Microsoft and other tech companies need to band together in a fight against government overreach into our digital privacy, Microsoft president Brad Smith said in the keynote address at the RSA information security conference in San Francisco today
Smith, who is also the chief legal officer at Microsoft, spoke out against the FBI’s ploy to get Apple’s help in cracking a terrorist’s iPhone, the government’s attempts to squash transparency with secretive courts, and the recent push to weaken encryption as a way to keep the country safer.
“Despite the best intentions, one thing is clear: the path to hell starts at the back door, and we need make sure that encryption technology remains strong,” Smith said, receiving the first round of applause of the morning.
But Smith also reminded the audience that encryption is only part of the battle; transparency in government requests and maintaining trust in the digital world were also big parts of Smith’s keynote.
“Trust has been under threat. Trust has been questioned for good reason,” he said, pointing to the Edward Snowden revelations as a sign that both the U.S. government and companies had enabled privacy breaches of citizens. “All of this is leading to a fundamental question: What’s to be done?”
That question, Smith said, needs to be the impetus for a conversation not just in the tech industry, but around the world.
“One conclusion that we’ve come to is a point that Satya Nadella, our CEO, made to our employees two years ago,” Smith said. “What he fundamentally said is technology needs to advance, but timeless values should endure.”
Those values, like privacy and transparency, have been adopted by Microsoft, Smith said, but he said that tech companies need to band together to make sure those values are held tight in the face of encroaching government intrusions.
“We need to partner, because no company is going to be successful on its own,” Smith said. “At a time when technology is moving forward and is so vital, we need to remember that this is, at the end of the day, all about people.”
But Smith didn’t take a wholly antagonistic stance against the government; he also spoke about how Microsoft and the government can work together while still maintaining trust.
Smith pointed to the aftermath of last year’s terrorist attack in Paris, when Microsoft received 14 requests from the government about terrorist suspect at large. The company was able to verify the legality of those requests and provide possibly vital information in an average of just 30 minutes for each request.
“We do play our role as an industry,” Smith said. “But we also need to stand up for customers.”
For example, the company frequently receives requests for data customers store in Microsoft’s servers. But Smith “believes emphatically” that the government should serve warrants on the business it is investigating instead of going to Microsoft for the information.
“This is the way that law enforcement and the law have worked in our country for over two centuries,” Smith said. “Cloud computing should not change that balance. Businesses should have a right to know so they can defend themselves.”
That’s why Microsoft is joining with other tech companies to change the way government requests data, a processes that usually takes place in secret courts with little chance for the companies to stick up for their customers.
Smith’s comments were part of the ongoing RSA conference, which is full of talks on the tumultuous cybersecurity atmosphere around the world. Video of Smith’s talk should be posted later today, and we’ll update this article with that video when it goes live.