Skype Admits Privacy Violation In China

The joint report, "Breaching Trust: An analysis of surveillance and security practices on China's TOM-Skype platform," written by Nart Villeneuve, was jointly published by Information Warfare Monitor and ONI Asia.

According to the report, text chat messages by TOM-Skype users are regularly scanned for sensitive keywords -- including the Falun Gong, opposition to the Communist Party of China, and Taiwan independence. If the keywords are found, copies of the text chat messages are uploaded to servers in China for storage.

The servers in question are publicly accessible and not secure; also, the encryption keys were available as well.

The report also included evidence that the surveillance is not just aimed at users writing specific keywords.

"Our analysis suggests that the surveillance is not solely keyword-driven. Many of the captured messages contain words that are too common for extensive logging, suggesting that there may be criteria, such as specific usernames, that determine whether messages are captured by the system," said the report.

The report also said that TOM-Skype "captures the personal information of any Skype users that interacted with registered TOM-Skype users."

Reuters reported that Jennifer Caukin, a spokeswoman for Skype and minority owner of TOM-Skype, "admitted to the privacy breach in the servers and said it had now been fixed."

Caulkin also said that TOM-Skype had altered its privacy policies without obtaining Skype's consent, and that Skype was planning further discussions with TOM-Skype.