Microsoft to encrypt data to prevent snooping

Microsoft plans to encrypt data flowing through all of its communication, productivity and other services as it seeks to reassure users in the United States and beyond that it will guard their personal information from snooping governments, the company announced Wednesday night.

The encryption initiative, approved by company executives last week, comes as many of the nation’s top technology firms scramble to protect their reputations after months of revelations about how the National Security Agency and its foreign counterparts have siphoned off massive amounts of user information, including emails, video chats, address books and more.

“The goal is clear: We want to be sure that governments use legal processes rather than brute force to access user data,” Brad Smith, Microsoft’s general counsel, said in an interview.

Smith said that concern at the company surged in October, when The Washington Post reported, based on documents provided by former NSA contractor Edward Snowden, that the NSA and its British counterpart were tapping into the private communications links of Google and Yahoo as information flowed among those companies’ data centers.

Smith said that report was “like an earthquake sending shock waves through the tech sector” because it made clear that government surveillance was not limited to known legal processes, such as those approved by the Foreign Intelligence Surveillance Court, but was happening by other means as well.

Both Google and Yahoo, which have announced their own major encryption initiatives in recent months, have global networks that resemble Microsoft’s. In addition, documents provided by Snowden to The Post suggested – while not proving – that Microsoft also was a target of the NSA program that collected data moving between centers.

Privacy advocates long have considered Microsoft a laggard in adopting encryption technology and resisting surveillance efforts. The Electronic Frontier Foundation, a civil liberties group based in San Francisco, awards the company a single check mark out of a possible five for its encryption efforts.

Wednesday’s announcement signals a major new corporate commitment to such issues and was accompanied by promises to make the computer coding for Microsoft’s services more transparent and to more vigorously resist data requests from police and intelligence agencies.

Smith said the company also was taking the position that the Foreign Intelligence Surveillance Court, which oversees some NSA intelligence-gathering efforts, does not have jurisdiction to approve the collection of data outside U.S. borders.

The company did not immediately release an estimated cost or a timeline for completing the new encryption efforts. It did, however, promise to implement “best-in-class cryptography” for data flowing between customers and Microsoft and moving between data centers around the world. It also plans to encrypt data that’s in storage. Among the products getting new encryption are Outlook.com, Office 365, SkyDrive and Azure.

The company said the encryption effort will include implementing “perfect forward secrecy,” a way of safeguarding encryption keys, and 2,048-bit key lengths. Both are considered relatively advanced technologies. Data flowing between customers and Microsoft will be encrypted by default, which privacy advocates consider superior to systems that users must personally activate.

“I think it’s a substantial announcement and it’s a substantial undertaking. Encryption is key to privacy on the Internet,” said Greg Nojeim, director of the Project on Freedom, Security and Technology for the Center for Democracy and Technology, a Washington-based advocacy group that receives some industry support.

Encryption technology does not prevent surveillance of a particular target, but it makes it harder to gain access to vast swaths of Internet communications, as NSA has been doing for years. When The Post reported the Microsoft’s plans for encryption last week, NSA officials said that U.S. government surveillance is focused on gathering intelligence against legitimate foreign targets, “not on collecting and exploiting a class of communications or services that would sweep up communications that are not of bona fide foreign intelligence interest to the U.S. government.”

Microsoft also said Wednesday night that it would attempt to reach deals with other technology companies to protect data moving between its services and theirs. Those connections long have been a weak link, allowing for relatively easy surveillance even if the data is encrypted for the rest of its journey across the Internet.

The other elements of Wednesday’s announcement are aimed at government and business customers, not ordinary consumers.

The company said it would make its computer source code available for review by governments worldwide to demonstrate that it does not include “back doors” allowing easy access to user information.

Microsoft also said it would attempt to alert businesses and governments whenever there are legal requests for their data, although it will not do the same for other customers. Smith said that notifying individuals who are targets of government surveillance could undermine investigations.

Talk to us

> Give us your news tips.

> Send us a letter to the editor.

> More Herald contact information.

More in Local News

Olivia Vanni / The Herald The Mukilteo Lighthouse. Built in 1906, it’s one of the most iconic landmarks in Snohomish County. The Mukilteo Lighthouse. Built in 1906, it’s one of the most iconic landmarks in Snohomish County. (Olivia Vanni / The Herald)
Mukilteo mayor vetoes council-approved sales tax

The tax would have helped pay for transportation infrastructure, but was also set to give Mukilteo the highest sales tax rate in the state.

Marysville Mayor Jon Nehring gives the state of the city address at the Marysville Civic Center on Wednesday, Jan. 31, 2024, in Marysville, Washington. (Ryan Berry / The Herald)
Marysville council approves interim middle housing law

The council passed the regulations to prevent a state model code from taking effect by default. It expects to approve final rules by October.

x
State audit takes issue with Edmonds COVID grant monitoring

The audit report covered 2023 and is the third since 2020 that found similar issues with COVID-19 recovery grant documentation.

Bothell
Bothell man pleads guilty to sexual abuse of Marysville middle schoolers

The man allegedly sexually assaulted three students in exchange for vapes and edibles in 2022. His sentencing is set for Aug. 29.

Larsen talks proposed Medicaid cuts during Compass Health stop in Everett

Compass Health plans to open its new behavioral health center in August. Nearly all of the nonprofit’s patients rely on Medicaid.

Snohomish County Health Department Director Dennis Worsham on Tuesday, June 11, 2024 in Everett, Washington. (Olivia Vanni / The Herald)
Snohomish County Health Department director tapped as WA health secretary

Dennis Worsham became the first director of the county health department in January 2023. His last day will be July 3.

Rick Steves launches $1M match challenge for Lynnwood Neighborhood Center

The $64.5 million Lynnwood Neighborhood Center will house several community spaces and partner with local nonprofits.

Community members gather for the dedication of the Oso Landslide Memorial following the ten-year remembrance of the slide on Friday, March 22, 2024, at the Oso Landslide Memorial in Oso, Washington. (Ryan Berry / The Herald)
The Daily Herald garners 6 awards from regional journalism competition

The awards recognize the best in journalism from media outlets across Alaska, Idaho, Montana, Oregon and Washington.

Cars drive along Cathcart Way next to the site of the proposed Eastview Village development that borders Little Cedars Elementary on Wednesday, May 7, 2025 in unincorporated Snohomish, Washington. (Olivia Vanni / The Herald)
Snohomish County Council denies latest Eastview Village appeal

Council members affirmed previous approvals of the development planned off Cathcart Way near Highway 9.

Everett
Everett police: Man sold drugs to woman prior to fatal overdose

The man, who faces a charge under the state’s controlled substance homicide law, remains in Snohomish County Jail on more than $1M bond.

Missing Marysville boy, 10, found safe and sound

Police said the boy was last seen Sunday morning before leaving to go for a run at a nearby middle school.

Red tape hangs in the front of the entrance to a burned down Center for Human Services building along 204th Street on Monday, July 7, 2025 in Lynnwood, Washington. (Olivia Vanni / The Herald)
Lynnwood fire destroys behavioral health nonprofit building

The cause of the fire is under investigation. The building housed an intensive mental health support program for youth and families.

Support local journalism

If you value local news, make a gift now to support the trusted journalism you get in The Daily Herald. Donations processed in this system are not tax deductible.