“Snowden Effect” Causes Companies to Alter their Email Services
by Michael Hickins, Wall Street Journal
Business and consumer wariness of surveillance has pushed two of the world’s largest companies to make significant changes to their email services. Microsoft Corp. has decided to change its policies for accessing customer email after the company faced scrutiny for searching a user’s Hotmail email account to investigate a leak of company software, the WSJ’s Shira Ovide reports. Hotmail is the former name for Microsoft’s free Internet email service, now called Outlook.com. Separately, Google Inc. announced Thursday that it will use an encrypted HTTPS connection when users check or send Gmail. “Today’s change means that no one can listen in on your messages as they go back and forth between you and Gmail’s servers—no matter if you’re using public WiFi or logging in from your computer, phone or tablet,” Google said in a blog post.
Include the NSA in that reference to “no one.” Google and other tech firms were furious when documents provided by NSA whistleblower Edward Snowden showed that the intelligence agency had found a way to tap Internet data in transit. The revelations also raised awareness among businesses and consumers that governments — and technology companies themselves — could access information about them.
Microsoft could be said to have been adhering to its terms of service when it peeked into the email account of one of its customers, a blogger to whom it suspected an employee had been leaking company secrets. According to an internal investigation, Alex Kibkalo, a Russian national, uploaded pre-release updates of Windows 8 RT as well as a software development kit developed for Microsoft use only and released them to the blogger, Bl00mberg’s Karen Gullo and Edvard Pettersson report. Existing terms of service give Microsoft permission to access users’ communications to respond to police or law enforcement requests, and to “protect the rights or property of Microsoft.” However, Microsoft said that going forward, when its investigators want to access information from customer accounts, company officials will have to present evidence to an outside lawyer who is a former federal judge.
Finally, falling under the category of “he said, she said”: A senior lawyer at the National Security Agency said that tech companies were aware of the agency’s Internet data collection efforts, including its program targeting Internet data in transit. “Collection under this program was a compulsory legal process, that any recipient company would receive,” said Rajsh De, the NSA general counsel, at a U.S. government hearing. Mr. De also addressed claims by some companies that they had never heard of Prism, one NSA Internet data collection program, saying that before Edward Snowden leaked NSA documents, Prism “was an internal government term,” the Guardian’s Spencer Ackerman reports.