Yahoo to encrypt all personal data in wake of NSA spying

Yahoo is rolling out 2048-bit key encryption across all of its products to keep the NSA from directly tapping into the main communication links between its data centers.

Yahoo will encrypt all information that moves between its data centers by the end of the first quarter of 2014, a move triggered by revelations that the NSA directly taps into the company's—as well as Google's—main communication links.

Under the NSA's MUSCULAR project, which is jointly operated with its British counterpart the Government Communications Headquarters, the agency is able to copy entire data flows across fiber optic cables carrying information between data centers, the Washington Post reported in October. The program's existence was in documents leaked by former NSA contractor Edward Snowden.

While Google and Yahoo use state-of-the-art tech to keep their data centers secure, the data that flows between them is sent over fiber optic cables owned by Internet providers. Google

The company will offer users an option to encrypt all data flow to and from Yahoo by the end of the first quarter of 2014 and plans to work closely with its international mail partners to ensure co-branded accounts are https-enabled, Yahoo CEO Marissa Mayer wrote in a corporate blog post on Tumblr yesterday.

From Mayer:

As you know, there have been a number of reports over the last six months about the U.S. government secretly accessing user data without the knowledge of tech companies, including Yahoo. I want to reiterate what we have said in the past: Yahoo has never given access to our data centers to the NSA or to any other government agency. Ever.

There is nothing more important to us than protecting our users’ privacy. To that end, we recently announced that we will make Yahoo Mail even more secure by introducing https (SSL - Secure Sockets Layer) encryption with a 2048-bit key across our network by January 8, 2014.

Today we are announcing that we will extend that effort across all Yahoo products.

Google is also actively updating its network to 2048-bit encryption, a rollout that has been accelerated since June as disclosures of NSA's activities continued to be revealed.

Meanwhile, requests from governments for Google's user information has increased by more than 100 percent since 2010, the search engine said in a blog post in November. The U.S. government far outpaced other countries with 10, 918 requests between January and June 2013. India was a distant second with 2,691 requests.

This post was originally published on