Skype: We can't comply with police wiretap requests

The eBay-owned company says, in response to a survey, that because of its peer-to-peer architecture and encryption, "Skype would not be able to comply" with wiretapping orders from police.

One of the more interesting tidbits from's survey published this morning on instant messaging privacy came from Skype.

The eBay-owned company says it is unable to comply with court-authorized wiretap requests.

We asked Skype: "Have you ever received a subpoena, court order or other law enforcement request asking you to perform a live interception or wiretap, meaning the contents of your users' communications would be instantly forwarded to law enforcement?"

Jennifer Caukin, Skype's director of corporate communications replied to us: "We have not received any subpoenas or court orders asking us to perform a live interception or wiretap of Skype-to-Skype communications. In any event, because of Skype's peer-to-peer architecture and encryption techniques, Skype would not be able to comply with such a request."

This isn't entirely a surprise. Skype, which claims something like 300 million user accounts, has said in the past that it "cooperates fully with all lawful requests from relevant authorities" but that it is not subject to the U.S. must-provide-a-wiretapping-backdoor law called the Communications Assistance for Law Enforcement Act. Police in Germany, for instance, already have complained of Skype's lack of ready wiretappability.

Because the company's SkypeIn and SkypeOut services send data through the traditional telecommunications network, they presumably can be wiretapped at that point. But voice communications that flow exclusively through the company's peer-to-peer network--and are encrypted using AES--are a different story.

There's no guarantee that Skype's AES encryption is implemented properly or that there aren't lingering security flaws. A 2006 presentation at the BlackHat Europe conference in March said the right algorithms were being used, but that there's "no way" to know if a backdoor for eavesdropping exists. A Skype-commissioned independent evaluation, however, gave it a thumbs-up. Here's more.

The upshot is that if Yahoo, AOL, Microsoft, or so on received a wiretap order for text or voice flowing through their IM networks, they could (and would) be able to comply because the services are centralized. Even if the users' conversations are encrypted through the Off-the-Record Messaging protocol, an eavesdropper still knows who's talking to whom--this is called a pen register or trap and trace device in wiretapping parlance, and it can still be privacy-invasive.

Skype says it doesn't permit even that. Which means that it's the most privacy-protective mainstream method of communicating through voice or instant messaging. To the FBI's legions of eavesdroppers, that sounds a lot like a challenge.

Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Roku 4: Our favorite TV streaming system gets 4K video and a remote locator

Ever lose your remote in the couch cushions? Ever wish you could stream 4K Netflix without having to use your TV's built-in app? Roku's new high-end player, the $129 Roku 4, brings these new extras to its best-in-class streaming ecosystem.

by David Katzmaier