Microsoft Denies Report it Will Share Skype Data with Russian Authorities
Newly proposed anti-terrorism legislation could be a serious privacy threat for Internet users, Wikimedia Russia said
Fri, January 17, 2014
IDG News Service — Microsoft on Friday denied that it had agreed to start sharing Skype user data with the Russian police. But it might be required to do so when new anti-terrorism legislation is adopted.
Russia media had reported that Microsoft-owned Skype said it might be required to start sharing Skype user data with Russian authorities if recent draft legislation is approved.
But Microsoft hasn't made such a statement, a Microsoft spokesman said via email.
"Microsoft has not commented on draft legislation in the Russian State Duma or committed to share customer data with the Russian authorities.A We have clear principles in responding to legal demands for customer information from governments around the world and we review the applicability of any new laws given that many of our Internet services don't store or process data locally," he said.
The State Duma, Russia's lower house, is currently reviewing three new anti-terrorism bills that were introduced on Wednesday.
One of the bills introduced to the State Duma would require websites, content providers and search engines as well as companies "organizing information exchange" between users to store all the information about their users for six months, The Moscow Times reported. The data would be made available to law enforcement agencies upon request, the paper said.
The newly proposed legislation however is potentially a serious privacy threat, said Vladimir Medeyko, director of Wikimedia Russia, via instant message. Wikimedia Russia was one of the companies that protested the introduction of a law that gives Russian authorities the power to blacklist websites that was adopted in July 2012.
While people are voicing their concerns online, protesting the bill, companies aren't really worried about the proposals because it doesn't seem to mean a big change for them, Medeyko said. While there is no data retention period for social networks right now, many services currently keep logs for as long as three years, he said. Three years is the general period of limitation of civil legal actions in Russia and companies want to keep the logs in order to better defend themselves in case they are sued, Medeyko said.
"Frankly, I still have a hope that there won't be limit on cryptography" if the bills pass, he said, adding that Russians may still use encryption technology like Tor or VPN. "And as long as we can keep encrypting, we still have some freedom."
Loek is Amsterdam Correspondent and covers online privacy, intellectual property, open-source and online payment issues for the IDG News Service. Follow him on Twitter at @loekessers or email tips and comments to firstname.lastname@example.org