Skype denies police surveillance policy change
- Published
Microsoft's online message, phone and video chat service Skype has denied making changes to its system "in order to provide law officers greater access" to its members' conversations.
It follows reports suggesting infrastructure upgrades had made it easier to hand on users' chat data.
Skype has now posted a blog saying the changes were made solely <link> <caption>to improve user experience and reliability</caption> <url href="http://blogs.skype.com/en/2012/07/what_does_skypes_architecture_do.html" platform="highweb"/> </link> .
But it added it would pass on messages to law enforcement when "appropriate".
'Wiretap' patent
Concern about Microsoft's intentions were first raised over a year ago after <link> <caption>the Conceivablytech blog revealed</caption> <url href="http://www.conceivablytech.com/8108/products/microsoft-may-add-eavesdropping-to-skype" platform="highweb"/> </link> the firm had filed a <link> <caption>US patent for Legal Intercept</caption> <url href="http://appft1.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch-bool.html&r=1&f=G&l=50&co1=AND&d=PG01&s1=20110153809.PGNR.&OS=DN/20110153809RS=DN/20110153809" platform="highweb"/> </link> - a technology "capable of silently copying the communication between at least two entities" on Voip (voice over internet protocol) calls.
It specifically made reference to "Skype and Skype-like applications" despite being filed in 2009, 17 months before Microsoft paid $8.5bn (£5.4bn) to take over the service.
In May 2012 the issue was revived after security researcher Kostya Kortchinsky blogged that the <link> <caption>firm had changed its "supernode" policy</caption> <url href="http://expertmiami.blogspot.co.uk/2012/05/skype-does-away-with-random-supernodes.html" platform="highweb"/> </link> .
While in the past Skype had relied on users with high-spec systems to help its members' computers locate each other when a call was made, the firm had now switched to a system in which all such connections were made using in-house servers.
This prompted posts on some blogs <link> <caption>linking the the move to the earlier surveillance patent</caption> <url href="http://skype-open-source.blogspot.ch/" platform="highweb"/> </link> which were then followed up by the news site <link> <caption>Extreme Tech</caption> <url href="http://www.extremetech.com/computing/132935-microsoft-tweaking-skype-to-facilitate-wiretapping" platform="highweb"/> </link> .
Reports in the mainstream media including articles by <link> <caption>Forbes</caption> <url href="http://www.forbes.com/sites/anthonykosner/2012/07/18/did-microsoft-change-the-architecture-of-skype-to-make-it-easier-to-snoop/" platform="highweb"/> </link> , and <link> <caption>The Washington Post</caption> <url href="http://www.washingtonpost.com/business/economy/skype-makes-chats-and-user-data-more-available-to-police/2012/07/25/gJQAobI39W_story.html" platform="highweb"/> </link> followed.
The latter said industry and government officials had told it that Skype "has expanded its co-operation with law enforcement authorities to make online chats and other user information available to police".
It said its sources had spoken to it "on the condition of anonymity".
Peer-to-peer calls
Skype's blog post said it was "false" to believe the changes it had made allowed it to monitor and record audio and video calls. It said that while its servers helped members locate each other and maintain quality, the actual call data usually bypassed its equipment going directly from one users' equipment to another.
"Skype to Skype calls do not flow though our data centres and the 'supernodes' are not involved in passing media (audio or video) between Skype clients," wrote Mark Gillett, the firm's chief development and operations officer.
But he added that group calls including more than two parties were an exception, "where a server aggregates the media streams (video) from multiple clients and routes this to clients that might not otherwise have enough bandwidth to establish connections to all our partners".
Instant messages
The Washington Post article had focused on written instant messages, rather than video/audio calls.
Mr Gillett denied Skype's moves had been designed to "facilitate law enforcement" but he did acknowledge the company would give the authorities access to messages if "a law enforcement entity follows the appropriate procedures" and the procedure was "technically feasible".
His post suggested it would be possible to pass on messages in some instances.
"In order to provide for the delivery and synchronisation of instant messages across multiple devices, and in order to manage the delivery of messages between clients situated behind some firewalls which prevent direct connections between clients, some messages are stored temporarily on our (Skype/Microsoft) servers for immediate or later delivery to a user," he wrote.
<link> <caption>Skype's privacy policy acknowledges</caption> <url href="http://www.skype.com/intl/en/legal/privacy/general" platform="highweb"/> </link> "IM messages are currently stored for a maximum of 30 days unless otherwise permitted or required by law".
- Published16 July 2012
- Published26 May 2011
- Published10 May 2011
- Published23 December 2010