Ireland’s Data Protection Commissioner (DPC) said on Monday it was trying to ascertain if Yahoo! Inc’s decision to scan clients’ email accounts at the behest of the US authorities last year broke European law.
Sources have told Reuters that Yahoo used a software programme to sift through millions of emails for specific information related to national security. At the time last month, the DPC said it was seeking more information from Yahoo. Now it has begun actively investigating the case, it said on Monday.
“We are in regular contact with Yahoo! EMEA (Europe, Middle East and Africa) in clarifying certain facts of this case and will then proceed to take appropriate next steps,” a DPC spokeswoman said in a statement. Yahoo did not respond to a request for comment.
Last month, it declined to confirm whether Europeans’ emails were intercepted as part of the programme. Yahoo said it complied with the laws of the United States. Lawyers said mass surveillance of EU citizens email would be against incoming European Union data rules.
The DPC, the lead European regulator on privacy issues for Yahoo because its European headquarters are in Dublin, is trying to ascertain what exactly Yahoo did and whether it breached the privacy rules that prevailed last year.
“We are receiving active and engaged responses to our queries,” the spokeswoman said.
Analysts said the email scanning could prompt Verizon Communications to rethink the terms of a planned $4.8 billion takeover of Yahoo.