Intercept - There’s no good reason to have a Yahoo account these days. But after Tuesday’s bombshell report by Reuters, indicating the enormous, faltering web company designed a bespoke email-wiretap service for the U.S. government, we now know that a Yahoo account is a toxic surveillance liability.
Reuters’s Joseph Menn is reporting that just last year, Yahoo chose to comply with a classified “directive” to build “a custom software program to search all of its customers’ incoming emails for specific information provided by U.S. intelligence officials” – the NSA in particular.
It’s still unknown what the “specific information” here was—or is—but Yahoo CEO Marissa Mayer’s decision to not put up any fight against the extremely broad request apparently prompted the departure of then-Chief Information Security Officer Alex Stamos, now head of security at Facebook.
Reached via Twitter DM, Stamos told The Intercept that he’s “not commenting at all on Yahoo.” When asked if Facebook had ever received a similar government directive, Stamos replied that he would “pass that to Facebook comms,” which has not yet responded.
It remains unclear what form the “directive” took, though according to Andrew Crocker, an attorney with the Electronic Frontier Foundation, the best guess is that it invoked Section 702 of the Foreign Intelligence Surveillance Act, which permits the bulk collection of communications for the purpose of targeting a foreign individual.
But this Yahoo program doesn’t appear to have had even an ostensibly non-U.S. target. Rather, literally every single person with a Yahoo email inbox was evidently placed under surveillance, regardless of citizenship.