Skype admits data breach among Chinese dissidents

Skype has admitted a privacy breach among users in China, with its partner there archiving politically sensitive text chat messages.

Skype has admitted a privacy breach among users in China, with its partner there archiving politically sensitive text chat messages.

The stored messages have been kept on unsecured servers, and there are now fears among dissidents in the country that the state has had access to them.

Skype, an internet phone service owned by auction site eBay, says it was unaware of the stored messages kept on computer servers run by Chinese mobile firm TOM Online, which is its Skype partner in the country.

Citizen Lab, a group of computer security experts at the University of Toronto, revealed this week that TOM Online was "spying" on TOM-Skype users in China, and collecting messages with specific keywords.

Citizen Lab said the messages, which contained words such as "Tibet," "Communist Party" or "democracy", also contained internet addresses, usernames and other information which could enable snoopers to easily identify the senders and receivers of the messages.

Skype president Josh Silverman said it was common practice to block communications deemed unsuitable by the Chinese government, to enable the firm to meet local laws, but he said Skype was not aware of those blocked messages being uploaded onto servers.

He said, "It was our understanding that it was not TOM's protocol to upload and store chat messages with certain keywords, and we are now inquiring with TOM to find out why the protocol changed."

Citizen Lab said, "TOM-Skype is censoring and logging text chat messages that contain specific, sensitive keywords and may be engaged in more targeted surveillance.

"These logged messages contain keywords relating to sensitive topics such as Taiwan independence, the Falun Gong [a religious sect] and political opposition to the Communist Party of China.

"These text messages, along with millions of records containing personal information, are stored on insecure publicly accessible web servers."

The Citizen Lab researchers say they gained access to eight unsecured TOM-Skype servers.

Microsoft, Cisco, Google and Yahoo have all been criticised in the past for their complicity with the Chinese regime when doing business in the world's biggest market.

Three years ago, a Chinese dissident was jailed for ten years after Yahoo handed over his e-mail account to the Chinese authorities. And Microsoft pulled down another dissident's blog it had supported on its MSN Spaces service, after pressure from China.

Read more on Voice networking and VoIP

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.