The data protection commissioner in Luxembourg has launched an investigation into Skype’s covert involvement with surveillance programs run by the National Security Agency (NSA), according to a report Friday.
The link between the NSA and Skype is hardly secret at this point, especially given the exposure of “Project Chess,” the secret program aimed at making Skype calls easily available to intelligence agencies.
Furthermore, in early June it was revealed that Skype was one of the partners working with the NSA on their massive Prism program.
Skype, owned by Microsoft, could face both administrative and criminal sanctions, including a ban on secretly passing any user communications to US intelligence agencies, the Guardian reports.
The Guardian reports that this investigation, launched by Gerard Lommel, apparently began in June after Skype’s ties to NSA surveillance were revealed.
In Luxembourg, communications can only be monitored with judicial approval or authorization of a tribunal established by the prime minister.
As the Guardian notes, “it is unclear whether Skype’s transfer of communications to the NSA have been sanctioned by Luxembourg through a secret legal assistance or data transfer agreement that would not be known to the data protection commissioner at the start of their inquiry.”
This led to the German interior minister advising people to avoid using Google and Facebook if they’re concerned about NSA spying.
As the Guardian reported in July, after Skype was acquired by Microsoft, “the NSA boasted that a new capability had tripled the amount of Skype video calls being collected through Prism.”
“It is what many of us feared, and now we know for sure,” Grégoire Pouget, an information security expert with Reporters Without Borders, said to the Guardian.
When a Microsoft representative spoke to VentureBeat, they suggested that the investigation in Luxembourg may stem from complaints filed by Europe v. Facebook, which I reported on in June.
“We regularly engage in a dialogue with data protection authorities around the world and are always happy to answer their questions,” the Microsoft representative said to VentureBeat.
“It has been previously widely reported that the Luxembourg [data protection authority] was one of the [data protection authorities] that received complaints from the Europe v. Facebook group, so we’re happy to answer any questions they may have,” the representative added.
Interestingly, the Guardian reported that Microsoft would not respond for comment.
The data protection commissioner’s office in Luxembourg did not respond to either VentureBeat or the Guardian for comment.
I’d love to hear your opinion, take a look at your story tips and even your original writing if you would like to get it published. I am also available for interviews on radio, television or any other format. Please email me at [email protected]
This article first appeared at End the Lie.