Paranoid of the Proprietary: To Skype or Not to Skype
Today at the eComm conference, Sten Tamkivi presented an informative range of statistics of Skype use. Some 8% of all telecom “minutes” are routed by Skype as of last year. This is a huge portion of the total for any one telecom to be responsible for, especially as Skype is not technically a telecom. Sten mentioned the amount of problems Skype has with governments attempting to regulate them as a telecom, but he did not go into the entire distinction of why Skype is not a telecom company. I would guess that it has to do with their lack of traditional infrastructure–they don’t own any pipes, as it were. However, it does seem a little like Skype enjoys a strange grey area in terms of its regulation.
The question was raised as to when Skype would be switching to open standards for their VOIP system. Sten responded that it would require a significant reason to do so. I would like to take this opportunity to state that the reason is obvious, and extremely important. As of right now, I see zero reasons to trust Skype with my calls.
My first reason lies in a little program called KaZaa. Wildly popular after the fall of Napster, KaZaa was always widely understood as a spyware/adware vector of unimagined proportions for the time. Installing it was tantamount to opening your ‘social graph’ to business interests that were shady enough to gather data using bugs shamelessly embedded in a corporate-backed P2P application. I find it a bit suspicious that Sharman still exists considering the amount of legal trouble they got into over KaZaa.It was always hard to position myself on Sharman’s side in the legal battles–could they really be considered as fighting “the good fight” when in reality their entire application was simply a Trojan horse to collect user data? And if their original path to success was paved in such a way, why should we really trust them with Skype?See bottom for explanation of this redaction.
The second reason is the active monitoring of Skype conversations by the Chinese government. In doing this research, I found that Skype has removed a press release from 2006, quoted by the NYT article I’ve just linked as claiming that “conversations were protected and private” at the time that it was discovered that China is filtering conversations. Similar situations exist with Google and Yahoo, who have both handed over journalists to the Chinese government.
The point should be made that as far as publicly released understanding of Chinese surveillance has only text conversations being recorded, rather than phone conversations. However, there is no reason to expect that similar understandings as the one that exists with China do not exist with other governments. For instance, Russia seems to be making a move on Skype as well. From Techdirt’s analysis of the developing Chinese incident: “Skype isn’t so concerned about users being spied on, but it is concerned when people can figure out that users are being spied on.”
Considering that Skype does not even have the same legal restrictions to privacy that are/were traditionally applied to telecoms, and in light of their relatively easy legal treatment and continued existence, the cynical side of me says it is more logical to assume that monitoring is already widespread. The only way to assure users of the security of the Skype protocol is to open its source. At the same time, any pressure on Skype by governments to provide/continue providing back doors would disappear, as it would be thereafter impossible to sneak these by communal review.
Until then, I will feel as uneasy using Skype as I do using other every day digital objects such as GMail, Facebook, and even my cell phone. All of these services are operated by companies that thrive on collecting and selling my information. There is no reason to think governments never purchase that information. (Or, in the case of cell phones, blatantly record and catalog conversations of anyone, without subpoena.) Skype has the opportunity to flip the switch here and force onto every regime in the world a technology that (allegedly/potentially) keeps every conversation secret. If they don’t see that as a reason to switch to open standards, then I see that as one more reason not to trust them.
Post-Post Update:
I realize that the connection between KaZaa, Sharman, and Skype might not be immediately obvious. In retrospect it is also mainly tangential to my central point. Bear with me as I get used to this blogging thing. I tried a couple approaches to injecting some post-posting thoughts into this piece and have ultimately decided in redacting the whole KaZaa related paragraph. The connection is the designers of both KaZaa and Skype, Janus Friis and Niklas Zennström, both of whom are alive and well. The connection no longer seems as concrete as I had previously perceived. Indeed there seems to be a parting of ways occurring between Joltid (thus, Skype’s founders) and Skype/eBay–basically Skype has to stop using the P2P programming that lies at the heart of its service. If Skype is being forced to find another way to organize its basic routing, why would it not take this opportunity to create an open source solution? What’s wrong with effectively becoming the ‘Mozilla option’ for VoIP?