Skype in hot water over failure to let French police eavesdrop

by Lisa Vaas on March 13, 2013

French telecom regulators have suggested that Skype could face charges for failing to register as a telecom and do all the things that French telecoms are supposed to do - for example, let police eavesdrop on calls.

ARCEP, the French telecom authority, on Tuesday posted a notice stating that they have informed the Paris public prosecutor that as Skype provides French internet users with the ability to make phone calls, it is thereby obliged to comply with regulations that include routing emergency calls and "implementing the means required to perform legally ordered interceptions."

Skype's failure to declare itself an "electronic communications operator" after being "requested several times" by ARCEP could be classified a criminal offense, ARCEP says.

Here's a statement Skype sent to Ars Technica about the désaccord désagréable:

Skype is a globally known and used software app that seamlessly enables millions of people to communicate every day via their Internet connection. We have engaged with ARCEP in discussion over the last several months during which we shared our view that Skype is not a provider of electronic communications services under French law. We will continue to work with ARCEP in a constructive fashion to seek agreement on a resolution that ensures people, wherever they are, can continue to rely on Skype as they do today.

As the Washington Post reported last July, Skype has been sharing more and more data with law enforcement authorities since Microsoft purchased the company in May 2011.

That includes making online chats and other user information such as addresses and credit card numbers available to police.

At any rate, Skype may never have deserved its former reputation as a safe harbor for activists to communicate without fear of interception.

Christopher Soghoian, a tech policy analyst and privacy advocate at the American Civil Liberties Union (ACLU) wrote this about Skype last year:

Skype has always been rather evasive when it comes to discussing this issue. Whenever questions come up, the company makes it a point to mention that it provides end-to-end encryption, but then dodges all questions about how it handles encryption keys.

Skype's strategy is genius - most journalists, even those that cover tech, know very little about the more granular aspects of cryptography. When Skype says it provides end-to-end call encryption, journalists then tell their readers that Skype is wiretapping proof, even though Skype never made that specific claim. Conveniently enough, Skype never bothers to correct the many people who have read a tad bit too much into the company's statements about security.