route to customers overseas to install backdoor surveillance devices, Cisco CEO John Chambers wrote an open letter to President Barack Obama, urging for reform of the NSA and its oversight.
Microsoft’s surveillance reform checklist
Smith offered five things the government would need to do to fix the situation, one of them being an assurance that there will be no hacking of cables or data centers.
Another action item on the list is recognition that U.S. search warrants’ power ends at U.S. borders.
In April, a U.S. federal judge ordered Microsoft to turn over a user’s personal data stored in a Dublin, Ireland, data center that U.S. law enforcement officials had requested earlier. Microsoft refused to comply with the request, arguing that a U.S. warrant did not apply to data located overseas, and the dispute ended up in court.
“We’re convinced that the law and the U.S. Constitution are on our side, and we are committed to pursuing this case as far and as long as needed,” Smith wrote in this week’s post.
The remaining three items he proposed were discontinuation of bulk collection of user data from service providers, reform of the FISA court (a secret court that issues warrants for data collection) and a new international convention on government access to data.