Protecting Data, Technically.

As I mentioned in a post the middle part of last year, the physical location of data remains an important aspect in securing it from unwanted government prying.


5 February 2016

customer managed encryption keys

As I mentioned in a post the middle part of last year, the physical location of data remains an important aspect in securing it from unwanted government prying. That post described Microsoft’s continuing legal struggle with the government over a warrant, executed in the U.S., for data it held in its Irish data center. And just a few months ago, Intralinks Director of Product Marketing Pete Brown, did a post on the Microsoft case and Intralinks.

Microsoft has now made a bold move to future-proof their business and provide assurance to foreign customers regardless of the ultimate outcome of the case in U.S. courts. Beyond just placing a data center in a foreign jurisdiction, Microsoft has taken the extra step of partnering with Deutsche Telekom subsidiary T-Systems. T-Systems will be the “data trustee” and Microsoft will have no access to the data in the data center. Only if granted direct access to that data by T-Systems or the customer, would Microsoft be able to obtain that data. This may provide Microsoft the insulation they need to resist a court order in the U.S. (or extra-judicial pressure from U.S. government agencies). This is meant to help assuage concerns of European and other foreign customers of Microsoft that may be skittish that the U.S. Government has access to their information.

While Microsoft has chosen a physical and legal structuring of their IT infrastructure, other companies are choosing a more technical route. Given the extensive cloud offerings, choosing a purely technical solution would  have involved significant re-architecting of its services by Microsoft, so choosing this route was probably more cost effective for them.

Customer Managed Keys

One technical solution, customer managed encryption keys, allows the customers, be they individuals or businesses, to manage who has access to data. The service providers end up with a stream of encrypted data but don’t have access to the underlying information, without the support of the customer.

In the U.S., CALEA (the Communications Assistance for Law Enforcement Act) requires that telecommunications providers provide a way for law enforcement to wiretap conversation. However, this law has limited applicability for the public switched telephone network and VOIP service. Interesting CALEA provides an exception for encryption to which the carrier does not have the ability to decrypt. 47 USC 1002 (b)(3) states “A telecommunications carrier shall not be responsible for decrypting, or ensuring the government’s ability to decrypt, any communication encrypted by a subscriber or customer, unless the encryption was provided by the carrier and the carrier possesses the information necessary to decrypt the communication [Emphasis added].”

Current calls for a CALEA II by law enforcement would seek to expand the reach to additional forms of communication and possibly require companies to build in backdoors to encryption products. Notably the tech industry is fighting such demands as it inherently weakens the security of their services and, obviously, reduces their marketability to foreign customers.



R. Jason Cronk

R. Jason Cronk

R. Jason Cronk is a privacy engineering consultant with Enterprivacy Consulting Group, a boutique privacy consulting firm, where his current focus is on helping companies overcome the socio-technical challenges of privacy through privacy engineering and Privacy by Design. He is a CIPP/US, a Privacy by Design ambassador, a licensed attorney in Florida, an author, blogger, speaker and passionate advocate for understanding privacy.