clock menu more-arrow no yes mobile

Filed under:

Yahoo plans to encrypt all internal data by early 2014 to keep the NSA out

New, 48 comments
Marissa Mayer Yahoo (STOCK)
Marissa Mayer Yahoo (STOCK)

Marissa Mayer announced a new privacy initiative on Yahoo's official Tumblr this morning. Mayer promised that, by the end of March 2014, all data moving between Yahoo company servers would be encrypted with 2048-bit SSL, and users would have the option of encrypting all data sent between Yahoo servers and their computer. The news comes on the heels of the October announcement that Yahoo's mail program would be switching to default SSL encryption, in keeping with the encryption maintained by other mail services.

Given the references to server-to-server encryption, the move seems like a specific response to recent reports that the company's internal network has been compromised by the NSA. Still, it's unclear how much SSL implementation will help, given the NSA's previously established capacity to passively decrypt SSL-protected data. Mayer also took the opportunity to reiterate that any government access to Yahoo data centers is unauthorized. As Mayer said in the statement, "Yahoo has never given access to our data centers to the NSA or to any other government agency. Ever."