Yahoo Inc last year secretly built a custom software program to search all of its customers’ incoming emails for specific information provided by U.S. intelligence officials, according to people familiar with the matter.
The company complied with a classified U.S. government directive, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI, said two former employees and a third person apprised of the events.
Some surveillance experts said this represents the first case to surface of a U.S. Internet company agreeing to a spy agency’s demand by searching all arriving messages, as opposed to examining stored messages or scanning a small number of accounts in real time.
Ars Technica contacted various technology companies to ask them if they were ever subjected to the same FBI demands:
A spokeswoman for Microsoft, Kim Kurseman, e-mailed Ars this statement, and also declined further questions: “We have never engaged in the secret scanning of email traffic like what has been reported today about Yahoo.â€
For its part, Google was the most unequivocal. Spokesman Aaron Stein e-mailed: “We’ve never received such a request, but if we did, our response would be simple: ‘no way.'”
No surprise they would say this, but it would be more credible if they had been honest about their roles in the NSA PRISM programs. Who’s to say they’re not lying again this time?
I hate to assume guilt if it’s not true, but if they really cared about society’s privacy they would absolutely be promoting federated protocols where we are in control of our own data. Instead they keep pushing centralized models where the best they can do is say “trust us”, and we’re forced to take their word for it (just like before).
Who is talking about lying? Both statements offer plenty of room for legal interpretation, and they can both be perfectly true even if the NSA or FBI has full and direct access to everything Microsoft and Google store on their servers.
boblowski,
Yes, with care you can redefine almost anything to convert a lie into a truth, but I’d still call it lying if the intent was to mask the truth.
I doubt these spokespersons would even know if it was true. Seriously, whenever these things happen, the information is very likely on a need to know basis.
To me these statements very much read like they are vetted by a legal department. These companies have to walk a fine line between gag orders and NDAs on the one hand, and shareholders and public opinion on the other hand. I don’t think they’ll leave much to chance, especially not if, like you mention, a spokesperson needs to assume he only has access to a subset of the information.
I can absolutely guarantee that this is true. Because Google was never secret about monitoring GMail in the first place. It’s not a secret when they are open about it.
Edited 2016-10-05 17:17 UTC
I can totally believe that Microsoft has never engaged in the secret scanning of Yahoo email traffic for the US government. Ditto Google.
Our founders provided a solution to dealing with an oppressive Government, Any means available is legal and was established as precedent in our Declaration Independence and subsequent revolution.
if only things worked that way. even if there were a revolution the division is so wide anything to replace it might be even worse. in this case the best hope is that individual states recognize that the contract set up by the constitution between the federal government and the states has been turned into toilet paper by the federal government and act accordingly. That route might still bloodless.
I worked in black hat during the 90s and there were executive orders against collecting on US soil against US citizens. Not sure who rescinded this order but its full on abuse today.
bnolsen,
Patriot Act & Friends
Yeah, it is called democratic elections.
I’m going to take that as sarcasm, because you can’t possibly say that with a straight face.
I sure can. I wouldn’t trust them to work due to the nature of people, but I trust the same dumb idiots voting for dump idiots, to carry out a successful revolution even less.
Guns in the hands of people doesn’t fix the problem when the people are the problem.
Our government is not one of the people, for the people, by the people. It has always been one of the powerful & wealthy, for the powerful & wealthy, by the powerful & wealthy. This is why so many people are pissed and why there’s so little we can actually do about it. What people need to understand is that the `game` is rigged, and swapping out random players here & there will never fix that.
Now, even if there were companies that truly wanted to preserve privacy and defend the 1st and 4th amendments, they will always be subject to our governments self-given power to override or ignore any law they wish. Our constitution isn’t respected, it’s an irritant and an obstacle to those who want to maintain control. We the people don’t run the show, we’re simply an inconvenience for those who do. I’m sure these companies either by their own will or court order will scan emails, lie about it, and not even think twice. We’ve already been to this rodeo.
You’re forgetting the more recent precedent established in the somewhat lively debate held between 1860 and 1865.
As a result of that “discussion”, rebellion can be squashed by military force, and if you think you’ve got the chops to take on one of the most powerful military forces on the planet, think again.
Finally, while it may be more satisfying to pummel your enemies and see them run from your blazing semi-automatic weapons, remember that as a rule, historically, change comes about not through rebellion, but through politics– The colonies were about the only successful rebellion against the British Empire, and if it hadn’t turned into a bit of a global conflict, it’s questionable whether we would have succeeded then.
“…Mayer and Yahoo General Counsel Ron Bell did not involve the company’s security team in the process, instead asking Yahoo’s email engineers to write a program…”
“…The sources said the program was discovered by Yahoo’s security team in May 2015, within weeks of its installation. The security team initially thought hackers had broken in.
When [Alex] Stamos found out that [Marissa] Mayer had authorized the program, he resigned as Chief Information Security Officer…”
That’s one -of the many- ways a big Corp is tumbled down by their very own, ‘fresh’ high ranks.
We’re going to keep hearing about this .. as stories trickle out …
Enough.
Time to decentralise the internet. Not distribute, decentralise.
http://redecentralize.org
Isn’t it clear by now to everyone that all personal data/correspondence/finger prints/etc. provided (or obtained without user consent) to any US corporation in any way is being scanned by FBI/CIA/etc.?
So, did they find any signs intelligence in the US?
Edited 2016-10-05 11:08 UTC
Would have been funnier if it was grammatically correct, but it’s still not a patch on Ghandi’s opinion of western civilization.
For years I opened every weekly company meeting with the comment that an email was equivalent to sky-writing. That is the nature of the technology. Get over it.
It’s a good thing yahoo is my spam mail address.
Hi,
When I saw the title, I was hoping it was a joke like:
“Yahoo secretly scanned customer emails for US intelligence; finds no evidence of intelligence in US customer emails“.
– Brendan