Following the NSA scandal, CEO Marissa Mayer is taking decisive measures and introducing SSL across the board
Yahoo CEO Marissa Mayer has announced that the company will introduce encryption into all of its products, as well as internal communications, by March 2014.
Late last month, it emerged that the US National Security Agency (NSA) could have harvested information going through the fibre optic channels connecting data centres owned by Yahoo and Google. Another set of documents released by former intelligence contractor Edward Snowden suggested that the NSA was also collecting contact details of email users.
In a post on the Yahoo blog, Meyer once again denied accusations that her company was giving the NSA direct access to its servers. “There is nothing more important to us than protecting our users’ privacy,” said the CEO.
Yahoo had previously signed a petition with the Foreign Intelligence Surveillance Court, asking for a permission to publish additional data on the requests it received from the US government agencies.
Last week, it was alleged that the NSA harvested contact details of hundreds of thousands of Yahoo email users, including their addresses and telephone numbers. Other victims of this espionage campaign included Microsoft’s Hotmail, Google’s Gmail and Facebook.
According to the Washington Post, on a single day in 2012, the NSA’s Special Source Operations collected 444,743 email address books from Yahoo – considerably more than 105,068 from Hotmail, 82,857 from Facebook and 33,697 from Gmail.
As a response, last week Yahoo announced it was introducing default Secure Sockets Layer (SSL) encryption with a 2048-bit key across its email service by 8 January, 2014.
Now, the company has decided to extend encryption to all of its products, including the information that moves between its data centres. Users will be free to choose whether they want to encrypt information sent to and from Yahoo servers, but considering the outrage around NSA surveillance practices, this feature is guaranteed to be popular.
Yahoo said it will even work with the partners that manage co-branded email accounts, to make sure they also offer https-enabled services.
“As you know, there have been a number of reports over the last six months about the US government secretly accessing user data without the knowledge of tech companies, including Yahoo,” wrote Mayer. “I want to reiterate what we have said in the past: Yahoo has never given access to our data centres to the NSA or to any other government agency. Ever.”
The CEO has promised to continue to evaluate the ways Yahoo can protect its users’ privacy.
Google had announced plans to encrypt all of its internal communications before Snowden started leaking the NSA information, but they were “accelerated” in June.
Can you look after your personal data online? Take our quiz!