(Adds detail, Yahoo comment)
By Tom Bergin
LONDON Nov 23 Ireland's Data Protection
Commissioner (DPC) said it had stepped up its examination of the
theft of user information for 500 million Yahoo Inc
accounts and that it was awaiting information from Yahoo on
allegations it helped the U.S. government scan users' emails.
Yahoo revealed in September that hackers had stolen the data
in 2014. U.S. politicians have criticised the delay in notifying
In October, sources told Reuters that Yahoo used a software
programme to sift through millions of emails for specific
information related to national security.
Yahoo said there was not yet a formal investigation into the
hacking of user data.
"They are not actively investigating," spokesman Charles
"They are examining. There is a distinction for them between
examining and investigating," he added
DPC spokeswoman MB Donnelly said the DPC had moved on from
its initial steps of making preliminary inquiries to trying to
ascertain whether EU laws may have been broken.
"We are in regular contact with Yahoo EMEA (Europe, Middle
East and Africa) in clarifying certain facts of this case and
will then proceed to take appropriate next steps," she said in a
The DPC is the lead European regulator on privacy issues for
Yahoo because the company's European headquarters are in Dublin.
Donnelly said the probe of the email scanning programme was
at its early stages.
"Regarding the allegations of email scanning, our position
remains that we have made initial enquiries with Yahoo and that
we are continuing with our preliminary assessment of the
matter," she said in an emailed statement.
The DPC declined to say if it had received any information
from Yahoo about the incident.
Stewart said the DPC had indicated to Yahoo that it was not
examining the email scanning programme.
"Based on what I have heard from them and read, they are
not, but I can't confirm that," he told Reuters.
The DPC declined to comment on this remark.
Yahoo is precluded by law from publishing details of the
surveillance order the company had received from the U.S.
Last month the company asked U.S. Director of National
Intelligence James Clapper to declassify the order so it could
provide users with more information.
(Reporting by Tom Bergin; Editing by David Clarke and Mark