Skype has admitted a privacy breach among users in China, with
its partner there archiving politically sensitive text chat
messages.
The stored messages have been kept on unsecured servers, and
there are now fears among dissidents in the country that the state
has had access to them.
Skype, an internet phone service owned by auction site eBay,
says it was unaware of the stored messages kept on computer servers
run by Chinese mobile firm TOM Online, which is its Skype partner
in the country.
Citizen Lab, a group of computer security experts at the
University of Toronto, revealed this week that TOM Online was
"spying" on TOM-Skype users in China, and collecting messages with
specific keywords.
Citizen Lab said the messages, which contained words such as
"Tibet," "Communist Party" or "democracy", also contained internet
addresses, usernames and other information which could enable
snoopers to easily identify the senders and receivers of the
messages.
Skype president Josh Silverman said it was common practice to
block communications deemed unsuitable by the Chinese government,
to enable the firm to meet local laws, but he said Skype was not
aware of those blocked messages being uploaded onto servers.
He said, "It was our understanding that it was not TOM's
protocol to upload and store chat messages with certain keywords,
and we are now inquiring with TOM to find out why the protocol
changed."
Citizen Lab said, "TOM-Skype is censoring and logging text chat
messages that contain specific, sensitive keywords and may be
engaged in more targeted surveillance.
"These logged messages contain keywords relating to sensitive
topics such as Taiwan independence, the Falun Gong [a religious
sect] and political opposition to the Communist Party of China.
"These text messages, along with millions of records containing
personal information, are stored on insecure publicly accessible
web servers."
The Citizen Lab researchers say they gained access to eight
unsecured TOM-Skype servers.
Microsoft, Cisco, Google and Yahoo have all been criticised in
the past for their complicity with the Chinese regime when doing
business in the world's biggest market.
Three years ago, a Chinese dissident was jailed for ten years
after Yahoo handed over his e-mail account to the Chinese
authorities. And Microsoft pulled down another dissident's blog it
had supported on its MSN Spaces service, after pressure from
China.