- Jan 31, 2009
Full Article: http://www.slate.com/blogs/future_tense/2012/11/09/skype_gave_data_on_a_teen_wikileaks_supporter_to_a_private_company_without.htmlSkype’s privacy credentials took a hit in July over a refusal to comment on whether it could eavesdrop on conversations. Now the Internet chat service is facing another privacy-related backlash—after allegedly handing over user data without a warrant to a private security firm investigating pro-WikiLeaks activists.
The explosive details were contained in a report by Dutch investigative journalist Brenno de Winter, published on NU.nl earlier this week. Citing an internal police file detailing an investigation called “Operation Talang,” Winter wrote that PayPal was attempting to track down activists affiliated with the hacker collective Anonymous. The hackers had attacked the PayPal website following the company’s controversial decision to block payments to WikiLeaks in December 2010.
As part of that investigation, PayPal apparently hired the private security company iSight to help find those responsible. Headquartered in Texas and with a European base in Amsterdam, iSight describes itself as a “global cyber intelligence firm” that “supports leading federal and commercial entities with targeted and unique insights necessary to manage cyber risks.” iSight’s Netherlands-based director of global research, Joep Gommers, followed an online trail in an effort to track down the hackers, ultimately leading to a number of Dutch citizens, among them a 16-year-old boy operating under a pseudonym. Gommers reportedly contacted Skype, also a client of iSight, and requested account data about the teenager. According to Winter’s report, “the police file notes that Skype handed over the suspect's personal information, such as his user name, real name, e-mail addresses and the home address used for payment.” It adds that Skype disclosed the information voluntarily, “without a court order, as would usually be required.”
Skype has issued a statement on the matter, saying that it “takes its customers' privacy very seriously” and is undertaking an internal investigation. A spokesperson told me that Skype was working with the private security firm to “combat spam and malware,” and admitted that “it appears that some information may have been inappropriately passed on to Dutch authorities without our knowledge.” The spokesman added that Skype has taken “necessary steps” to ensure this doesn’t happen again, though declined to elaborate on what those necessary steps were.
This is an interesting intersection between privacy, law enforcement, and private intelligence services firms.
A few more interesting recent developments with skype:
Microsoft has applied for a patent on "Legal Intercept", which isn't surprising since they're probably classified as a telecom (http://appft1.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=/netahtml/PTO/search-adv.html&r=1&f=G&l=50&d=PG01&p=1&S1=20110153809&OS=20110153809&RS=20110153809).
Skype is set to replace Windows Live / MSN Chat service (possible plans with enterprise products like Lync): http://gigaom.com/2012/11/06/a-skype-in-microsofts-clothing/