My PJTV Segment: Chinese Skype May Spy On Users

Friends, I was on yesterday’s “The Whip” segment of PJTV, which is a segment where they invite their guests to talk about what the “mainstream media” is not covering, is missing, or is just not paying enough attention to. While PJTV is a subscription-based service, this link ought to take you to my segment for free (I am the second guest).

I am slated to be on PJTV on Monday and Friday next week, October 13 and October 17, at about 6pm Eastern.

Here are my notes from yesterday’s segment:

The Chinese version of Skype evidently spies on users. This was discovered by a University of Toronto researcher in relatively simple fashion — by checking out what happened when he used the f-word in a message.

(To be clear, this is a joint venture between a Chinese communications company, TOM, and Skype.)

It turns out that not only are messages being filtered, and not only are they being logged, but it was being kept on an insecure server that was easily accessed through the cyber version of guessing that someone might keep their housekey in the flowerpot.

Skype says they are very concerned about the fact that these messages were insecurely stored — which is sort of like an adulterer saying he’s sorry he got caught. As for the whole message-interception thing, they say that’s just the requirement of the Chinese government and they don’t have any say. And their past public statements about the issue have been contradictory.

This is not at all the first time there have been well-founded worries about what happens when US companies bump up against China — Google has had to promise they won’t house personal info on Chinese soil. Yahoo’s CEO had to publicly apologize to the family of someone who was jailed as a result of their disclosures to the government.

This sounds like it’s all far away — but it matters close to home too.

In the first place, the monitoring is possible not only for users of the TOM/Skype — but also domestic users who interact with the people on the Chinese system.

Secondly, it brings up the issue of what large — and rightly trusted — organizations do about their partners. This affects anyone who has ever purchased anything — point of sale data is typically handled by a contractor, for example. You might trust, say, Best Buy — but you also need to know you can trust their contractors not to lose your personal data. The untold story of the last couple of years has been the rise in inadevertent data breaches. Many millions of records have been divulged, and it’s not just because government workers accidentally take home laptops — according to the Privacy Rights Clearinghouse, since January 2005 there have been more than 245,000,000 individual records divulged accidentally or as a result of malicious hacking.

Yes, 245 million.

I am not saying there ought to be a law — but I am saying that large companies need to get ahead of this issue. Yes it will cost money. It is money well spent.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s