Requests for Yahoo User Data Spiked After Paris Terror Attacks

Yahoo’s latest transparency report, published today, reflects a spike in government and law enforcement requests for user data following the Paris terrorist attacks of Nov. 13.

Yahoo’s latest transparency report, published today, reflects a spike in government and law enforcement requests for user data following the Paris terrorist attacks of Nov. 13.

The attacks resulted in the deaths of 130 people and injuries to more than 350 others; the situation remains fluid with speculation that today’s explosions in Brussels could be tied to the arrest of a Paris terror suspect on Friday in the Belgian capital.

Requests from France to Yahoo for user data soared in the wake of the attacks with 1,686 requests for information on 1,966 accounts. The report covers the six-month period between July and December of last year. By comparison, Yahoo’s January-to-June transparency report shows 65 government requests from France on 645 accounts; the previous report indicates a similar range of 83 requests on 774 accounts.

Today’s report shows that Yahoo only non-content data in 480 of those requests; non-content data includes information captured at registration such as alternate email address, name, location, and IP address, login details, billing information, and other transactional information such as “to,” “from,” and “date” fields from email headers, Yahoo said.

Yahoo rejected 60 percent of the requests for data, and in 11 percent of the requests, no data was found, i.e., the accounts did no exist or no data was found for the date ranges specified in the requests.

“Our teams around the world are available to respond to law enforcement emergencies 24/7. When events occur, we are ready to respond quickly and appropriately,” said Chris Madsen, Yahoo’s head of Global Law Enforcement, Security & Safety. “This didn’t change in any way [with the Paris attacks].”

In the United States, Yahoo reported slightly fewer removal requests from the previous six-month period: 4,460 requests for data on 9,373 accounts. Yahoo disclosed content data in 25 percent of those requests and non-content data in 61 percent.

“I like to think of transparency reports as shining a light on those requests,” Madsen said. Yahoo is among many technology providers publishing similar bi-annual reports. “These can be old news, but in a way that a familiar song is old. When a note is out of place or missing, you’d notice. If there’s a significant change in the way government is requesting data, that shows up in our report and in other companies’ reports. The entire idea is to hold government accountable.”

Yahoo was also able to change the way it reported National Security Letter requests in the U.S. Under the USA FREEDOM Act, companies are now allowed to report such requests in bands of 500 rather than 1,000. Yahoo, for this period, reported between 0 and 499 NSL requests.

Madsen also noted that for the first time, Yahoo received requests for content removal and user data from the Russian government, six in total. Yahoo said it complied with two of the requests, including one to block access in Russia to a Yahoo Group post that contained threats of violence.

Suggested articles

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.