Skype Accused Of Handing Out Private Info To Private Company
from the massive-fail dept
Over the last year or so, there's been concern about Skype's commitment to privacy following its acquisition by Microsoft. Now a situation in the Netherlands is serving to renew those fears. As highlighted by Slashdot, it appears that Skype handed over information on a 16-year-old user to a private information technology firm that was investigating some denial of service attacks against PayPal.The security firm, iSIGHT, was hired by PayPal to investigate the attacks, and an employee of the company reached out to Skype seeking information about one user who he thought might be involved. And Skype coughed up the info -- including username, real name, email address and home address -- no questions asked. As the article notes, there was no court order or anything like that. Just a guy from a private company asking and Skype said, "sure, here's all the info."
There are questions about whether this move violated some European privacy directives. At the very least it seems clear that it violated Skype's own policies, which include not providing customer data unless required by law, or if official law enforcement is involved. In this case, neither thing is true. One hopes that this is just a one-off mistake by Skype, but it's worrying nonetheless.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: ddos, investigation, netherlands, private info
Companies: microsoft, paypal, skype
Reader Comments
Subscribe: RSS
View by: Time | Thread
You have a talent for understatement. If Google got into all kinds of trouble for driving down the street and taking pictures, how can this be ok?
Unfortunately, I expect the stereotypical 16 year old hacker/anonymous persona will be used to justify this.
[ link to this | view in thread ]
[ link to this | view in thread ]
screw microsoft skype
Any 'hacker' worthy of the title wouldn't be tracable via some half-assed product like Skype. Not saying he deserves it, but wow what a rough way to learn that lesson.
I hope Skype gets fined into oblivion for breaking both the law and their own stated policy. More likely they'll be held up as a paradigm of law & order.
Example #9678970 why not to use/trust proprietary software.
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
but but but hackers!
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Wasn't paypal saying the DDOS was merely an inconvenience that hadn't affected them deeply?
So why is it this much later they are still hunting down 16 yr olds?
[ link to this | view in thread ]
Re: screw microsoft skype
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Breaking the law?
And which law would that be?
[ link to this | view in thread ]
Re: Breaking the law?
Cheers
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
[ link to this | view in thread ]