Yahoo will encrypt user data as standard in response to NSA allegations

CEO Marissa Mayer announces greater encryption levels for users' data after reports of the US government gaining access to Yahoo data centers

James Vincent
Tuesday 19 November 2013 15:12 GMT
Comments
The Yahoo! offices in Sunnyvale, California
The Yahoo! offices in Sunnyvale, California (AP)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Yahoo has announced that it will encrypt all user information carried in its data centres in response to the accusations that the company gave the US government access to these facilities.

CEO Marissa Mayer announced the changes in a post on her Tumblr account: “We’ve worked hard over the years to earn our users’ trust and we fight hard to preserve it.

As you know, there have been a number of reports over the last six months about the US government secretly accessing user data without the knowledge of tech companies, including Yahoo. I want to reiterate what we have said in the past: Yahoo has never given access to our data centers to the NSA or to any other government agency. Ever.”

The changes come after it was revealed in October that the NSA, in collaboration with GCHQ, had compromised the communication links that connect Yahoo and Google data centres around the world.

The revelations were published by The Washington Post and were sourced from documents leaked by former NSA contractor Edward Snowden. After the reports emerged, both Google and Yahoo denied that they had colluded in any way with the NSA or GCHQ.

“We have strict controls in place to protect the security of our data centres, and we have not given access to our data centres to the NSA or to any other government agency,” said a Yahoo spokesperson at the time.

The new changes will use SSL (Secure Socket Layer) encryption to secure Yahoo users’ information, with the new standard employing a 2048-bit key across all of the company’s internal networks from January 2014 onwards.

In addition Yahoo will offer users the option to encrypt the data that they send and receive from the company as well as promising to “ensure that Yahoo co-branded Mail accounts are https-enabled” – a protocol that encrypts any data sent and received from a website.

Other tech firms including Microsoft, Facebook and Google are also moving to strengthen the encryption of customers’ data, worrying that they have lost the public’s trust following the revelations of wide-spread surveillance of the public by Western governments.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in