Skype cooperates with the US government to allow access to user communications – archived source

Project Chess: How U.S. Snoops On Your Skype

Peter Cohan Contributor – Jun 20, 2013, 07:48am EDT

If you thought that the U.S. government only tracks meta-data on your calls or scoops up your Facebook page and YouTube videos, think again. Skype — a subsidiary of Microsoft since October 2011 when Redmond bought it for $8.5 billion — operates a program that makes it easy for the government to snoop on your Skype calls.

In 2008, when it was an eBay subsidiary, Skype began Project Chess, “to explore the legal and technical issues in making Skype calls readily available to intelligence agencies and law enforcement officials,” reports Bits.

Anonymous sources, seeking not to damage their business links with the government, told Bits that “fewer than a dozen people inside Skype” developed Project Chess at the same time that Skype was disputing legal issues with the government.

Project Chess continued when eBay sold Skype for $2.75 billion in 2009 to Silver Lake Partners, Andreessen Horowitz — whose founder, Mark Andreessen was then an eBay board member, and Index Ventures.

In 2012, a Skype executive denied that then-recent changes in Skype’s technology were made on orders from Microsoft to smooth law enforcement’s glide path to snooping.

Whether that denial is more than PR puff, the PowerPoint slides leaked by former Booz Allen employee, Edward J. Snowden, indicate that Skype joined Prism on February 6, 2011 — before Microsoft bought it.

Back in June 2008, Skype told CNET that it could not comply with law enforcement requests to snoop on Skype calls.

Jennifer Caukin, then Skype’s director of corporate communications, told CNET, “because of Skype’s peer-to-peer architecture and encryption techniques, Skype would not be able to comply with a request for live interception or wiretap of Skype-to-Skype communications.”

Microsoft executives would not affirm Caulkin’s 2008 claim that Skype calls could not be wiretapped. And Microsoft declined to comment to Bits through spokesman, Frank X. Shaw.

The government is not the only one snooping on your Skype — so is Microsoft. But don’t worry, according to ajc.com, Redmond is just downloading every Skype message you send that contains a “secure” https URL — such as the kind of link you might use to access your bank account.

A German security portal, Heise Security, was the first to discover Microsoft’s snooping on your https-laden Skype messages. That’s because a Heise reader noticed that Microsoft was accessing https URLs transmitted over Skype. Heise and Ars Technica sent their own test URLs and the same thing occurred, according to ajc.com.

Skype referred ajc.com to its usage policy: “Skype may use automated scanning within Instant Messages and SMS to (a) identify suspected spam and/or (b) identify URLs that have been previously flagged as spam, fraud, or phishing links.”

But that sounds like a smokescreen to me. After all, Heise told ajc.com that “spam and phishing sites are not usually found on https pages.”

I would love to know why Microsoft and Skype are collecting and holding onto my Skype messages. But ajc.com reports, “Neither Skype nor Microsoft is saying what they are doing with the information they are gathering, or how long they are keeping it.”

Perhaps Microsoft is just holding the information for the government to snoop on it. And with Bits‘ reporting on the tight intertwining of Silicon Valley and the National Security Agency, for those who value their privacy, there is increasingly little difference between the two.

Tricia Payer, Vice President at Waggener Edstrom Worldwide said, “Microsoft doesn’t have any information to share.”

chevron_left
chevron_right