Privacy advocates are calling on Microsoft to disclose whether -- and how often -- governments are snooping on Skype users, a move that comes as the software giant integrates the popular video and voice messaging program with its Office productivity suite.
In an open letter released Thursday, groups including the Electronic Frontier Foundation and Reporters Without Borders ask Microsoft to reveal whether law enforcement can eavesdrop on calls among Skype's 250 million monthly users worldwide.
"It is unfortunate that these users, and those who advise them on best security practices, work in the face of persistently unclear and confusing statements about the confidentiality of Skype conversations, and in particular the access that governments and other third parties have to Skype user data and communications," they write. "The time has come for Microsoft to publicly document Skype’s security and privacy practices."
In the mid-2000s Skype was considered one of the best ways to avoid the prying eyes of government or third parties because of its tough encryption and hard-to-tap peer-to-peer networks. In 2008, a Skype spokesperson told CNET that it did not even have the capability to comply with law enforcement requests for wiretaps.
But it's unclear whether that changed after the calling service was bought by Microsoft for $8.5 billion in 2011 along with its Office productivity suite. Hackers alleged last year that the service had changed its architecture to comply with legally authorized eavesdrop requests. Skype denied then that it made the changes for eavesdropping purposes, but privacy advocates still questioned how much assistance it was providing to law enforcement. On Thursday, after the privacy and civil liberties advocates released their letter, it still wouldn't discuss whether wiretapping is possible.
“We are reviewing the letter. Microsoft has an ongoing commitment to collaborate with advocates, industry partners and governments worldwide to develop solutions and promote effective public policies that help protect people’s online safety and privacy," the company said in a statement, which it asked be attributed only to "a Microsoft spokesperson."
The company's reticence stands in stark contrast to another computer giant, Google, which regularly releases transparency reports on how often police and courts ask for user data. On Wednesday, the company released a new report that showed law enforcement searches were up 34 percent from 2011 to 2012.
The company broke down how often it gets subpoenas vs. warrants for data, an important data point as Congress considers whether to reform the aging Electronic Communications Privacy Act that covers online wiretapping in the United States.
Skype's friendliness to law enforcement and vulnerability to hackers is a question of no small importance outside of the U.S., too. Skype messages previously were monitored in China, and governments in the Middle East have used trojans and other tricks to get around the program's encryption.
Skype functions as a semi-independent division of Microsoft, operating out of Silicon Valley instead of at the company's headquarters in Redmond, Wash., since its acquisition. But until it offers more information about providing user data to law enforcement, some of its users may question what Skype President Tony Bates told the New York Times last year: "We’ve kept our identity and our autonomy."