[liberationtech] Microsoft Releases 2012 Law Enforcement Requests Report
Eric S Johnson
crates at oneotaslopes.org
Thu Mar 21 18:49:19 PDT 2013
> I wrote to them and asked these questions, as well as a few others.
>
> What other questions should we pose to them, I wonder?
Why are RU and CN (most glaringly) absent from the first chart enumerating
the number (and type) of requests by country? It's hard to believe those
countries' security services have no interest in (non-Skype) Microsoft data.
Is MS defining those countries as having no legal standing to request MS
data, and therefore any requests from them would be rejected out-of-hand?
"We provide SSL encryption for Microsoft services and Skype-Skype calls on
our full client (for full function computers) are encrypted on a
peer-to-peer basis; however, no communication method is 100% secure. For
example ... users of the Skype thin client (used on smartphones, tablets and
other hand-held devices) route communications over a wireless or mobile
provider network."
--Is the implication that the Skype clients used on smartphones
don't provide the same end-to-end encrypted-by-session-specific-keys level
of security that the Skype for Windows client does?
"Skype received 4,713 requests from law enforcement. ... Skype produced no
content in response to these requests."
--It's hard to believe that LEAs never validly requested a record of
a Skype user's IM sessions. Perhaps LEAs don't know those data exist?
Best,
Eric
More information about the liberationtech
mailing list