• United States



How much privacy will you have with Microsoft’s ‘family of devices’?

Jul 14, 20135 mins
Data and Information SecurityEncryptionMicrosoft

After collaborating with NSA and FBI to offer surveillance for Skype, SkyDrive,, even circumventing its own encryption, how much privacy will you have with Microsoft's upcoming 'family of devices'?

Windows may only be a “shell” now, said six different times by Steve Ballmer as he revealed a new strategy for Microsoft that revolves around a “family of devices.” The company will “design, create and deliver through us and through third parties a complete family of Windows-powered devices,” which will include “a full spectrum of both partner and first-party devices. Our family will include phones, tablets, PCs, 2-in-1s, TV-attached devices and other devices to be imagined and developed.”

What good is a door lock if the manufacturer first hands out a master key to law enforcement? What good is a promise that your privacy is a top priority by a company that provides free spying to law enforcement? What good is encryption if PRISM capabilities allow intelligence agencies to collect your emails, such as those from, Hotmail or Live, before they are encrypted? What do you have to look forward to with Microsoft’s upcoming “family of devices?” Surely there will be government surveillance backdoors on all.

Your privacy is very important to Microsoft, the company alleges, as it used privacy for a battleground to slam Google. For example, during its anti-Google campaign called ‘Scroogled,’ Microsoft launched a privacy petition to stop Google from scanning “every word of every email” to serve up relevant ads. The Redmond giant pointed out that “there’s no way to opt out of this invasion of your privacy.” But, thanks to documents provided by Edward Snowden, we know that there is no way to opt out of Microsoft practically handing all your emails directly to intelligence agencies. It’s more than email; what you store on SkyDrive and what you do over Skype is not private. Is that not also an invasion of your privacy?

After reviewing top-secret PRISM documents obtained by Snowden, The Guardian reported that Microsoft collaborated with intelligence agencies and even helped the NSA circumvent Microsoft’s own encryption, so the government could conduct surveillance through the company’s products.

  • Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new portal;
  • The agency already had pre-encryption stage access to email on, including Hotmail;
  • The company worked with the FBI this year to allow the NSA easier access via PRISM to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;
  • Microsoft also worked with the FBI’s Data Intercept Unit to “understand” potential issues with a feature in that allows users to create email aliases;
  • In July last year, nine months after Microsoft bought Skype, the NSA boasted that a new capability had tripled the amount of Skype video calls being collected through PRISM;
  • Material collected through PRISM is routinely shared with the FBI and CIA, with one NSA document describing the program as a “team sport”.

In fact, one document dated a year ago, in July 2012, claims that monitoring of Microsoft-owned Skype now includes video chats. “The audio portions of these sessions have been processed correctly all along, but without the accompanying video. Now, analysts will have the complete ‘picture’.”

Another document, dated April 2013, claims the FBI worked “for many months” with Microsoft “to allow Prism access without separate authorization to its cloud storage service SkyDrive.”

Microsoft said it does not provide “blanket” or “direct” access to “any government” for all its products, but only provides customer data “in response to government demands and we only ever comply with orders for requests about specific accounts or identifiers.” The company added, “When we upgrade or update products we aren’t absolved from the need to comply with existing or future lawful demands.”

Yet Microsoft has a long history of spurning users’ privacy in favor of assisting law enforcement and intelligence agencies obtain private user data. For example, Microsoft—unlike other tech giants—does not charge the government even a penny for surveillance of its users. Besides spying on its users for free, the Redmond giant offers the computer forensic software COFEE for free to law enforcement; COFEE assists LEA in extracting private data from Windows computers.

Regarding the future of Microsoft, Ballmer promised that “Going forward, our strategy will focus on creating a family of devices and services for individuals and businesses that empower people around the globe at home, at work and on the go, for the activities they value most.”

I suppose privacy is not usually described as an activity, but don’t expect to have any privacy in Microsoft’s cloud and “family of devices.” Microsoft may offer privacy features to users in its upcoming family of “phones, tablets, PCs, 2-in-1s, TV-attached devices,” but not before making sure those features are cracked to assure they are not kept private from intelligence agencies. After all, Microsoft isn’t “absolved from the need to comply with existing or future lawful demands,” so how could any new products not come with built-in backdoors to assist in surveillance by intelligence agencies?

Like this? Here’s more posts:

  • You might be a terrorist if…you complain about your tap water
  • Breaking down latest leaked PRISM slides claiming U.S. ‘bugged EU offices’
  • Surveillance court ‘secret’ rulings slaughter Fourth Amendment to help NSA spy
  • Govt’s $2.7 million KILL IT WITH FIRE approach to malware: Destroy all hardware
  • Happy Independence Day: Stop Watching Us, Restore the Fourth Amendment
  • Hackers can wipe or steal data from security holes in 300,000 servers
  • Hacking and attacking automated homes
  • Former CIA, NSA director sounds off on PRISM, spying tools
  • MSFT to developers: Fix Windows app security flaws in 180 days or be kicked from stores
  • Microsoft Research: MoodScope, a context-aware smartphone to sense and share your mood

Follow me on Twitter @PrivacyFanatic

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.