"This should be debated in a public setting," said John Dickson, principal at security firm Denim Group and a former U.S. Air Force officer, about the situation in which NSA's global surveillance is tied so clearly to U.S.-based companies. He noted the U.S. government has actually said little but the media much.
This is all putting tremendous pressure on the U.S. high-tech industry, especially abroad in Europe where privacy questions may be making U.S. industry seem less competitive. This week Brad Smith, Microsoft general counsel and executive vice president, legal and corporate affairs at Microsoft, A issued a public statement that sought to clarify Microsoft's participation in the U.S. government's content gathering methods.
""Recent leaked documents have focused on the addition of HTTPS encryption to Outlook.com instant messaging, which is designed to make this content more secure as it travels across the Internet," Microsoft counsel Smith wrote. "To be clear, we do not provide any government with the ability to break the encryption, nor do we provide the government with the encryption keys. When we are legally obligated to comply with demands, we pull the specified content from our servers where it sits in an unencrypted state, and then we provide it to the government agency."
Microsoft's SkyDrive and Skype A is handled somewhat similarly in terms of government requests, Smith said. As far as enterprise and document storage for business customers, "we take steps to redirect the government to the customer directly, and we notify the customer unless we are legally prohibited from doing so," Smith stated in his July 16 post. "We have never provided any government with customer data from any of our business or government customers for national security purposes."
Smith added Microsoft got four requests related to law enforcement in 2012. "We do not provide any government with the ability to break the encryption used between our business customers and their data in the cloud, nor do we provide the government with the encryption keys."
In the meantime, it's safe to assume in this NSA leaks debacle that "the bad guys have switched tactics" and probably wouldn't use U.S.-based high-tech services, Dickson points out. And in this atmosphere of rising cyber-nationalism, the possible role of China's government and its own high-tech industry have to be asked, too, he noted.
Former head of the U.S. Central Intelligence Agency and the NSA, Gen. Michael Hayden, yesterday charged forward on that topic in an interview with The Australian Financial Review.