“Yahoo Inc last year secretly built a custom software program to search all of its customers’ incoming emails for specific information provided by U.S. intelligence officials, according to people familiar with the matter,” Joseph Menn reports for Reuters. “The company complied with a classified U.S. government directive, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI, said two former employees and a third person apprised of the events.”
“Some surveillance experts said this represents the first case to surface of a U.S. Internet company agreeing to a spy agency’s demand by searching all arriving messages, as opposed to examining stored messages or scanning a small number of accounts in real time,” Menn reports. “It is not known what information intelligence officials were looking for, only that they wanted Yahoo to search for a set of characters. That could mean a phrase in an email or an attachment, said the sources, who did not want to be identified. Reuters was unable to determine what data Yahoo may have handed over, if any, and if intelligence officials had approached other email providers besides Yahoo with this kind of request.”
“According to the two former employees, Yahoo Chief Executive Marissa Mayer’s decision to obey the directive roiled some senior executives and led to the June 2015 departure of Chief Information Security Officer Alex Stamos, who now holds the top security job at Facebook Inc.,” Menn reports. “Experts said it was likely that the NSA or FBI had approached other Internet companies with the same demand, since they evidently did not know what email accounts were being used by the target. The NSA usually makes requests for domestic surveillance through the FBI, so it is hard to know which agency is seeking the information.”
“Alphabet Inc’s Google and Microsoft Corp, two major U.S. email service providers, did not respond to requests for comment,” Menn reports. “Some FISA experts said Yahoo could have tried to fight last year’s directive on at least two grounds: the breadth of the demand and the necessity of writing a special program to search all customers’ emails in transit. Apple Inc made a similar argument earlier this year when it refused to create a special program to break into an encrypted iPhone used in the 2015 San Bernardino massacre.”
Read more in the full article here.
MacDailyNews Take: Yahoo is a spineless failure; a shit-stain of a company; a slow-motion train wreck engineered by a Breck Girl.
Yahoo has been flopping around, gasping for air for so long, it’s no wonder that bent over immediately for some hard government overreach.
Eschew products from corporations that are known for not respecting/protecting their customers’ privacy.
SEE ALSO:
Edward Snowden: No matter what, do not use Google’s new Allo messenger app – September 23, 2016
Google to pay $5.5 million for sneaking around Apple’s privacy settings to collect user data – August 31, 2016
Apple takes a swing at privacy-tampling, personal data-guzzling rivals like Google – September 29, 2015
Apple reinvents the privacy policy – September 29, 2015
Apple selling targeted ads, but their new privacy policies shows they think different about tracking – September 29, 2015
Apple: Hey Siri and Live Photos data stays only on your device to ensure privacy – September 12, 2015
Apple issues iPhone manifesto; blasts Android’s lack of updates, lack of privacy, rampant malware – August 10, 2015
Edward Snowden supports Apple’s stance on customer privacy – June 17, 2015
Mossberg: Apple’s latest product is privacy – June 12, 2015
Apple looks to be building an alternative to the Google-branded, hand-over-your-privacy ‘Internet Experience’ – June 11, 2015
Understanding Apple and privacy – June 8, 2015
Edward Snowden: Apple is a privacy pioneer – June 5, 2015
Edward Snowden’s privacy tips: ‘Get rid of Dropbox,” avoid Facebook and Google – October 13, 2014
Apple CEO Tim Cook ups privacy to new level, takes direct swipe at Google – September 18, 2014
A message from Tim Cook about Apple’s commitment to your privacy – September 18, 2014
Apple will no longer unlock most iPhones, iPads for police, even with search warrants – September 18, 2014
I hope the FBI and NSA read the email that said suck my dick.
“Protest” move to FB hardly makes sense to this mind.
We should all get Yahoo accounts and email ourselves the following…
allahu akbar, nuclear bomb, fertilizer, dirty bomb, 9/11, pressure cooker, surface-to-air missile, Islamic terrorist
… and watch Yahoo’s data centers melt down.
SB, you do that and then tell us how long it took for the black Suburbans to pull up in front of your house.
FINALLY MDN craps all over Marissa. The ridiculous level of infatuation over her here at MDN was sickening.
Yeah, where’s the normal Marissa Mayer on ball photo?
Balling Marrisa…I like the sound of that.
Yeah, especially from her interviews, if you said something funny to her, her snigger would lower your flagpole
See, if you want to keep it private keep it to yourself.
I hope many of you are starting to catch on. If you write it down, speak it (tell others), or even encrypt it, it’s not private. Can it be told to others, over heard, taped, can it be read by others, can it be be decrypted…
Private means yours, and the only way to guarantee that is to keep it to yourself! So, you should not expect anything on you phone to be private. Sorry. Hey, remember you don’t own the software on phone and the company has not entered into any privacy contract with you about the data, nor have they said data you enter is in no way part of the software on the device.
oh well!
FINALLY this site sees Marisa for what she is.
Never thought I would see the day.
and no red ball pic.
Tis a fine day in MDN line.
Crow now being served in the cafeteria.
No doubt. Yahoo has been a CRUSHING failure under Marissa. She failed at every last thing she tried, often going down in flames.
Mayer was a total, abject F A I L U R E. And of course, she’s getting insanely rich at the same time.
For a while MDN hinted that she could take over Apple and relieve us of Tim Cook. Looks like they now are singing a different tune.
Yahoo has email? I didn’t think that they had customers either who would use email.
Yahoo! was for years the behind-the-scenes email provider for Verizon and AT&T broadband customers, and perhaps many others. So, presumably all of my verizon.net messages were run through the NSA filter until at least the recent move to AOL. That they did this without a proper search warrant or particularized probable cause is beyond outrageous.
I’m probably going to get flamed here but I’ll play devils advocate. It’s possible the court order (I’m giving Yahoo the benefit of the doubt that they have one) was very specific about the particular string of words they were looking for. In my mind that would be OK provided, and this is key, the software scanning the emails would not have the ability to capture any other data that would be present in the emails.
Having said all that, if there was no court order, Yahoo ought to be publicly flogged.
Even if there was a court order, authorizing the search of every email for a particular string of characters strikes me as essentially the same as ordering the search of every house in a neighborhood for a particular gun used in a crime. That would be a general warrant, which is quite specifically forbidden by the Fourth Amendment to the US Constitution.
The legal problem is that because the user agreements clearly reveal that a third party (Yahoo! AOL, phone company, or whoever) has an unencrypted copy of every communication, the sender and recipient could have no reasonable expectation of privacy for the texts they exchange. Under proper circumstances, a warrant could be directed against the provider without notice to the primary parties.
The existence of the outside party not only opens the communications up to third-party disclosure, but also waives any privilege (such as attorney-client, minister-penitent, or husband-wife) that might otherwise apply. Thus, a lawyer who uses ordinary email or messaging to communicate with a client is presumptively committing malpractice that could get him sued and/or disbarred.
This is a very big deal.
You know the law better than I so I will defer to your judgement on the interpretation of the second amendment.
However, doing a physical house to house search is not exactly the same thing as tightly controlled software searching for a specific string of characters in emails. A house to house search would allow law enforcement to see everything in the house searched. And I assume they would be allowed to act upon evidence of criminal wrong doing even if that evident was not stated as in the original intent of the search warrant. A software search would only see what it was specifically designed to search to see. One could argue that the constitution wants search warrants to be as specific as possible. That being the case, I would proffer that searching for a very specific character string might meet the intent, if not the literal interpretation, of a narrow search according to the law.
Again, I’m no law expert. I’m just saying there’s an argument to be made.
While I defer to your knowledge of the law, it seems to me your first paragraph overreaches. I don’t think what’s been reported is equivalent to searching every home; it says they looked for specific keywords in email traffic as it went through the system. That’s more akin to having a C.I. watching the neighborhood and reporting when a car with a specific license plate drives through and which house it goes to, and a warrant would then be needed to search the home. Also, I haven’t seen anyone comment that if you’re overly concerned about anyone knowing what you’re doing , you can always run your own email server in your basement. 😉
Mass surveillance = No justice
They do it because they can. They ask and they receive. This is all on Yahoo for complying. NSA and FBI are only acting naturally. Does it mean it’s right? No, but who’s going to stop them? If you do stop them, they will be back tomorrow, and the next day and so on.
The cat is out of the bag. Someone from the top will have to fix this. Who do you think it could be? Who’s going to watch out for the rest of us?
Thanks Marrisa, for screwing us over after you screw the Yahoo employees over.
Massive F A I L by you.
Why is it that no one (who supports this kind of governmental behavior) seems to understand that it means, pure and simple, that the government does not trust its citizens and considers everyone suspect.
What does that also say about what the government thinks (of a fundamental notion of its own legal system) about innocent until proven guilty? Not much it appears.
Of course, none of it should be a surprise as those who are elected/appointed to any government institution only swear to defend and protect the Constitution (meaning government), not citizens.
Because the Constitution was designed to protect citizens from the government… if these guys swear to uphold the Constitution and then abrogate human and civil rights, they are lying, self-serving scum who should be jailed for violating their sacred oaths.
2ndmate beat me to it. The Constitution is not supposed to protect the government from the citizens, but the citizens (and, in fact, everyone else) from arbitrary government actions. So, when I took an oath as an Assistant Prosecutor to preserve, protect, and defend the Constitution of the United States I was promising to uphold the principle of government of, for, and by the people. Like all other American prosecutors, I was under an explicit duty not to just seek convictions, but to see that justice was done.
In order to do that, I had to collect evidence of crime and present it to the courts. By definition, the suspects from whom I collected that evidence had not yet been convicted. They were entitled to a presumption of innocence… but that did not exempt them from a properly conducted investigation. That is why the Fourth Amendment provides a procedure for reasonable searches and seizures under judicial supervision after a sufficient showing of probable cause.
If Yahoo had unencrypted copies of all these emails and was presented with a valid warrant, it had the duty to comply. Under the ruling precedents (which go back for decades), the senders and recipients had no right to object because they were not the party being searched and had no reasonable expectation of privacy.
Whether there was a warrant, and whether that warrant was valid, are questions that I cannot answer based on the limited information in the Reuters story. On its face, this sounds like horrible overreaching, but we don’t actually know whether there were specific circumstances that might have made this a reasonable search.
The Constitution, like the Ten Commandments, is not just a list of suggestions.
I respect and thank you for honoring the spirit of your oath in your profession. Unfortunately, I think that you’re part of the .0000000001% of the government that doesn’t abuse and misuse their power. Now I have to find a new email address that keeps away from the alphabet agencies.
For those who do not know, ATT.net email accounts are handled by Yahoo and are in all probability included in the bend over and grab your ankles policy of Yahoo.
It is more than obvious that our government and the elected politicians who run it do not give a damn about your privacy. The outright lies made by a bipartisan cabal in Washington regarding Ed Snowden and his conduct show that they value the National Security State more than your civil liberties under the Constitution they pledged to uphold.
We are well on our way to becoming a Banana Republic. When Hillary is inaugurated in January, 2017 we should replace Old Glory with a big white flag with a Banana superimposed over a Dollar Sign.
This is a rush to judgement. We do not know any of the circumstances. If they had a proper court order and a really strong need then I am OK with it. That being said I generally do not trust the government to take proper caution.