COO Kevin Turner: Microsoft Won't Give Feds Unfettered Access to Data
In his annual address to partners, Microsoft COO Kevin Turner said the company will not provide any government access to customer data. Microsoft will fight any requests by a government to turn over data, Turner told 16,000 attendees at the company's annual Worldwide Partner Conference, which kicked off today in Washington, D.C.
"We will not provide any government with direct unfettered access to customers' data. In fact we will take them to court if necessary," said Turner. "We will not provide any government with encryption keys or assist their efforts to break our encryption. We will not engineer backdoors in the products. We have never provided a business government data in response to a national security order. Never. And we will contest any attempt by the U.S. government or any government to disclose customer content stored exclusively in another place. That's our commitment."
Microsoft will notify business and government customers when it does receive legal orders, Turner added. "Microsoft will provide governments the ability to review our source code, to reassure themselves of its integrity and confirm no backdoors," he said.
The remarks were perhaps the most well received by the audience during his one-hour speech that also covered the progress Microsoft has made for its customers in numerous areas including the success of Office 365, Azure, virtualization gains over VMware, business intelligence including last year's boost to SQL Server and the release of Power BI, which included its new push into machine learning. While Microsoft Chief Counsel Brad Smith has issued a variety of blog posts providing updates and assurance that it will protect customer data, Turner's public remarks step up the tenor of Microsoft's position on the matter.
While not addressing former NSA contractor Edward Snowden by name, it was a firm and public rebuke to accusations last year that Microsoft provided backdoors to the government. Turner acknowledged that despite its 12-year-old Trustworthy Computing Initiative, its Security Development Lifecycle and a slew of other security efforts, Microsoft needs to (and intends) emphasize security further. "When you think about the cyber security issues, there's never been an issue like this past year," Turner said. "It is a CEO-level decision and issue."
Turner talked up Microsoft's existing efforts including its ISO standard certifications, operational security assurance Windows Defender, Trusted Platform Module, Bitlocker and various point products. He also played up the company's higher level offerings such as assessments, threat detection response services and its digital crimes unit.
Microsoft has other security offerings and/or efforts in the pipeline, Turner hinted. "We will continue to strengthen the encryption of customer data across our network and services," he said. "We will use world-class cryptography and best-in-class cryptography to do so."
Posted by Jeffrey Schwartz on 07/14/2014 at 2:47 PM