News.com (CNET.com for those who kick it old school) posted a great article about privacy, encryption, and security with instant messaging (“How safe is instant messaging? A security and privacy survey“). Not only did CNET.com make a nice, pretty chart of their findings, they actually talked to the most popular IM choices and some of the answers are really intriguing.

Among the many questions asked by CNET.com were:

• Does your service keep server-based logs of the content of communications, meaning what a particular user sent and received?
• Have you ever received a subpoena, court order or other law enforcement request asking you to turn over information about a user’s IM account?
• If so, how many law enforcement requests have you received?
• Have you ever received a subpoena, court order or other law enforcement request asking you to perform a live interception or wiretap, meaning the contents of your users’ communications would be instantly forwarded to law enforcement?

The standard answer to these questions was the ol’ standard that communication with Law Enforcement is not discussed — aka, we fully comply. Skype though gets huge points from us for many reasons.

First, they don’t do the whole duck and cover non-answer answer. Skype actually answers a question completely and honestly. We love it! For example, when Skype was asked if they ever received subpoenas from law enforcement, they said:

Yes. We co-operate with law enforcement agencies as much as is legally and technically possible

They don’t say they won’t discuss these issues, they flat out say, BAM! We get a subpoena and we do whatever we can. An honest answer makes us trust a company a heck of a lot more than an evasive one.

Now, here’s the VoIP aspect. When asked if they had ever received a subpoena to wiretap or intercept communications, Skype said:

We have not received any subpoenas or court orders asking us to perform a live interception or wiretap of Skype-to-Skype communications. In any event, because of Skype’s peer-to-peer architecture and encryption techniques, Skype would not be able to comply with such a request.

Wow. So, this means that by using peer-to-peer, skype conversations (according to skype at least) are made outside their control and not able to be trapped by their servers for interception. Skype has always claimed that calls and instant messages between skype users were encrypted using AES 256-bit encryption. 

Now, we should mention here, if you’re using Skype to call a regular POTS line, your calls will not be encrypted. This means they will be susceptible to wiretapping. 

Trackback URI | Comments RSS