Microsoft calls for international convention on govt data access

Microsoft has spoken out about the NSA reforms, stating that they do not go far enough and should be complemented by an international framework on data privacy and government surveillance.
Written by Corinne Reichert, Contributor on

In a blog post on Monday by Brad Smith, Microsoft's general counsel and executive vice president for Legal and Corporate Affairs, the tech giant has advocated international collaboration on government access to data after the extent of the National Security Agency's (NSA) program was revealed last year.

Microsoft said on Monday that the changes to government surveillance announced by US President Barack Obama last week mark "positive progress on key issues, including privacy protections for non-US citizens".

"I maintained a healthy scepticism toward our surveillance programs after I became president," Obama said in a speech at the Justice Department last Friday.

"What I did not do is stop these programs wholesale."

Rather, Obama's administration has made five material changes to the NSA program: Intelligence agencies will not store American citizens' phone call records anymore; phone records will remain available when deemed necessary; the heads of state of "close friends and allies" will no longer have their communications monitored; an overseeing panel for the secretive Foreign Intelligence Surveillance Act court will be formed; and privacy protection will be extended to non-US citizens — save for the presence of a "compelling national security purpose".

Microsoft has come out and stated that it is willing to work alongside the US government and Congress in order to come up with more suitable changes.

Promoting human rights and individual privacy alongside "timely access to data" where it is necessary for governments to prevent terrorism-related threats, the tech giant pointed towards the World Economic Forum's annual meeting being held in Switzerland later this week as a prime opportunity for an international agreement on data privacy and government surveillance to be outlined.

"The time has come for a broader international discussion. We need an international legal framework — an international convention — to create surveillance and data-access rules across borders," Smith wrote.

"We've all been reminded that surveillance takes place by governments internationally. And as industry reports make clear, governments around the world demand access to customer data. As a result, we need to broaden the topic and bring together governments to create a new international legal framework.

"Such an approach would enhance transparency and reduce the legal uncertainty that currently risks slowing new cloud-based technology services internationally. Clearer rules for access to data internationally would help open borders and enable companies to host services and data in one country for citizens in another."

In June 2013, former US government contractor Edward Snowden began leaking documents to the press about the metadata-collecting activities of the NSA. Microsoft quickly announced that it only provides customer data when it is given a legal order to do so, and in the same month joined Google and Facebook in calling for transparency.

"Our recent report went as far as we legally could, and the government should take action to allow companies to provide additional transparency," Microsoft said in a statement at the time.

In November, the tech giant followed the examples of Google and Yahoo in encrypting its worldwide datacentre traffic in order to prevent the US government from surveilling and wiretapping the cables.

In December, Microsoft's Smith called the US government an "advanced persistent threat" in another company blog post.

"Recent press stories have reported allegations of governmental interception and collection without search warrants or legal subpoenas of customer data as it travels between customers and servers or between company datacentres in our industry," Smith wrote.

"If true, these efforts threaten to seriously undermine confidence in the security and privacy of online communications. Indeed, government snooping potentially now constitutes an 'advanced persistent threat', alongside sophisticated malware and cyberattacks."

Smith ended Monday's missive by stating, "The best way to launch such an [international] effort is for the United States to take the lead."

Updated January 22, 2014, at 8.50am AEDST: A quote on the president's NSA reforms was misattributed to Microsoft and has been removed.

Editorial standards