Yahoo Inc is responding to a report released by Reuters claiming the tech company ‘secretly built a custom software program to search all of its customers’ incoming emails for specific information provided by U.S. intelligence officials, according to people familiar with the matter.’
What the report says
The Reuters report claims that Yahoo created a tool last year that allows the company to search all of its users messages on behalf of the U.S. government — either the FBI or National Security Agency (NSA) — based on information provided by anonymous people familiar with the matter, including three former Yahoo employees.
According to experts cited by Reuters, this type of surveillance would be the first of its kind — a U.S. Internet company agreeing to allow the government to conduct a real-time search of all incoming messages, to and from any Yahoo user, rather than scanning old messages or selecting a smaller group of users and accounts.
Apparently no one really knew what intelligence officials were looking for, but according to the sources cited by Reuters, Yahoo employees were instructed to search for specific characters — which could be phrases in an email or email attachment.
It’s also unknown what, if any, information was handed over.
‘Reuters was unable to determine what data Yahoo may have handed over, if any, and if intelligence officials had approached other email providers besides Yahoo with this kind of request,’ states the Reuters report.
Read more: How to know if you’ve been hacked
What Yahoo says
After the report was first released, Yahoo’s initial response simply stated,’it is a law abiding company, and complies with the laws of the United States.”
The company has now followed up in a new statement, denying that any type of program or system exists.
“The article is misleading. We narrowly interpret every government request for user data to minimize disclosure. The mail scanning described in the article does not exist on our systems,” a Yahoo spokesperson said.
Some reports point out that while Yahoo said this type of program does not exist, the company did not say it never existed.
The report was released not long after Yahoo confirmed that 500 million of its users’ accounts were hacked two years ago, potentially exposing any personal information tied to the accounts.