Skip to main content
omar el akkad

KACPER PEMPEL/Reuters

Right around the time Edward Snowden was getting ready to make a surprise appearance by video-conference at the TED conference in Vancouver, I and a half-dozen other reporters were a few hours' drive south, in Microsoft's headquarters just outside Seattle, trying to get a straight answer to our own questions about government surveillance.

In case you're wondering, no such answers were forthcoming.

This week, Mr. Snowden, the man responsible for a massive and ongoing spill of revelations about the extent of U.S. Internet spying, spoke to an audience at the TED conference about his motivations for exposing his own government's secrets.

Most significantly, Mr. Snowden said that we're far from seeing the end of the leaks, which have so far caused great embarrassment to the U.S. government and many of the world's largest tech corporations.

The leaks have also sparked outrage from both everyday Internet users and many of Washington's closest international allies, who discovered they too were being surreptitiously monitored.

"I don't think there's any question that some of the most important reporting to be done is yet to come," said Mr. Snowden, whose stash of secret government documents is estimated to be about 1.7 million files.

Of all the Snowden documents made public so far, perhaps the most high-profile ones have had to do with the extent to which the National Security Agency eavesdrops on the users of services provided by the likes of Google, Microsoft, Apple and Facebook – both with and without those companies' authorization.

As such, it was particularly fortuitous that, earlier this month, a group of international journalists happened to go on a tour of Microsoft's central campus in Redmond, Washington. The invite-only tour was clearly intended as a public relations maneuver, a means to show members of the foreign press the many interesting projects Microsoft is currently engaged in, and to generally cast the company in the best possible light.

But for many of the reporters, it was also a rare chance to ask the executives at one of the allegedly NSA-targetted companies exactly how much they know about government surveillance, and how much they are prepared to tell their customers.

The perfect opportunity for this line of questioning came up during a round-table with four Microsoft executives who focus specifically on the company's cloud-based services. Generally speaking, these are the Internet-based services that customers rent, rather than buy. For example, instead of buying its own computer servers and data storage facilities, a small business may choose to rent this hardware from Microsoft, which then stores the customer's data at an off-site data centre, accessible through the Internet.

Today, the cloud is by far Microsoft's biggest corporate priority.

But given the allegations that the NSA is able to hack and snoop on digital communications at Microsoft and other tech companies, many people now have serious questions about just how secure the cloud really is.

The round-table began with all four executives talking at length about the quality of Microsoft's cloud services, and how quickly those services have grown in recent years. But soon a German reporter interjected, asking the manager responsible for OneDrive (Microsoft's remote file-storage service) why the company doesn't offer end-to-end encryption of data flowing in and out of the service – something that would make it much more difficult for unauthorized parties to spy on the data.

Quickly, the mood in the room seemed to turn a little uncomfortable. Caught off-guard, the executive tried to sidestep the question, referring vaguely to the trust customers have in Microsoft. Pressed on the question, he finally said he could not answer.

At this point, a Microsoft PR rep stepped in to say that the company has taken steps to improve the security of its services in the months since the Snowden leaks began. It is only in the last few weeks, she added, that the U.S. government has allowed Microsoft to say a little bit more about the extent to which the NSA and others make secret requests for customer data.

But if the Snowden leaks have shown anything, another reporter replied, it's that many companies didn't seem to even know their security was being compromised.

Additionally, much of the information Microsoft does know is still effectively a secret to its customers, given that the company is legally prohibited from discussing the warrants often used by the U.S. government to demand customer information. As such, how is Microsoft able to reassure its customers that their data are secure?

After much discussion, the PR rep conceded that, if customers want full assurance their data won't be compromised, they should opt for one of Microsoft's "private cloud" solutions – or, in other words, they should keep their data in-house.

To Microsoft's credit, allowing a group of journalists to pepper executives with uncomfortable questions about NSA spying represents an act of transparency unmatched by virtually any other big tech company. But the executives' responses highlight the extremely difficult situation those companies are now in, thanks to the Snowden revelations. With billions of dollars in profit at stake, Microsoft and others must keep trying to convince their biggest customers that their services are secure enough to handle sensitive corporate information. But the Snowden documents seem to indicate quite clearly that the NSA is able to spy on such data, and that the tech companies either didn't know, didn't care, or were unable to do anything about it.

Today, as the world awaits more Snowden leaks, the only thing anyone can be certain of is that one of the two parties isn't being entirely honest. For months, the major tech firms (including Microsoft) have said they did not deliberately outfit their products with so-called "back doors" to allow government spying, and that they were not aware of any unauthorized hacking of their services by the likes of the NSA.

But this week, a senior NSA lawyer said those companies were well aware the NSA's data-collection and surveillance.

Given the conflicting and opaque statements from both sides, it is becoming increasingly clear that the public's best chance for finding out the exact extent of the U.S. government's Internet surveillance will likely come from those documents Mr. Snowden promises will soon be released.