Skype users are demanding more transparent security and privacy practices, calling for action in an open letter posted online. The letter is supported by institutions, organizations, media outlets and individuals from around the world.
Of particular concern are “persistently unclear and confusing statements” about confidentiality of conversations and the access others –including government and third parties – have to them. Ownership of Skype is currently being transitioned to Microsoft, and many of the company’s software and services are being integrated with the popular VoIP software.
Because of this, authors of the letter state the time has come for Microsoft to come clean about Skype’s privacy and security practices by releasing transparency reports similar to those issued by Google, Twitter and Sonic.net.
We call on Skype to release a regularly updated Transparency Report that includes:
1. Quantitative data regarding the release of Skype user information to third parties, disaggregated by the country of origin of the request, including the number of requests made by governments, the type of data requested, the proportion of requests with which it complied — and the basis for rejecting those requests it does not comply with.
2. Specific details of all user data Microsoft and Skype currently collects, and retention policies.
3. Skype’s best understanding of what user data third-parties, including network providers or potential malicious attackers, may be able to intercept or retain.
4. Documentation regarding the current operational relationship between Skype with TOM Online in China and other third-party licensed users of Skype technology, including Skype’s understanding of the surveillance and censorship capabilities that users may be subject to as a result of using these alternatives.
5. Skype’s interpretation of its responsibilities under the Communications Assistance for Law Enforcement Act (CALEA), its policies related to the disclosure of call metadata in response to subpoenas and National Security Letters (NSLs), and more generally, the policies and guidelines for employees followed when Skype receives and responds to requests for user data from law enforcement and intelligence agencies in the United States and elsewhere.
The release of the open letter coincides with Data Privacy Day, which was marked on Monday, Jan. 28. In honour of the day, Microsoft conducted a worldwide privacy survey. The results showed only 40 per cent of people said they totally or mostly understood how to protect their online privacy.