NSA documents show Microsoft's Prism cooperation

Leaks show Microsoft collaborated with NSA and FBI to collect data from cloud services

Newly leaked documents show how the NSA was able to routinely collect data from a number of cloud services run by Microsoft.

The documents, which are published in Greenwald's new book, No Place to Hide: Edward Snowden, the NSA and the Surveillance State, show how data collection from SkyDrive (now OneDrive) was commenced by the NSA just months before Edward Snowdon lifted the lid on the agency's internet surveillance programme.

"Beginning on 7 March 2013, Prism now collects Microsoft SkyDrive data as part of Prism's standard Store Communications collection package for a tasked FISA Amendments Act Section 702 (FAA702) selector," stated one of the slides released.

The FISA Amendment Act of 2008 retrospectively legalised the agency's surveillance of the internet and cleared the way for warrantless wiretapping.

"This means that analysts will no longer have to make a special request to SSO for this," it said. "This new capability will result in a much more complete and timely collection response from SSO for our enterprise customers."

The document suggests that the NSA had the full cooperation of Microsoft in building a system to access data in Microsoft's cloud, especially corporate documents created using Microsoft Office.

"This success is the result of the FBI working for many months with Microsoft to get this tasking and collection solution established," it said.

The news of the leak comes after revelations by the same journalist of the NSA intercepting shipments of routers, switches and servers in order to hide their surveillance equipment.

A June 2010 report from the head of the NSA's Access and Target Development department explains how the NSA would intercept packages, he alleges. The agency would then install surveillance equipment before resealing the packages so the changes were undetectable. The shipments would then be sent abroad.

When the equipment was finally received and installed it would then connect back to the NSA. The report states: "In one recent case, after several months, a beacon implanted through supply-chain interdiction called back to the NSA covert infrastructure. This call back provided us access to further exploit the device and survey the network."