Extent of Microsoft's involvement with Prism revealed

Redmond giant denies providing "blanket access" to Outlook, SkyDrive and Skype

Microsoft has today issued a statement following an article in the Guardian yesterday that revealed the extent of the company's collaboration with the US National Security Agency (NSA) in its Prism surveillance programme.

The article, based on the latest top-secret documents to be released by whistleblower Edward Snowden, says that Microsoft allows the NSA access to emails on Outlook.com and Hotmail before they can be encrypted, helps the agency to circumvent its encryption, provides backdoor access to Skype, and has worked with the FBI and NSA to enable access to the SkyDrive cloud storage facility by agents without requiring authorisation by NSA's Special Source Operations (SSO) division.

The documents paint a picture of an increasingly cosy relationship between Microsoft and the federal agencies, with Microsoft actively helping agents to access data on its systems more easily.

In relation to Skype, the documents show that the integration of Skype into the Prism programme accellerated after its acquisition by the Redmond giant in 2011 (at which time the company was silent about rumoured back doors), with monitoring of its video services roughly trippling since this time last year.

The NSA's searches of the surveilled data are automatically shared among other intelligence agencies, including the FBI and the CIA, which may then request further information based on these search terms. One of the documents' authors describes Prism as being "a team sport."

In a statement released today, Microsoft sought to distance itself from the US security infrastructure, in effect claiming that while it remains largely in control of what is released to government agenices, it has no option but to co-operate. The statement reads as follows:

"We have clear principles which guide the response across our entire company to government demands for customer information for both law enforcement and national security issues.

First, we take our commitments to our customers and to compliance with applicable law very seriously, so we provide customer data only in response to legal processes. Second, our compliance team examines all demands very closely, and we reject them if we believe they aren't valid. Third, we only ever comply with orders about specific accounts or identifiers, and we would not respond to the kind of blanket orders discussed in the press over the past few weeks, as the volumes documented in our most recent disclosure clearly illustrate. To be clear, Microsoft does not provide any government with blanket or direct access to SkyDrive, Outlook.com, Skype or any Microsoft product.

Finally when we upgrade or update products legal obligations may in some circumstances require that we maintain the ability to provide information in response to a law enforcement or national security request. There are aspects of this debate that we wish we were able to discuss more freely. That's why we've argued for additional transparency that would help everyone understand and debate these important issues."