Microsoft said to beef up its Internet encryption

Edward Snowden's NSA leaks have caused Google, Yahoo, and Facebook to pledge stronger Internet encryption. Is Microsoft next on the list?

Dara Kerr Former senior reporter
Dara Kerr was a senior reporter for CNET covering the on-demand economy and tech culture. She grew up in Colorado, went to school in New York City and can never remember how to pronounce gif.
Dara Kerr
2 min read

Microsoft has been an outspoken critic of the National Security Agency's surveillance program, yet it has trailed behind other major tech companies in amping up its Internet encryption practices. However, that could soon change.

The tech giant is looking to overhaul its system for encrypting Internet traffic, according to the Washington Post. Sources familiar with the matter told the newspaper that Microsoft is making the change because it believes the NSA might have breached its global communications systems.

Microsoft's conclusions most likely stem from documents leaked by the former NSA contractor Edward Snowden. In October, the Washington Post reported on a newly surfaced document that showed the NSA secretly accessed data from several tech giants by intercepting unencrypted Internet traffic in a program called MUSCULAR.

In the wake of these revelations, tech companies have been quick to maintain their innocence in the situation, along with show that they're working to protect users' privacy.

Google has been at the forefront of boosting its Internet encryption. In May, the company announced that it would switch over to stronger 2,048-bit encryption keys by the end of 2013. However, Google finished early and began implementation of the new keys last week. This type of encryption is said to take more than a decade to overcome because of computing power constraints.

Both Yahoo and Facebook have also said they're moving to 2,048-bit encryption keys in the near future.

Microsoft announced last week that it will introduce message encryption for Office 365 in early 2014. This new service will automatically encrypt all users' e-mail. However, the company has not yet outlined other levels of encryption it's planning for its other products.

Leaked documents from MUSCULAR and other surveillance projects show that the NSA could have spied on Microsoft's Hotmail, Windows Live Messenger, and Microsoft Passport, according to the Washington Post.

While the company hasn't publicly announced anything, at a recent shareholder meeting Microsoft's general counsel, Brad Smith, said, "We're focused on engineering improvements that will further strengthen security, including strengthening security against snooping by governments."

When CNET contacted Microsoft to ask about the allegations of the NSA monitoring its Internet traffic, the company responded with a statement from Smith that said, "These allegations are very disturbing. If they are true these actions amount to hacking and seizure of private data and in our view are a breach of the protection guaranteed by the Fourth Amendment to the Constitution."

Microsoft's top executives are scheduled to meet later this week, according to the Post. During this meeting, they're supposedly scheduled to discuss what encryption practices to use and a timeline for implementation.

Updated November 27 at 5:30 p.m. PT with comments from Microsoft general counsel Brad Smith.