Caspar Bowden, who authored Microsoft's privacy policy between 2002 and 2011 for 40 countries, said this week that he distrusts his former employer and has gone so far as to ditch his mobile phone.
Bowden, who now calls himself a "privacy advocate," told a conference this week that he was unaware that Microsoft participated in Prism, a charge that Microsoft has denied. But Bowden, as quoted in The Guardian, now says that he will only use open-source software and had ditched his phone for privacy's sake.
"I don't trust Microsoft now," Bowden said.
Between 2002 and 2011, Bowden was in charge of the privacy policy for 40 countries in which Microsoft operated, but not the United States. His LinkedIn profile lists his title as chief privacy advisor for the worldwide technology office at Microsoft.
"The public now has to think about the fact that anybody in public life, or person in a position of influence in government, business or bureaucracy, now is thinking about what the NSA knows about them," Bowden said, according to the paper. "So how can we trust that the decisions that they make are objective and that they aren't changing the decisions that they make to protect their career? That strikes at any system of representative government."
Microsoft helped the National Security Agency crack its own encryption to give the agency access to email stored on its Outlook.com service, reports in The Guardian and elsewhere have alleged. Microsoft has denied the charges, although admitting that it will turn over emails when it says it's "legally obligated" to do so.
The way in which the Foreign Surveillance Intelligence Act is worded means that anyone living outside the United States has no legal protection from the NSA's prying eyes, Bowden said.
Bruce Schneier, a cryptograhy expert, perhaps said it best that the foundation of trust at the center of the Internet has been irreparably damaged, possibly destroyed. "I assume that all big companies are now in cahoots with the NSA, cannot be trusted, are lying to us constantly," Schneier said recently. "You cannot trust any company that makes any claims of the security of their products. Not one cloud provider, not one software provider, not one hardware manufacturer."