Celebrate King's Day with TNW 🎟 Use code GEZELLIG40 on your Business, Investor and Startup passes today! This offer ends on April 29 →

This article was published on October 2, 2008

Massive Surveillance on Skype’s China platform


Massive Surveillance on Skype’s China platform

A group of Canadian activists have discovered a massive surveillance system on the Chinese Skype platform. In just two months, the researchers from Citizen Lab – an internet research division from the University of Toronto – noticed that the Ebay-owned servers archived more than 166,000 censored messages from 44,000 users. The Canadians were able to download copies of the censored data because they found a security hole in the Chinese computers.

I received an email from Ronald Deibert, the director of the Citizen Lab, containing the major findings of the study:

  • The full text chat messages of TOM-Skype users, along with Skype users who have
    communicated with TOM-Skype users, are regularly scanned for sensitive keywords, and
    if present, the resulting data are uploaded and stored on servers in China.
  • These text messages, along with millions of records containing personal information, are
    stored on insecure publicly-accessible web servers together with the encryption key required to
    decrypt the data.
  • The captured messages contain specific keywords relating to sensitive political topics such
    as Taiwan independence, the Falun Gong, and political opposition to the Communist Party
    of China.
  • Our analysis suggests that the surveillance is not solely keyword-driven. Many of the
    captured messages contain words that are too common for extensive logging, suggesting
    that there may be criteria, such as specific usernames, that determine whether messages are captured by the system.

After Yahoo! and Google, also Ebay can be added to the list of large web companies who participate in Chinese censorship practices. Deibert and his colleague Rafal Rohozinski wrote in the foreword of the report: “This is a wake up call to everyone who has ever put their (blind) faith in the assurances offered up by network intermediaries like Skype. Declarations and privacy policies are no substitute for the type of due diligence that the research put forth here represents.”

Download the report here.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with