New information made available by Edward Snowden reveals that Skype's turning over video and audio information to the NSA has skyrocketed in the past year, by a factor of three. Given that Skype already helps the Chinese government snoop on its citizens, this makes Skype one of the world's biggest privacy invaders.
The information about Skype was published yesterday by the Guardian, in a report that details just how closely Microsoft has collaborated with NSA and other U.S. intelligence services via the Prism program. The report says, among other things, that Microsoft has helped Prism gain easier access to SkyDrive, that it has helped the NSA crack its Outlook.com encryption, and that it provides emails in pre-encrypted form to the NSA.
The article devotes a great deal of attention to details about Skype's cooperation with Prism. Skype began cooperating with Prism, in February, 2011, before it was bought by Microsoft. In May, 2011, Microsoft signed a deal to buy Skype, and by October of that year, the purchase was complete.
After Microsoft bought Skype, the cooperation with Prism increased dramatically. The Guardian reports:
The NSA has devoted substantial efforts in the last two years to work with Microsoft to ensure increased access to Skype, which has an estimated 663 million global users.One document boasts that Prism monitoring of Skype video production has roughly tripled since a new capability was added on 14 July 2012. "The audio portions of these sessions have been processed correctly all along, but without the accompanying video. Now, analysts will have the complete 'picture'," it says.
Skype had previously said that it wasn't able to wiretap its users, says the ACLU's Chris Soghoian. Skype's claim clearly isn't true. Soghoian told the Guardian.
"In the past, Skype made affirmative promises to users about their inability to perform wiretaps. It's hard to square Microsoft's secret collaboration with the NSA with its high-profile efforts to compete on privacy with Google."
This is the second privacy scandal that Skype has been involved in. In March of this year, a computer-science graduate student at the University of New Mexico revealed that Skype has cooperated with the Chinese government to spy on Chinese citizens, gather information about their political beliefs, and censor what they can say to one another.
People in China have to use a special version of Skype, called TOM-Skype, a joint venture between Microsoft and Tom Online, a Chinese wireless Internet company. As of March, 2013, TOM-Skype had nearly 96 million users.
The graduate student, Jeffrey Knockel, cracked the encryption that Skype uses to hide what information it's gathering from Chinese citizens. He found that TOM-Skype servers upload keyword lists to every Skype user's machine. Skype monitors every message sent and received by that machine, and scans them for words in the keyword list. If it finds one, it sends the entire message in which the word is contained to TOM-Skype servers. It also sends "the account's username, time and date of transmission, and whether the message was sent or received by the user," according to Bloomberg Business Week. Sometimes, the message is also blocked from being sent, not allowing people to communicate with one another about certain topics. The keyword list is constantly updated.
What happens when all those messages and all that information get sent to the TOM-Skype servers? Most likely, it's sent to Chinese spy agencies and police departments.