Feeds

Activists urge Skype: Tell us who is spying on us

Microsoft mum on privacy, security policies

3 Big data security analytics techniques

A coalition of activists, privacy organizations, journalists, and others have called upon Microsoft to be more forthright about when, why, and to whom it discloses information about Skype users and their communications.

In an open letter published on Thursday, the group argues that Redmond's statements about the confidentiality of Skype conversations have been "persistently unclear and confusing," casting the security and privacy of the Skype platform in doubt.

"Many of its users rely on Skype for secure communications – whether they are activists operating in countries governed by authoritarian regimes, journalists communicating with sensitive sources, or users who wish to talk privately in confidence with business associates, family, or friends," the letter explains.

Among the group's concerns is that although Skype was founded in Europe, its acquisition by a US-based company – Microsoft – may mean it is now subject to different eavesdropping and data-disclosure requirements than it was before.

The group claims that both Microsoft and Skype have refused to answer questions about what kinds of user data the service retains, whether it discloses such data to governments, and whether Skype conversations can be intercepted.

The letter calls upon Microsoft to publish a regular Transparency Report outlining what kind of data Skype collects, what third parties might be able to intercept or retain, and how Skype interprets its responsibilities under the laws that pertain to it. In addition it asks for quantitative data about when, why, and how Skype shares data with third parties, including governments.

As the letter points out, several other companies already provide such reports, including Google, Twitter, and Sonic.net. Google's most recent report showed government requests for user data from online companies have increased 70 per cent in just three years.

Microsoft bought Skype in 2011 for $8.5bn and has since been working to make the service a key pillar of its communications strategy. Most recently, Microsoft announced that it would shut down its Windows Live Messenger service in March and urged all current Messenger users to switch to Skype.

Redmond's strong-arm tactics haven't pleased Messenger fans, but they've impressed privacy advocates even less, given the ambiguity about what information Skype discloses.

"On the eve of Microsoft's integration of Skype into many of its key software and services, the time has come for Microsoft to publicly document Skype's security and privacy practices," Thursday's open letter reads.

The letter is co-signed by a total of 61 individuals and 45 organizations, including such groups as the AIDS Policy Project, Cyber Arabs, DotConnectAfrica, the Egyptian Initiative for Personal Rights, the Electronic Frontier Foundation, Reporters Without Borders, the Thai Netizen Network, and the Tibet Action Institute.

When The Reg reached out to Redmond for comment, a spokesperson said Microsoft was reviewing the letter.

"Microsoft has an ongoing commitment to collaborate with advocates, industry partners and governments worldwide to develop solutions and promote effective public policies that help protect people's online safety and privacy," the company said in an emailed statement. ®

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.