Governments’ attempts to circumvent online security systems offer “substantial potential for abuse,” Yahoo said on Friday, in the first response by a tech giant to reports that British and US intelligence services had succeeded in cracking most of the codes that protect the privacy of Internet users.
Yahoo said that it was unaware of attempts by the US National Security Agency and its UK counterpart, the Government Communications Headquarters (GCHQ), to get around the encryption systems used by the biggest Internet companies.
Documents obtained by US whistleblower Edward Snowden and published by the Guardian, the New York Times and nonprofit news organization ProPublica on Thursday reportedly showed that GCHQ agents have been working to undermine encrypted traffic on the “big four” service providers: Hotmail (part of Microsoft), Google, Yahoo and Facebook.
Yahoo responded to the reports with a strongly worded statement.
“We are unaware of and do not participate in such an effort, and if it exists, it offers substantial potential for abuse. Yahoo zealously defends our users’ privacy and responds to government requests for data only after considering every applicable objection and in accordance with the law,” a spokesman said.
Tensions between tech firms and US authorities have been escalating since Snowden first leaked documents detailing secret spying programs.
On Monday, Microsoft and Google will file their latest legal briefs in a joint attempt to force the US Foreign Intelligence Surveillance Court to allow them to disclose more information about the requests for confidential information that they receive.
“We do not provide any government, including the US government, with access to our systems. As for recent reports that the US government has found ways to circumvent our security systems, we have no evidence of any such thing ever occurring,” a Google spokesman said.
Microsoft and Facebook were not immediately available for comment.
In a blog post, Yahoo general counsel Ron Bell said: “Our legal department demands that government data requests be made through lawful means and for lawful purposes. In addition, we mounted a two-year legal challenge to the 2008 amendments to the [US] Foreign Intelligence Surveillance Act and recently won a motion requiring the US government to consider further declassifying court documents from that case.”
In a statement issued on Friday, the US Office of the Director of National Intelligence (ODNI), which oversees all US intelligence agencies, said it was “hardly surprising that our intelligence agencies seek ways to counteract our adversaries’ use of encryption.”
The ODNI said the stories published by the Guardian, the New York Times and ProPublica, were “not news,” but warned that they threatened national security.
“The stories published [on Friday], however, reveal specific and classified details about how we conduct this critical intelligence activity. Anything that [Friday’s] disclosures add to the ongoing public debate is outweighed by the road map they give to our adversaries about the techniques we are using to keep America and our allies safe and to provide our leaders with the information they need to make difficult and critical national security decisions,” the ODNI said.
The latest revelations come as experts say that the private sector is becoming increasingly distrustful of the NSA and its allies.
Speaking to federal technology Web site Nextgov.com, Christopher Finan, a former White House and Pentagon official who worked in cyberoffense research, said: “I don’t know if they can present themselves as the honest broker now that we’re seeing the enormous quantities of data that they are actually taking in.”