Yahoo Secretly Scanned Customer Emails for US Government
Samuel Wan / 7 years ago
In a staggering revelation today, a new report has surfaced regarding the struggling tech firm Yahoo. According to the revelations by former employees, in 2015, the company built a custom software program to scan all of their user emails. More critically, the move was done at the behest of a classified US government directive to look for specific information requested by the NSA and FBI.
If the allegations are true, this would be a massive breach of customer privacy and legal rights. While metadata (like email headers) is allowed to be disclosed without a warrant, the actual contents of a communication are not allowed to be disclosed under the third-party doctrine, In some jurisdictions, Yahoo would not even be allowed to share the information if they wanted to unless they received a court order/warrant. Given that this required the active creation of a search tool, it’s unlikely a warrant could have forced such an obligation on the company, suggesting that it was a voluntary move.
For all of Yahoo email users, this means all of their incoming emails was scanned indiscriminately instead of focusing on specific accounts. Yahoo’s then-Chief Information Security Officer, Alex Stamos, reportedly resigned in protest when he found out about the program last year. Given the recent revelation that over 500 million accounts were also compromised in 2014, it appears that Yahoo is having great difficulties keeping user information private.
The big surprise honestly is that Yahoo did such a move in the post-Snowden revelations environment. After Edward Snowden revealed the massive US surveillance network, companies around the world stepped up their privacy protections. It’s weird that Yahoo would go the opposite way and instead voluntary hoover up user information to hand over to the government. So far, both Microsoft and Google have denied that they are operating any similar program though they would likely not reveal it if they did.