Yahoo Secretly Scanned Millions of Customer Emails for U.S. Authorities [Updated]

Yahoo secretly built a custom software program to search all of its customers' incoming emails for specific information at the behest of U.S. intelligence authorities, according to people familiar with the matter.

Reuters spoke to three former Yahoo employees who revealed the existence of the custom code, apparently written in compliance with a classified U.S. government demand. The program scanned hundreds of millions of Yahoo Mail accounts for the NSA or FBI, said the former employees and a fourth person with knowledge of the events.

yahoo
Surveillance experts say the revelation represents the first case to surface of a U.S. internet company agreeing to an intelligence agency's request by searching all arriving messages, as opposed to examining stored messages or scanning a small number of accounts in real time.

According to two former employees, Yahoo Chief Executive Marissa Mayer's decision to obey the directive did not sit well with some senior executives and led to the June 2015 departure of Chief Information Security Officer Alex Stamos. Stamos now holds the top security job at Facebook, which incidentally just completed the rollout of end-to-end encrypted privacy features for its hugely popular Messenger app.

"Yahoo is a law abiding company, and complies with the laws of the United States," the company told Reuters in response to the claims, but stopped short of denying them. It declined any further comment. The NSA referred questions to the Office of the Director of National Intelligence, which also declined to comment.

According to Andrew Crocker, an attorney with the Electronic Frontier Foundation, it's likely the request invoked Section 702 of the Foreign Intelligence Surveillance Act, which permits the bulk collection of communications for the purpose of targeting a foreign individual. But rather than having a non-U.S. target, every single person with a Yahoo email inbox was placed under surveillance, regardless of citizenship.

Speaking to The Intercept, Crocker said the Yahoo program seems "in some ways more problematic and broader" than previously revealed NSA bulk surveillance programs like PRISM or Upstream collection efforts. "It's hard to think of an interpretation that doesn't mean Yahoo isn't being asked to scan all domestic communications without a warrant or probable cause. The Fourth Amendment implications of that are pretty staggering."

It's unclear what data Yahoo may have handed over to the authorities, if any, and if intelligence officials had approached other email providers besides Yahoo with the same kind of request.

Contacted by The Intercept, an Apple spokesperson said: "We have never received a request of this type, and if we were to receive one, we would oppose it in court." The spokesperson also pointed to a section from a recent public letter by CEO Tim Cook, which he said was still accurate:

Finally, I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.

Facebook, Google, and Microsoft separately said on Tuesday that they had not conducted such email searches. "We've never received such a request, but if we did, our response would be simple: 'No way'", a spokesman for Google said in a statement. Twitter also said it has never received such a request.

In related news last month, Yahoo revealed that "state-sponsored" hackers had gained access to 500 million customer accounts in 2014. The revelations come at a sensitive time for the company as it tries to complete a deal to sell its core business to Verizon for $4.8 billion.

Update: Yahoo has disputed parts of the Reuters report, saying that "the article is misleading" and that the email scanning outlined in the report "does not exist on our systems."

“The article is misleading,” Yahoo said in a statement. “We narrowly interpret every government request for user data to minimize disclosure. The mail scanning described in the article does not exist on our systems.”

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Top Rated Comments

d0minick Avatar
98 months ago
that was my porn e-mail account. what a mistake! LOL
Score: 28 Votes (Like | Disagree)
Jsameds Avatar
98 months ago
To have a modern online life, most people have no choice but to trust companies with their data, such as emails in this case.

Now - I don't really trust any of them 100%, but since I have to choose I have chosen Apple because I distrust Apple the least, if that makes sense.
Score: 25 Votes (Like | Disagree)
macfacts Avatar
98 months ago
Wowwwwww. I knew I hated yahoo. Now I really know why. Pansy ass dipsticks!!
Save some of the hate for the FBI and NSA
Score: 19 Votes (Like | Disagree)
Gooberton Avatar
98 months ago
Wowwwwww. I knew I hated yahoo. Now I really know why. Pansy ass dipsticks!!
Score: 19 Votes (Like | Disagree)
cerote Avatar
98 months ago
Think if they were scanning every email they would have better spam control.
Score: 18 Votes (Like | Disagree)
Mac Fly (film) Avatar
98 months ago
Surprised Yahoo still exists.
Score: 16 Votes (Like | Disagree)

Popular Stories

reset password request iphone

Warning: Apple Users Targeted in Phishing Attack Involving Rapid Password Reset Requests

Tuesday March 26, 2024 4:34 pm PDT by
Phishing attacks taking advantage of Apple's password reset feature have become increasingly common, according to a report from KrebsOnSecurity. Multiple Apple users have been targeted in an attack that bombards them with an endless stream of notifications or multi-factor authentication (MFA) messages in an attempt to cause panic so they'll respond favorably to social engineering. An...
maxresdefault

Apple to Launch New iPad Pro and iPad Air Models in May

Thursday March 28, 2024 11:07 am PDT by
Apple will introduce new iPad Pro and iPad Air models in early May, according to Bloomberg's Mark Gurman. Gurman previously suggested the new iPads would come out in March, and then April, but the timeline has been pushed back once again. Subscribe to the MacRumors YouTube channel for more videos. Apple is working on updates to both the iPad Pro and iPad Air models. The iPad Pro models will...
Generic iOS 18 Feature Purple

iOS 18: What to Expect From 'Biggest' Update in iPhone's History

Wednesday March 27, 2024 11:10 am PDT by
At least some Apple software engineers continue to believe that iOS 18 will be the "biggest" update in the iPhone's history, according to Bloomberg's Mark Gurman. Below, we recap rumored features and changes for the iPhone. "The iOS 18 update is expected to be the most ambitious overhaul of the iPhone's software in its history, according to people working on the upgrade," wrote Gurman, in a r...
maxresdefault

Apple Announces WWDC 2024 Event for June 10 to 14

Tuesday March 26, 2024 10:02 am PDT by
Apple today announced that its 35th annual Worldwide Developers Conference is set to take place from Monday, June 10 to Friday, June 14. As with WWDC events since 2020, WWDC 2024 will be an online event that is open to all developers at no cost. Subscribe to the MacRumors YouTube channel for more videos. WWDC 2024 will include online sessions and labs so that developers can learn about new...
apple maps 3d feature

Apple Maps May Gain Custom Routes With iOS 18

Tuesday March 26, 2024 3:10 pm PDT by
Apple may be planning to add support for "custom routes" in Apple Maps in iOS 18, according to code reviewed by MacRumors. Apple Maps does not currently offer a way to input self-selected routes, with Maps users limited to Apple's pre-selected options, but that may change in iOS 18. Apple has pushed an iOS 18 file to its maps backend labeled "CustomRouteCreation." While not much is revealed...
General iOS 17 Feature Orange Purple

Apple Releases Revised Versions of iOS 17.4.1 and iPadOS 17.4.1 With Updated Build Number

Wednesday March 27, 2024 5:59 am PDT by
Apple on late Tuesday released revised versions of iOS 17.4.1 and iPadOS 17.4.1 with an updated build number of 21E237, according to MacRumors contributor Aaron Perris. The updates previously had a build number of 21E236. The revised updates are available for all iPhone and iPad models that are compatible with iOS 17 and iPadOS 17, but they can only be installed via the Finder app on macOS...
applephilschiller

Apple's Phil Schiller Works 80 Hours a Week Overseeing App Store

Wednesday March 27, 2024 2:03 pm PDT by
With the App Store and app ecosystem undergoing major changes in the European Union, The Wall Street Journal today shared a profile on App Store chief Phil Schiller, who is responsible for the App Store. Though Schiller transitioned from marketing chief to "Apple Fellow" in 2020 to take a step back from Apple and spend more time on personal projects and friends, he is reportedly working...