Encrypted email vendor: Don't trust private data to companies with physical ties to the US
- 09 August, 2013 22:22
Two encrypted email services have shut down because they feel threatened about having to turn over customer information to the government.
Lavabit and Silent Circle both offered encrypted email services, but both have decided to discontinue them so they aren't put in the position of having to turn over what customers thought would be kept private.
A note from Lavabit owner Ladar Levison says he has suspended operations of the business, but because he is muzzled by federal laws, he cannot fully explain why.
Lavabit was the encrypted email service NSA leaker Edward Snowden used to communicate with journalists.
"I wish that I could legally share with you the events that led to my decision," Levison writes. "I cannot. I feel you deserve to know what's going on - the first amendment is supposed to guarantee me the freedom to speak out in situations like this. Unfortunately, Congress has passed laws that say otherwise."
National Security Letters can be written by U.S. investigatory agencies compelling recipients to turn over information the agencies want and preventing them from discussing even that they had received such letters.
The bottom line for customers, Levison says, is this: "I would strongly recommend against anyone trusting their private data to a company with physical ties to the United States."
The company is challenging in federal court whatever demands it is facing, and considers the fight a defense of the U.S. Constitution. It is seeking donations to help the fight. "Defending the constitution is expensive! Help us by donating to the Lavabit Legal Defense Fund here.
In the wake of Lavabit's shuttering of its doors, Silent Circle has also halted its encrypted email service, Silent Mail, although the company's other services remain active.
The written explanation on Silent Circle's Web site notes that Lavabit shut down in order to avoid being "complicit in crimes against the American people."
"We see the writing on the wall," the Silent Circle message says, "and we have decided that it is best for us to shut down Silent Mail. We have not received subpoenas, warrants, security letters, or anything else by any government, and this is why we are acting now."
Keeping the service active would mean Silent Circle would possess customer data, and even though it was encrypted, it would not be secure, the statement says. The company decided it was better for customers' privacy if it stopped accepting the data, and so cut the service.
"We'd considered phasing the service out, continuing service for existing customers, and a variety of other things up until today," the message says. "It is always better to be safe than sorry, and with your safety we decided that in this case the worst decision is no decision."
Silent Circle's other businesses -- Silent Phone, Silent Text and Silent Eyes -- feature communications that are secure end-to-end and that don't entail Silent Circle retaining content of any customer communication. "We don't have the encrypted data and we don't collect metadata about your conversations," the company says. If it doesn't have it, it can't be compelled to turn it over.
The headline on the statement reads "Silent Circle has preemptively discontinued Silent Mail service to prevent spying", indicating it considers the seizure of private customer data to be spying.
Silent Circle says it had qualms about setting up Silent Mail in the first place because the protocols involved in Internet email are inherently insecure.
"There are far too many leaks of information and metadata intrinsically in the email protocols themselves," the statement says. But customers wanted such a service, so Silent Circle provided it along with disclosures about its possible weaknesses. "Silent Mail was a good idea at the time, and that time has passed."
We designed our phone, video, and text services (Silent Phone, Text and Eyes) to be completely end-to-end secure with all cryptography done on the clients and our exposure to your data to be nil. The reasons are obvious -- the less of your information we have, the better it is for you and for us.
Silent Mail has thus always been something of a quandary for us. Email that uses standard Internet protocols cannot have the same security guarantees that real-time communications has. There are far too many leaks of information and metadata intrinsically in the email protocols themselves. Email as we know it with SMTP, POP3, and IMAP cannot be secure.
And yet, many people wanted it. Silent Mail has similar security guarantees to other secure email systems, and with full disclosure, we thought it would be valuable.
However, we have reconsidered this position. We've been thinking about this for some time, whether it was a good idea at all. Yesterday, another secure email provider, Lavabit, shut down their system less they "be complicit in crimes against the American people." We see the writing on the wall, and we have decided that it is best for us to shut down Silent Mail. We have not received subpoenas, warrants, security letters, or anything else by any government, and this is why we are acting now.
We've been debating this for weeks, and had changes planned starting next Monday. We'd considered phasing the service out, continuing service for existing customers, and a variety of other things up until today. It is always better to be safe than sorry, and with your safety we decided that in this case the worst decision is no decision.
Silent Phone and Silent Text, along with their cousin Silent Eyes are end-to-end secure. We don't have the encrypted data and we don't collect metadata about your conversations. They're continuing as they have been. We are still working on innovative ways to improve secure communications. Silent Mail was a good idea at the time, and that time has passed.
We apologize for any inconvenience, and hope you understand that if we dithered, it could be more inconvenient.
Tim Greene covers Microsoft and unified communications for Network World and writes the Mostly Microsoft blog. Reach him at firstname.lastname@example.org and follow him on Twitter@Tim_Greene.