Yahoo was just revealed to be the very first US internet company to build a program, at the request of US Intelligence Services, to search every single incoming message of every single user in real time.
Let me say that again. Every. Single. Incoming. Message. Every user.
This is an absolutely unprecedented privacy violation. Surveillance experts and former government officials are saying they have never seen such a broad demand for real-time digital surveillance, nevermind one that calls for the creation of a new computer program. This program, essentially a wire-tap on the web, is beyond the scope of any of the already overreaching surveillance laws currently on the books.
“The order issued to Yahoo appears to be unprecedented and unconstitutional. The government appears to have compelled Yahoo to conduct precisely the type of general, suspicionless search that the Fourth Amendment was intended to prohibit,” said ACLU Staff Attorney Patrick Toomey.
Communication giants Microsoft, Twitter, Google, Facebook, and Apple have all rushed to put out statements assuring users that they had not received or complied with similar directives, some going so far as to say that if they had they would challenge it in court. Apple pointed to a recent statement by CEO Tim Cook, which reads, “I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.”
Meanwhile, Yahoo issued a statement that does not outright deny that the program existed, nor address the myriad of privacy and security concerns that have been raised.
Even former Yahoo Chief Information Security Officer, Alex Stamos, is appalled by the program. When he found out about it in 2015 he immediately resigned his position, telling coworkers that he had been excluded from the decision to implement the program. He also cited flaws that seriously endangered the security of user data and left the program vulnerable to hackers.
Yahoo is a sinking ship. This is not the first security problem Yahoo has struggled with. Just last month it was revealed that over 500 million (and possibly many many millions more) Yahoo user accounts were compromised by “state sponsored actors.” This hack was almost certainly a result of Yahoo consistently refusing to invest in the necessary and standard security practices adopted by their competitors after a massive hack six years ago, to which Yahoo also fell victim.
And their security is not going to get any better. Yahoo was recently sold to Verizon for 4.8 billion dollars. Telecom companies including Verizon have been colluding with the NSA for years to gather information on billions of people worldwide, as Edward Snowden’s 2013 revelations have shown. Beyond handing your data to a prying NSA, Verizon also notoriously created an innovative way to track your online habits on both your phone and on your non-Verizon devices like personal laptops. They then sell your information to marketers. The Verizon-Yahoo merger is going to compound the security issues these two companies have created, resulting in a service where your communication becomes nothing more than a piece of data to be rifled through by the government and sold to the highest bidder.
You deserve to have the safety and privacy you expect. It’s time to dump Yahoo.