Video chat service Skype is currently being investigated by the Luxembourg data protection authority over its connections to the US National Security Agency.
According to a report by the Guardian newspaper, the Mircorsoft-owned company has been accused of making customer calls available to the NSA and could face sanctions and criminal charges.
The case was brought about after the NSA’s Prism program was revealed earlier this year by the paper and former NSA contractor Edward Snowden. The documents revealed that Microsoft had teamed up with the NSA to hand over access to encrypted messages.
"Microsoft’s acquisition of Skype tripled some types of data flow to the NSA," the paper said.
Luxembourg’s constitution prohibits the violation of privacy, saying that surveillance of communications can only occur with judicial approval or if a tribunal set up by the country’s prime minister says otherwise.
Although Luxembourg data protection officials and Microsoft declined to comment, Privacy International, a human rights group, told the Guardian:
"Skype promoted itself as a fantastic tool for secure communications around the world, but quickly caved to government pressure and can no longer be trusted to protect user privacy."
Richard Anstey, CTO at Intralinks, added: "It’s best to set the record straight – PRISM isn’t exclusively a US problem. Even if companies were more paranoid about sharing information with US-based companies and opted for, let’s say, Germany – the US government could still access it nine times out of ten.
"Governments need to evaluate the criticality of data – not collecting information "just in case they need it" and only enforcing their powers in emergency situations. There is also a case for approaching this firmly from a regulatory standpoint to ensure this type of activity is secured.
"Take Snowden, for example. Because of the leaks involved, there are significant repercussions for him – illegal disclosures of privileged information are not taken lightly by Western democracies."