Yahoo secretly scanned millions of users’ incoming emails in real time, according to a Reuters story.
The news agency reports that Yahoo devised custom software last year to comply with an edict sent either by the National Security Agency or the FBI.
Three sources, including two former employees, said the software searched incoming emails for particular terms, such as a phrase or attachment.
But it’s not clear what information the US authorities were looking for, nor what data Yahoo provided.
According to experts, this could be the first time a US internet company has agreed to search all arriving emails in real time, rather than stored messages or a small number of accounts.
Google, Facebook and Twitter told the BBC they had never received such a request and would challenge it if requested.
Microsoft said it had “never engaged in the secret scanning of email traffic”. The company didn’t comment on whether it had received a request.
Under the Foreign Intelligence Surveillance Act, intelligence agencies can ask phone and internet companies to relay customer data to aid foreign intelligence-gathering efforts.
Yahoo’s CEO Marissa Meyer and other executives reportedly complied with the request because they thought they would lose a challenge.
But the decision angered some senior executives and led to departures, according to the report.
FISA experts told Reuters that Yahoo could have challenged the directive on the ground of its breadth and the fact it required custom software.
Yahoo’s security team reportedly only found out about the programme weeks after it was installed.
The web giant has recently fallen prey to the biggest hack of all time, which execs believe was launched by state actors.
Verizon is in the process of acquiring the company for $4.8bn (£3.8bn).
Update:
Yahoo said in a statement: “The article is misleading. We narrowly interpret every government request for user data to minimise disclosure. The mail scanning described in the article does not exist on our systems.”