‘Open Letter to Skype’ demands Microsoft come clean about user privacy

Skype privacy

How private is Skype? We don’t know, and that’s a serious problem.

This is the message put forth in an “Open Letter to Skype,” which was published today and carries the signatures of more than 100 Internet activists, companies, and organizations. The signatories hope the letter will urge Microsoft, Skype’s parent company, to issue bi-annual Skype “transparency reports” similar to those published by Google, Twitter, and Sonic.net.

“Many of its users rely on Skype for secure communications – whether they are activists operating in countries governed by authoritarian regimes, journalists communicating with sensitive sources, or users who wish to talk privately in confidence with business associates, family, or friends,” the letter reads. “It is unfortunate that these users, and those who advise them on best security practices, work in the face of persistently unclear and confusing statements about the confidentiality of Skype conversations, and in particular the access that governments and other third parties have to Skype user data and communications.”

Cybersecurity researcher Nadim Kobeissi, known for developing the encrypted Web chat client Cyrptocat and the original author of the letter, says Microsoft has refused to come clean about Skype user privacy for too long. In 2008, prior to the Microsoft buyout, Skype said that its peer-to-peer infrastructure made it impossible for the company to spy on users’ communications. And, because it was based in Europe, Skype asserted it had no obligation to comply with U.S. wiretap laws. Since Microsoft’s purchase of Skype in 2011, however, the company has remained mum on whether its new-found U.S. base of operations changes its legal obligations, and its policy toward eavesdropping on users.

“Many organizations and Internet activists have been trying to get straight information from Skype for years,” said Kobeissi in an email with Digital Trends. “We’re simply putting it together now because we collectively decided it was time to get a real, transparent answer from Skype, that benefits all of its users, including those who may be operating from danger zones.”

The letter, which was originally drafted by Kobeissi and revised with help from the Electronic Frontier Foundation and other activists, lays out a list of five broad criteria that the activists want Microsoft to provide in a Skype Transparency Report. The list includes details about which third-parties have access to Skype user data, including Microsoft’s compliance with governments’ request for user data; details about what user data Skype collects; documentation pertaining to Microsoft’s “operational relationship” with China’s mobile Internet company TOM Online; and an explanation of the company’s procedure “when Skype receives and responds to requests for user data from law enforcement and intelligence agencies in the United States and elsewhere,” specifically Skype’s compliance with the Communications Assistance for Law Enforcement Act (CALEA) and its “response to subpoenas and National Security Letters (NSLs).”

In the U.S., Skype’s compliance with CALEA is of particular concern. Originally passed in 1994 and updated in 2004, CALEA requires telephone companies and broadband Internet service providers (PDF) to build in “backdoors” to allow law enforcement to secretly monitor suspects’ communications.

Last year, the FBI reportedly began pushing for an update to CALEA that would move social networks like Facebook, and VoIP services like Skype, under the CALEA umbrella. Because ISPs are already required to allow government wiretaps, however, it’s possible – even likely – that Skype communications are already being intercepted.

For Skype users living abroad, the issue is further complicated by the Foreign Intelligence Surveillance Act (FISA), which allows the U.S. government to monitor communications between foreign nationals, or between Americans and citizens of other countries.

While many of these nebulous privacy issues may cause some Skype users to tune out, supporters of the letter say the matters at hand are quite simple – and vital for all users to get behind.

“Most people wouldn’t be too comfortable with someone looking over their shoulder while they video chatted with friends or family, yet that’s what’s happening – digitally – with Skype,” said Sarah Downey, a privacy attorney for Abine, in an email with Digital Trends. (Both Downey and Abine have signed the Skype letter.) “Your Skype profile information, chats, and videos are being shared for advertising and handed over to law enforcement without even a warrant.

“If you’re trusting an app like Skype to communicate, you deserve to know how Skype is using your personal information – or what risks it’s exposing you to,” she adds.

“I believe Skype users in the U.S. should be aware of the contradictory statements and lack of transparency that surrounds Skype’s service,” said Kobeissi. “All of Skype’s users would be better off if Skype could be more transparent about what it can and can’t promise.”

Whether Microsoft will agree to the letter’s demands remain to be seen – but there’s reason for the letter’s signatories to be hopeful. Microsoft has become a leader in the movement to implement “Do Not Track” technology by making the setting on by default in its Internet Explorer 10 Web browsers – a move that caused outrage across the online advertising industry. And on Wednesday, the Redmond, Washington-based computing giant released the results of a survey it commissioned, which found that users are increasingly concerned about their online privacy, and want ways to protect it.

“As online activities have become a valuable part of daily life, privacy is incredibly important. At Microsoft, we strive to help our customers manage their personal information online by providing easy-to-understand privacy policies, settings and guidance,” said Brendon Lynch, Microsoft Chief Privacy Officer, in a statement. “We take seriously our responsibility to customers by investing in a comprehensive and dynamic privacy program that implements our policies and delivers privacy innovations to our customers.”

Despite this, Microsoft has so far refused to respond to the Skype letter. “We have reached out to Microsoft through the Electronic Frontier Foundation, but so far I have personally not heard from them,” said Kobeissi.

Regardless of whether Microsoft responds now that the letter is public, Kobeissi says it is still important for Americans to be aware of how their communications are being monitored by the U.S. government.

“I think the answer can be summed up by: ‘Always look for real, transparent promises of privacy,'” he said. “So many institutions and companies in the U.S. manage to slip under the radar while offering no promise of real privacy rights, and this needs to change.”

Read the full Skype letter here.

Emerging Tech

Here’s how Facebook taught its Portal A.I. to think like a Hollywood filmmaker

When Facebook introduced its Portal screen-enhanced smart speakers, it wanted to find a way to make video chat as intimate as sitting down for a conversation with a friend. Here's how it did it.

Apple loses battle to use Intel modems in Germany in latest clash with Qualcomm

Apple is following the Federal Trade Commission's lead and has sued Qualcomm for a massive $1 billion in the U.S., $145 million in China, and also in the U.K., claiming the company charged onerous royalties for its patented tech.

500px reveals almost 15 million users are caught up in security breach

Almost 15 million members of portfolio website 500px have been caught up in a security breach. The hack occurred in 2018 but was only discovered last week. Users are being told to change their 500px password as soon as possible.
Emerging Tech

Singapore uses its smart city tech to help citizens cut through the red tape

Like many governments, Singapore’s puts citizens through plenty of red tape. But as part of its smart-city initiatives, the government is using tech to remove layers of bureaucracy.

YouTube beats Apple, Netflix as the most trusted brand by millennials

The popular video sharing website YouTube climbed up in an annual Mblm study, moving up from third place in 2018 and coming ahead of both Apple and Netflix in final 2019 rankings. 

Russia will ‘unplug’ from the internet as part of a cyber-defense test

Authorities across Russia are planning on unplugging the country from the global internet as part of a test of its cyber defenses. The disconnection will briefly keep all internet traffic inside the country.

Is the 5G spectrum harmful to our health? Experts say, 'Don't freak out'

There's plenty of consumer anxiety about radiofrequency (RF) radiation, specifically around millimeter waves (mmWave) used on 5G networks, but is it based in reality? We asked the FDA to give us its official view on the subject.

These are the coolest games you can play on your Google Chrome browser right now

Not only is Google Chrome a fantastic web browser, it's also a versatile gaming platform that you can access from just about anywhere. Here are a few of our favorite titles for the platform.

Gmail adds lots of new functionality to its right-click menu

Right-click on an email in Gmail and the list of actions is pretty limited. That's about to change, though, as Google has just announced it's expanding the list of options to make its email client that little bit more useful.

Tired of paying a monthly fee for Word? The best Microsoft Office alternatives

Looking for a competent word processor that isn't Microsoft Word? Thankfully, the best alternatives to Microsoft Office offer robust features, expansive compatibility, and an all-too-familiar aesthetic. Here are our favorites.

File Transfer Protocol explained: What FTP is and what it does

FTP stands for "File Transfer Protocol," and it's used to transfer files online. Most internet users don't need it, but web developers use it constantly. Here's what FTP is, how it works, and how you can get started using it.

Make a GIF of your favorite YouTube video with these great tools

Making a GIF from a YouTube video is easier today than ever, but choosing the right tool for the job isn't always so simple. In this guide, we'll teach you how to make a GIF from a YouTube video with our two favorite online tools.

Lose the key for your favorite software? These handy tools can find it for you

Missing product keys getting you down? We've chosen some of the best software license and product key finders in existence, so you can locate and document your precious keys on your Windows or MacOS machine.

From beautiful to downright weird, check out these great dual-monitor wallpapers

Multitasking with two monitors doesn't necessarily mean you need to split your screens with two separate wallpapers. From beautiful to downright weird, here are our top sites for finding the best dual-monitor wallpapers for you.