Yahoo webcam images intercepted and stored

The British surveillance agency GCHQ and the United States National Security Agency (NSA) have intercepted and stored webcam images of millions of users worldwide of the online news and social networking provider Yahoo .

GCHQ documents dated between 2008 and 2010 were provided to the Guardian newspaper by former NSA contractor Edward Snowden. They show the surveillance programme – codenamed Optic Nerve – saved one image every five minut es from randomly selected Yahoo webcam chats and stored them on agency databases.

This was partly to comply with human rights legislation, and also to avoid overloading GCHQ’s servers. The documents show that in one six-month period in 2008, the agency collected webcam imagery – substantial quantities of which were sexually explicit – from more than 1.8 million Yahoo user accounts globally.

A spokeswoman for Yahoo said the actions of the surveillance agencies represented “a whole new level of violation of our users’ privacy”.

“We were not aware of nor would we condone this reported activity,” she said. “This report, if true, represents a whole new level of violation of our users’ privacy that is completely unacceptable and we strongly call on the world’s governments to reform surveillance law consistent with the principles we outlined in December. We are committed to preserving our users’ trust and security and continue our efforts to expand encryption across all of our services.”

Strict policy framework
In a statement, GCHQ said: "It is a long-standing policy that we do not comment on intelligence matters. Furthermore, all of GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the secretary of state, the interception and intelligence services commissioners and the Parliamentary Intelligence and Security Committee."

Digital Rights Ireland chairman TJ McIntyre said the documents highlight “in a vivid way the complaints we and other groups have been saying for a long time about indiscriminate mass surveillance”.

“It illustrates how governments – including the Irish Government – have become wedded to monitoring everyone’s communications at all times,” he said. “It also illustrates why that’s unacceptable.”

Irish users
He said there was "no reason at all" to believe images of the thousands of Irish users of the service had not been intercepted and stored by the agency. "You can be sure there were Irish users of webcam chat that were caught also.

“There’s a lot of fault to go around. Yahoo themselves are at fault for allowing this information to be broadcast online without being encrypted. It was always obvious that webcam chats were going to be intimate. It was obvious they could be targeted.

“A number of years ago, Yahoo were told by security groups they should be encrypting these chats. Yahoo in particular has a very poor track record when it comes to protecting privacy by encryption. In fact it has one of the worst track records of all the major internet service providers.”

GCHQ does not have the technical means to make sure no images of Irish citizens – or any particular nationality – are collected and stored by the system. Sexually explicit webcam material proved to be a particular problem for GCHQ.

One document said: “Unfortunately . . . it would appear that a surprising number of people use webcam conversations to show intimate parts of their body to the other person.

“Also, the fact that the Yahoo software allows more than one person to view a webcam stream without necessarily sending a reciprocal stream means that it appears sometimes to be used for broadcasting pornography.”

The document estimates that between 3 per cent and 11 per cent of the Yahoo webcam imagery harvested contains “undesirable nudity”.