Advocacy Groups Ask Skype To Release Transparency Report

    January 25, 2013
    Zach Walton
    Comments are off for this post.

Skype was embroiled in a mini-controversy last year when reports came out claiming that Skype was spying on its users. The Microsoft-owned company hit back at the reports saying that it only hands over information when law enforcement “follows appropriate procedures.” That explanation, given in July of last year, was apparently not good enough for some advocacy groups.

Reporters without Borders, The EFF, The Action Network and others have sent an open letter to Skype asking the company to clarify its position on the privacy of its users’ communications. The letter states that the service’s users “work in the face of persistently unclear and confusing statements about the confidentiality of Skype conversations, and in particular the access that governments and other third parties have to Skype user data and communications.”

The advocacy groups pushing for more information are concerned that Skype launching on multiple platforms could have worrisome implications for more than just desktop users’ privacy. In fact, Skype will be replacing Windows Live Messenger soon, and it’s rumored to replace Xbox Live chat on the Xbox 360.

The letter calls on Skype to release a transparency report that includes the following information:

Quantitative data regarding the release of Skype user information to third parties, disaggregated by the country of origin of the request, including the number of requests made by governments, the type of data requested, the proportion of requests with which it complied — and the basis for rejecting those requests it does not comply with.

Specific details of all user data Microsoft and Skype currently collects, and retention policies.

Skype’s best understanding of what user data third-parties, including network providers or potential malicious attackers, may be able to intercept or retain.

Documentation regarding the current operational relationship between Skype with TOM Online in China and other third-party licensed users of Skype technology, including Skype’s understanding of the surveillance and censorship capabilities that users may be subject to as a result of using these alternatives.

Skype’s interpretation of its responsibilities under the Communications Assistance for Law Enforcement Act (CALEA), its policies related to the disclosure of call metadata in response to subpoenas and National Security Letters (NSLs), and more generally, the policies and guidelines for employees followed when Skype receives and responds to requests for user data from law enforcement and intelligence agencies in the United States and elsewhere.

The letter’s demands aren’t that absurd. Google, Twitter and others already release frequent transparency reports that detail how much user information is requested from them by governments around the world. In fact, Google just released its latest transparency report that revealed government requests for data have increased yet again.

It’s likely that government requests to Skype for user data have increased in the last year as well. It’s not unreasonable to ask for government requests for user data be made known. We should at least know how many requests are being made every six months. If anything, it will endear Skype to the public even more, and make Microsoft look like it cares about its users.

  • Lincoln DeCoursey

    Skype is not some disruptive little P2P rogue anymore, it’s integrated to the Microsoft platform. Folks on some watchlist should not need any “transparency report” to know that today’s Skype isn’t for them. Compliance with government data demands is how the whole world works today, not just major internet services. Skype is no exception. How much more can it be spelled out?

    Instead of being willfully ignorant, EFF types should turn their focus to developing and evangelizing some useful A/V chat platform where the provider (if there is one) has zero data visibility, and then don’t sell it out.

    Google started this thing with publishing disclosure stats and a few left-coast companies have jumped aboard, but it’s no major trend and certainly not anything you can just demand.

    I get tired of people saying it’s impossible to have online privacy. The Internet is just a communications network and how you use it is up to you. If you spend all day posting to social networks and using cloud services from major corporations, keep in mind that the postcard analogy applies. Please do not bother sending a bunch of letters after the fact demanding to know who possibly has access to which data and under what circumstances.

    Not every single thing on the Internet must be done via Google Chrome pointing at some Facebook, Google or Microsoft server. There are such things as protocols besides HTTP. Particularly if you are some sort of dissident or paranoid with need of secure communications, please check out a P2P protocol for encrypted chat, it’s not like there aren’t several decent options. Just be sure whatever you do involves full-on end-to-end encryption. Run your own server. Setup a VPN. Tunnel over SSH. Take your pick. Just do something besides relying on Skype for privacy, please.

    People complain about a lack of easy to use alternatives to Skype, but how did the Internet become so dumbed down? Unless some functionality is packaged and delivered as a corporate-owned web application, it seems out of the question. When you rely on corporate web sites to provide all of your services and store all of your data, it’s outside of your control.

  • http://Mabuzi.com Mabuzi

    Is it not the reason Skype was bought?

    I hate those annoying ads even though you have requested the ads to turned off in your settings.