I’ve known about security concerns related to Skype for quite some time, but I never really understood the details. Thanks to this letter, signed by a large number of organizations and individuals, I now know quite a bit more. For those as ignorant as me on this topic, here is some background:
In June 2008, Skype stated it could not eavesdrop on user conversations due to its peer-to-peer architecture and encryption techniques. Additionally, Skype claimed it was not required to comply with expanded CALEA rules on lawful interception as long as it was based in Europe. As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters.
Since Skype was acquired by Microsoft, both entities have refused to answer questions about exactly what kinds of user data can be intercepted, what user data is retained, or whether eavesdropping on Skype conversations may take place. In 2012, the FBI stated that it had issued a warrant for chats going back to 2007, and that it had utilized those chats as evidence as the basis for criminal charges. This contradicts Skype’s own policy stating that chats are retained for a maximum of 30 days.
The letter begins as follows:
Thursday January 24th, 2013;
Skype Division President Tony Bates
Microsoft Chief Privacy Officer Brendon Lynch
Microsoft General Counsel Brad Smith
Dear Mr. Bates, Mr. Lynch and Mr. Smith,
Skype is a voice, video and chat communications platform with over 600 million users worldwide, effectively making it one of the world’s largest telecommunications companies. Many of its users rely on Skype for secure communications—whether they are activists operating in countries governed by authoritarian regimes, journalists communicating with sensitive sources, or users who wish to talk privately in confidence with business associates, family, or friends.
It is unfortunate that these users, and those who advise them on best security practices, work in the face of persistently unclear and confusing statements about the confidentiality of Skype conversations, and in particular the access that governments and other third parties have to Skype user data and communications.
Read the full Open Letter to Skype.
In Liberty,
Mike
Follow me on Twitter!
Donate bitcoins: 35DBUbbAQHTqbDaAc5mAaN6BqwA2AxuE7G
Follow me on Twitter.
Expect everything.
It is prudent to assume all digital communication is eavesdropped, unless you’re a computer jock and you KNOW otherwise.
I believe it boils down to the simple point mentioned by Paul Rosenberg on Janda a while back, in connection to Julian Assange: our choice is between tyranny and robust encryption for all private communications.