What Does Skype's Architecture Do?
In the last few days we have seen reports in the media we believe are inaccurate and could mislead the Skype community about our approach to user security and privacy. I want to clear this up.
At Skype, we continue to be humbled and grateful for the commitment to our product that we see from our truly global user community. We focus every day on building the best possible product for sharing experiences whenever people are apart. We want Skype to be reliable, fast, easy to use, and in most cases – free. It works for Moms and Dads, teachers, soldiers, kids and sisters, brothers, grandparents, lovers and old friends all over the world. Our growth during the last nine years shows we are on the right path, and to our entire community, we say “thank you.” We are privileged to serve 250 million active users each month and support 115 billion minutes of person to person live communications in the last quarter alone. We believe that communication is a fundamental human need and that while we’ve been privileged with tremendous success we are just scratching the surface of the communications experiences that we plan to create.
Of course, this doesn’t happen by magic. It is no small technical challenge to make sure that people can connect whenever and wherever they wish. It requires investment, innovation and commitment to using new technology and capabilities. In addition to solving the challenges of scaling and providing reliable, dependable communications that people love, we operate globally and have an obligation to operate responsibly. We are committed to doing a great job at both – providing a phenomenal experience for all users, and acting as a responsible global citizen.
Despite these efforts, some media stories recently have suggested Skype may be acting improperly or based on ulterior motives against our users’ interests. Nothing could be more contrary to the Skype philosophy.
Let me restate some of the allegations and provide the facts.
It has been suggested that Skype made changes in its architecture at the behest of Microsoft in order to provide law enforcement with greater access to our users’ communications.
Skype’s architecture decisions are based on our desire to provide the best possible product to our users. Skype was in the process of developing and moving supernodes to cloud servers significantly ahead of the Microsoft acquisition of Skype. Skype first deployed ‘mega-supernodes’ to the cloud to improve reliability of the Skype software and service in December 2010. These nodes have been deployed in Skype’s own data centres, within third-party infrastructure such as Amazon’s EC2, and most recently within Microsoft’s data-centers and cloud. The move was made in order to improve the Skype experience, primarily to improve the reliability of the platform and to increase the speed with which we can react to problems. The move also provides us with the ability to quickly introduce cool new features that allow for a fuller, richer communications experience in the future.
Early this year we completed our move of all of our supernodes into Microsoft’s global data-center footprint so we and our users can benefit from the network connectivity and support that powers Microsoft’s other global scale cloud software including Xbox Live, Bing, SkyDrive, Hotmail and Office 365. This provides a real benefit to our users and to our ability to continue to scale the Skype product.
It has been suggested that Skype has recently changed its posture and policies with regard to law enforcement.
The move to supernodes was not intended to facilitate greater law enforcement access to our users’ communications. Skype has had a team of Skype employees to respond to legal demands and requests from law enforcement since 2005. While we are focused on building the best possible products and experiences for our users, we also fundamentally believe that making a great product experience also means we must act responsibly and make it safe for everyone to use. Our position has always been that when a law enforcement entity follows the appropriate procedures, we respond where legally required and technically feasible. We have a policy posted to our main website that provides additional background on our position on this matter.
It has been suggested that as a result of recent architecture changes Skype now monitors and records audio and video calls of our users.
The move to in-house hosting of “supernodes” does not provide for monitoring or recording of calls. “Supernodes” help Skype clients to locate each other so that Skype calls can be made. Simply put, supernodes act as a distributed directory of Skype users. Skype to Skype calls do not flow through our data centres and the “supernodes” are not involved in passing media (audio or video) between Skype clients.
These calls continue to be established directly between participating Skype nodes (clients). In some cases, Skype has added servers to assist in the establishment, management or maintenance of calls; for example, a server is used to notify a client that a new call is being initiated to it and where the full Skype application is not running (e.g. the device is suspended, sleeping or requires notification of the incoming call), or in a group video call, where a server aggregates the media streams (video) from multiple clients and routes this to clients that might not otherwise have enough bandwidth to establish connections to all of the participants.
We believe that servers are the best way to solve these technical challenges, and provide the best possible experience to our user community.
As has always been the case, SkypeOut calls and incoming telephone calls to Skype on-line numbers (PSTN calls) do flow through gateways of our PSTN partners as this is required in order to connect them to the traditional telephone network.
It has been suggested that the changes we have made were made to facilitate law enforcement access to instant messages on Skype.
The enhancements we have been making to our software and infrastructure have been to improve user experience and reliability. Period.
In order to provide for the delivery and synchronization of instant messages across multiple devices, and in order to manage the delivery of messages between clients situated behind some firewalls which prevent direct connections between clients, some messages are stored temporarily on our (Skype/Microsoft) servers for immediate or later delivery to a user.
As I have outlined above, if a law enforcement entity follows the appropriate procedures and we are asked to access messages stored temporarily on our servers, we will do so. I must reiterate we will do so only if legally required and technically feasible.
Some commentators have suggested that Skype has stopped protecting its users’ communications.
Skype software autonomously applies encryption to Skype to Skype calls between computers, smartphones and other mobile devices with the capacity to carry a full version of Skype software as it always has done. This has not changed. The China-only version of the Skype software provided locally through our joint-venture partner tom.com contains a chat filter in accordance with local law.
As I described at the outset, our users and their Skype experience is our first priority.
We have an amazingly loyal and committed global user community and we believe that our users deserve the best products we can build.
Every day we focus on connecting Skype users to the people who matter to them, whether they are in Moscow, Miami or Mumbai and whether they are on PCs, iPhones, televisions, Windows Phones, Macs or Android devices. We constantly strive to design and deliver effective, safe and reliable communications software that is easy to use. We hope you will continue to love Skype.
Thank you for your continued support, use and passion about our products.