Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

Yahoo Calls for ‘Transparency’ From U.S. Spy Agencies

Yahoo asked US spy agencies Wednesday to offer public “transparency” about data they make internet companies provide on users and to declassify any secret order served on the company.

Yahoo asked US spy agencies Wednesday to offer public “transparency” about data they make internet companies provide on users and to declassify any secret order served on the company.

The announcement responded to media reports this month which said the US government had obtained a secret court order for Yahoo to scan hundreds of millions of user accounts last year for information tied to a state-sponsored terrorist organization.

Yahoo on Wednesday sent a letter to Director of National Intelligence James Clapper, saying the company had found itself “unable to respond in detail” to the reports, which it said were in part misleading, and called on Clapper’s office to confirm the existence of any such order by commenting on it publicly.

“Recent news stories have provoked broad speculation about Yahoo’s approach and about the activities and representations of the US government, including those made by the government in connection with negotiating Privacy Shield with the European Union,” Yahoo General Counsel Ron Bell wrote in the letter to Clapper.

The European Commission in July launched the EU-US “Privacy Shield” framework, aimed at protecting the personal data of Europeans that is stored in the United States.

“That speculation results in part from lack of transparency and because US laws significantly constrain — and severely punish — companies’ ability to speak for themselves about national security-related orders even in ways that do not compromise US government investigations,” Bell wrote.

The call for declassification echoed that made earlier this month by Senator Ron Wyden, a critic of US dragnet surveillance activities. In a separate message also posted to Tumblr on Wednesday, Yahoo said an unspecified news media article on the surveillance had been misleading: “the mail scanning described in the article does not exist on our systems.”

Advertisement. Scroll to continue reading.

The New York Times and Reuters both reported this month that Yahoo had customized email scanning systems to conduct the searches.

The surveillance reporting about Yahoo came as the company also worked to surmount revelations last month about the massive theft of user data in late 2014 by state-sponsored hackers, possibly affecting 500 million user accounts.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.

Privacy

Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.