Microsoft, like many big technology companies, has a massive user base that crosses more than a few borders. And that poses a problem for any company that wishes to balance lawful requests for user data and the privacy protections of said users.
Brad Smith, Microsoft's vocal General Counsel and executive vice president of the software company's Legal and Corporate Affairs department, called on the world's governments to come to the table and work out a framework that removes the cloud of uncertainty that has gripped the IT industry. With data privacy and government surveillance reform on the agenda at this week's World Economic Forum meeting in Davos, Switzerland, his company is using its clout to push those issues to the forefront.
"We need an international legal framework – an international convention – to create surveillance and data-access rules across borders," he wrote in a Jan. 20 Microsoft on the Issues blog post.
As recent revelations have shown, not all user data is treated equally by government surveillance and law enforcement agencies, reminded Smith. "The issues of the last year have reminded the world that the strong protections afforded by the U.S. Constitution and in U.S. law seldom apply to other countries' citizens," he said.
Smith noted that "surveillance takes place by governments internationally," and unsurprisingly, "governments around the world demand access to customer data." Therefore, he added, "we need to broaden the topic and bring together governments to create a new international legal framework."
Under such a framework, privacy protections must be upheld, argued Smith. "The cornerstone of such a convention should be respect for human rights and individual privacy." Whichever agreements governments adopt "should ensure that governments seek information about the private citizens of the other participating countries only pursuant to legal rules and due process," he said.
Microsoft, along with other tech giants including Google and Apple, have been rocked by allegations that the National Security Agency's (NSA) surveillance apparatus included privileged access to their systems and unencrypted Internet traffic, granting the United States government practically unfettered access to user data. The capabilities came to light after Edward Snowden, an ex-NSA contractor, leaked classified information to the press.
Following months of controversy, President Barack Obama finally announced NSA reforms in a Jan. 17 policy speech. Reforms include more oversight for the NSA's intelligence-gathering operations and changes to how phone metadata is handled. Smith signaled that while it's a step in the right direction, Microsoft intends to remain vigilant.
"We appreciate the steps the President announced, which represent positive progress on key issues including privacy protections for non-U.S. citizens," said Smith. "There is more work to do to define some of the details and additional steps that are needed, so we’ll continue to work with both the administration and Congress to advocate for reforms consistent with the principles our industry outlined in December."
Last month, Microsoft joined Google, Apple, Facebook, LinkedIn and Yahoo and published an open letter on a Website called "Reform Government Surveillance" demanding changes to how governments collect user data. "Consistent with established global norms of free expression and privacy and with the goals of ensuring that government law enforcement and intelligence efforts are rule-bound, narrowly tailored, transparent, and subject to oversight, we hereby call on governments to endorse the following principles and enact reforms that would put these principles into action," they wrote.