The Schwartz Report

Blog archive

Microsoft Takes New Measure To Circumvent NSA Surveillance

Looking to ensure its foreign customers don't back off from using cloud services, Microsoft plans to give them the option of assuring their data is stored on systems outside the U.S. The move aims to ease concerns by customers outside the U.S. that the National Security Agency (NSA) or other U.S. agencies can intercept their encrypted communications.

NSA surveillance activities such as the PRISM  program revealed last year by former contractor Edward Snowden have stoked fear in customers that their data stored on U.S. soil isn't secure. Microsoft's response will address concerns and cover data sovereignty requirements by those in foreign countries, particularly Brazil and throughout the European Union.

Brad Smith, Microsoft's chief counsel, revealed the company's plan to give customers the choice of where their data is stored in an interview last week with the Financial Times. "People should have the ability to know whether their data are being subjected to the laws and access of governments in some other country and should have the ability to make an informed choice of where their data resides," Smith said.

Microsoft confirmed his comments but said it has no immediate plans to elaborate. But Jeffrey Chester, executive director of the Center for Digital Democracy, an advocacy organization for privacy, said Microsoft is the first major U.S.-based digital provider to give customers control over where their data is stored.

"Practically the entire industry is strongly opposed to any EU rule requiring that data on its citizens be stored -- and also regulated -- by either member states or other governmental entities," he said in an e-mail yesterday. "This move should boost the company's prospects attracting EU and other privacy concerned businesses or consumers. It's unlikely, however, that others will follow suit, despite Microsoft breaking ranks with the industry lobby."

Asked why, Chester pointed to a number of groups that oppose forcing providers to offer that choice. Among them are the Internet Association, whose members include Amazon, eBay, Facebook and Yahoo; the Business Coalition for Transatlantic Trace (BCTT) Digital Trade Working Group, which includes companies that perform online international trade including its corporate chairs Amway, Chrysler, Citigroup, Dow Chemical, FedEx, Ford, GE, IBM, Intel, Johnson & Johnson, JP Morgan Chase, Eli Lilly, MetLife and UPS; and the  Information Technology and Innovation Foundation (ITIF), a Washington, DC.-based think tank, that ironically is backed by Microsoft, Chester noted.

Will their positions change? "They want to stuff exporting consumer data to the cloud down the throat of EU consumers.  Perhaps demand will over time change their position, but for now they want no local rules." What are your views on Microsoft's plans to allow foreign customers to store their data offshore?

Posted by Jeffrey Schwartz on 01/30/2014 at 11:24 AM


  • RAMBleed Side-Channel Attack Method Disclosed by Researchers

    Academic researchers this week published information about another side-channel attack method, called "RAMBleed," that can expose information from memory chips, including encryption key information.

  • Penguin

    Windows 10 Preview Build 18917 Shows Off New Linux Integration

    Microsoft's latest Windows 10 "fast-ring" preview release is showcasing a coming Delivery Optimization enhancement, along with the ability to try the newly emerged Windows Subsystem for Linux version 2.

  • Customizing Microsoft Office 365

    While the overall look and feel of Office 365 is pretty standard across organizations, there are several ways to personalize it and make it fit better with your company's specific needs.

  • Microsoft 365 Business Tenants Getting Conditional Access and Trouble-Ticket Features

    Microsoft added its conditional access security service to Microsoft 365 Business subscriptions, according to a Wednesday announcement, and it also added new trouble-ticket features for Microsoft 365 administrators.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.