Microsoft seeks patent for spy tech for Skype
'Legal Intercept' would allow it to silently record VoIP communications.
Computerworld - Editor's note: An earlier version of this story said the Legal Intercept patent had been granted. The patent application is still being processed.
A technology called Legal Intercept that Microsoft hopes to patent would allow the company to secretly intercept, monitor and record Skype calls. And it's stoking privacy concerns.
Microsoft's patent application for Legal Intercept was filed in 2009, well before the company's $8.5 billion purchase of Skype in May. The patent application, which is still in process, was made public last week.
From Microsoft's description of the technology in its patent application, Legal Intercept appears similar to tools used by telecommunication companies and equipment makers to comply with government wiretap and surveillance requests.
According to Microsoft, Legal Intercept is designed to silently record communications on VoIP networks such as Skype.
"Data associated with a request to establish a communication is modified to cause the communication to be established via a path that includes a recording agent." The recording agent is then able to "silently record" the communication, according to Microsoft's description.
"Modification may include, for example, adding, changing, and/or deleting data within the data. The data as modified is then passed to a protocol entity that uses the data to establish a communication session," the description notes.
According to Microsoft, Legal Intercept addresses gaps in current monitoring tools that are designed mainly for intercepting Plain Old Telephone Service (POTS). "With new Voice over Internet Protocol (VoIP) and other communication technology, the POTS model for recording communications does not work," Microsoft noted in the patent application.
Michael Froomkin, a professor of law at the University Of Miami School Of Law, said that from the patent description it sounds as if the technology would allow Microsoft to do is make Skype CALEA capable.
CALEA (Communications Assistance for Law Enforcement Act) requires telecommunications carriers and makers of communications equipment to enable their equipment so it can be used for surveillance purposes by federal law enforcement agencies.
But the implications of the technology are much broader, Froomkin added. "First, making a communication technology FBI-friendly means also making it dictator-friendly, and in the long run this is not good for movements like the Arab Spring," he said. "Second, experience shows that building in back doors invites exploits."
Skype has also been somewhat cagey about whether it's had a CALEA-style back door all along, he said. "Skype doesn't fully disclose how it works or how it encrypts," Froomkin said. "As a result users must take a great deal on faith.
"History teaches us over and over that faith is very easily misplaced," he added.
Jeffrey Chester, executive director of the Center for Digital Democracy, said the technology aligns with Microsoft's broader goals.
The company "aims to incorporate tracking technologies for its Skype services, as it aggressively expands its mobile advertising system across the world," Chester said. "Skype will likely soon have ad targeting and user profiling digit strings attached. This underscores the need for strong mobile and location privacy safeguards," he said.
A Microsoft spokesman said the company would not comment.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
- NSA defends collecting data from U.S. residents not suspected of terrorist activities
- Groups fear bill would allow free flow of data between private sector and NSA
- Google's move into home automation means even less privacy
- Bill to require warrant for email searches gains ground in House
- Coming soon to a fridge near you -- targeted ads
- Snowden leaks prompt tech firms to tout privacy, transparency policies
- License reader lawsuit can be heard, appeals court rules
- Is EU's 'right to be forgotten' really the 'right to edit the truth'?
- Tails 1.0: A bootable Linux distro that protects your privacy
- Privacy jitters derail controversial K-12 big data initiative
Read more about Privacy in Computerworld's Privacy Topic Center.
- Improving IT Efficiencies: Four Advantages of Multi-Tenant Data Centers Increasing demands on IT are forcing organizations to rethink their data center options. For many organizations, that means turning to the flexibility afforded...
- Accelerating Cloud Deployment and Operations with Managed Services Companies that do not have sufficient in-house expertise to either deploy or maintain an IaaS cloud should turn to Managed Service Providers .
- Rethinking IT Operations in the Cloud This paper breaks down the challenges that often prevent the cloud from delivering the fast, flexible and affordable infrastructure companies seek - and...
- Gartner Magic Quadrant for Cloud-Enabled Managed Hosting, North America Cloud-enabled managed hosting brings cloudlike consumption and provisioning attributes to the traditional managed hosting market
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to... All Privacy White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!