Microsoft today sent a letter to U.S. Attorney General Eric Holder, asking him or President Obama to personally intervene to allow the company “to share publicly more complete information about how we handle national security requests for customer information.”
The company also disputed a report by the Guardian last week that said Microsoft gave the NSA the keys to circumvent Outlook.com and Skype encryption to allow the agency to intercept messages.
It’s the latest effort by the company to address the ongoing controversy over documents leaked by Edward Snowden, implicating Microsoft and other tech companies for allegedly cooperating with wide-ranging government surveillance.
In a related post, Microsoft general counsel Brad Smith says the company believes it has a Constitutional right to disclose the information to address public concerns about what Microsoft describes as inaccurate reports about the customer data it provides to government officials.
“We believe the U.S. Constitution guarantees our freedom to share more information with the public, yet the Government is stopping us,” writes Smith in the post. “For example, Government lawyers have yet to respond to the petition we filed in court on June 19, seeking permission to publish the volume of national security requests we have received. We hope the Attorney General can step in to change this situation.”
He adds, “There are significant inaccuracies in the interpretations of leaked government documents reported in the media last week. We have asked the Government again for permission to discuss the issues raised by these new documents, and our request was denied by government lawyers.”
In the meantime, here is what the company is saying, as summarized in Smith’s post:
Microsoft does not provide any government with direct and unfettered access to our customer’s data. Microsoft only pulls and then provides the specific data mandated by the relevant legal demand.
If a government wants customer data – including for national security purposes – it needs to follow applicable legal process, meaning it must serve us with a court order for content or subpoena for account information.
We only respond to requests for specific accounts and identifiers. There is no blanket or indiscriminate access to Microsoft’s customer data. The aggregate data we have been able to publish shows clearly that only a tiny fraction – fractions of a percent – of our customers have ever been subject to a government demand related to criminal law or national security.
All of these requests are explicitly reviewed by Microsoft’s compliance team, who ensure the request are valid, reject those that are not, and make sure we only provide the data specified in the order. While we are obligated to comply, we continue to manage the compliance process by keeping track of the orders received, ensuring they are valid, and disclosing only the data covered by the order.
Here’s the full text of Microsoft’s letter to Holder.