Report: UK spies captured millions of Yahoo users' webcam images
The report represents a whole new level of violation of users' privacy that is 'completely unacceptable,' Yahoo said
IDG News Service - U.K. intelligence agency GCHQ captured and stored still webcam images of millions of Yahoo users including substantial quantities of sexually explicit material, the Guardian newspaper reported Thursday.
GCHQ gathered the images with the help of the U.S. National Security Agency (NSA), the Guardian reported on the basis of documents provided by NSA leaker Edward Snowden.
The program, called Optic Nerve, began as a prototype in 2008 and was still active in 2012, according to the report. Through the program, the U.K. agency collected webcam stills from more than 1.8 million Yahoo user accounts globally in a six-month period in 2008 alone, according to the report. GCHQ used Optic Nerve to monitor targets and discover new targets while it was also used to experiment with automated facial recognition, it added.
Webcam videos were not captured in their entirety, but Optic Nerve rather saved one image every five minutes to avoid overloading the agency's servers and partly to comply with human rights legislation, according to the report.
Images were gathered in bulk rather than only from existing targets, according to the report. While analysts' ability to see webcam images was restricted to searches in metadata only, they were also shown faces of people with similar user names, potentially capturing webcam images of large numbers of innocent people, it added.
Webcam information was gathered via GCHQ's network of Internet cable taps and then processed and fed into NSA's XKeyscore, a surveillance program that the NSA reportedly uses to allow analysts to search through vast stores of metadata. NSA research was also used to build a tool to identify Yahoo webcam traffic, the Guardian reported.
Yahoo was not aware of the reported activity, a Yahoo spokeswoman said in an emailed statement. "This report, if true, represents a whole new level of violation of our users' privacy that is completely unacceptable," Yahoo stated, adding that it is committed to preserving its users' trust and security and will continue its efforts to expand encryption across all services.
GCHQ said in an emailed statement that it is "a longstanding policy that we do not comment on intelligence matters."
"Furthermore, all of GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate," the spokesman said, adding that there is rigorous oversight from the relevant U.K. authorities.
Because Optic Nerve was used to collect data in bulk, the program is unable to filter out information from U.S. or U.K. citizens, the Guardian noted.
The vast majority of the videos have "no intelligence value whatsoever," according to a cited document.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Accelerating Network Convergence in Virtualized and Cloud Data Centers Adopting a converged networking strategy enables organizations to traffic server and storage I/O workloads on consolidated data throughput channels. Intelligent software helps optimize...
- Omnichannel: From Buzzword to Strategy Customers demand a seamless experience across channels, especially mobile. Read this whitepaper for a research-based framework for using omnichannel for higher customer engagement.
- How 10GbE Network is the Backbone of the Virtual Data Center The shift to a virtual data center has put tremendous strain on legacy networks; driving the need for more speed, lower latency, more...
- 10GbE in the Data Center Improvements in 10GbE technology, lower pricing, and improved performance make 10GbE for the mid-market a viable and cost-effective strategy. This white paper discusses...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now