When Edward Snowden communicated with Glenn Greenwald and Laura Poitras, the journalists to whom he eventually leaked the NSA PRISM documents, he used an email provider called Lavabit. Snowden was already aware of the extent of the government’s digital surveillance, so the former contractor couldn’t choose just any email provider. Lavabit promised its users total encryption, with private messaging safe from any snooping interlopers. And even though he chose firstname.lastname@example.org for a username, the service hid his identity long enough for the information to get out.
On August 8, however, Lavabit shut down, closing the accounts of its 410,000 users. Founder Ladar Levison posted a message on the website. “I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit,” he wrote. “I wish that I could legally share with you the events that led to my decision. I cannot.” The day after the leaks hit, the U.S. government requested metadata from Snowden’s Lavabit account. Though he had previously complied with some government data requests related to child pornography, Levison refused, but the government kept pushing. The founder eventually sent the authorities a list of all Lavabit’s encryption keys messily reproduced on paper, the New York Times recently uncovered, but was then fined $5,000 a day until he handed over a digital copy, and simultaneously closed his business.
In the PRISM era, truly secure data is increasingly rare. New companies like Lavabit are emerging to take advantage of the growing demand for privacy and creating a new market in the process. Like opening a Swiss bank account to keep your holdings safe and undetectable, those individuals and corporations with enough capital can now buy their way to security. The question is, can these new services actually guarantee your data's safety?
Computer security expert Jon Callas founded Silent Circle in 2012 as a “secure information service for people who travel and live abroad… so that they can communicate securely with people back home,” he explained. The company launched an email service as well as a smartphone messaging and voice app that uses peer-to-peer encryption, which keeps information safe by encoding it when it leaves the sender and decoding when the data arrives at the recipient. Since it doesn’t store any of its users’ activities, there’s nothing to give up when the government inevitably comes knocking, as was the case with Lavabit. “There are no keys on a server. There is no metadata we collect,” Callas wrote in an email.
The NSA inadvertently caused a boom in Callas’s business. Since the leaks, “we have seen our revenues quadruple,” he noted. At $9.95 a month, the Silent Circle phone and text package is accessible for mainstream consumers (though it only works with other Silent Circle users), and the company offers a larger, more expensive system to businesses wanting to keep their communications private. But their products aren’t perfect. In August, the company shut down the Silent Mail client, fearing that it wasn’t as secure as intended. The encryption keys to decode the email were stored online, leaving them vulnerable.
In fact, many common encryption techniques, like the open-source, decentralized Tor network, won’t keep users safe any more. Snowden revealed that the NSA spent $250 million ensuring that products created by U.S. and foreign IT businesses contain built-in exploits that help the government access data. This includes everything from messaging services (a flaw was intentionally engineered into Microsoft's omnipresent Outlook email client) to chipmakers, compromising even the hardware our computers run on. The NSA worked to weaken encryption standards and collected keys for commercial encryption products.
This means that developers hoping to capture the security market have to look for even stronger strategies. Least Authority File System (LAFS) is a new, open-source cloud-storage technology that promises faultless security by encrypting files before they go into the cloud, making them unreadable until they’re decoded by the user, who keeps the only key on their personal machine. The LAFS source code is totally public, and has been vetted by security experts.
Security engineer Zooko Wilcox-O'Hearn helped code LAFS and launched his own company, Least Authority, in 2011 as a secure storage provider. The service costs $50 a month for 350 gigabytes of cloud space, but it doesn’t include email or messaging, and since it’s more of a developer toolkit than a turnkey product, it’s meant to sell to the security departments of corporations rather than consumers. There’s a “bigger business potential in selling to companies than individuals because businesses already spend a tremendous amount of money on data and also have a more specific motivating need to protect that data—economic espionage and regulatory requirements,” Wilcox-O’Hearn said.
If you’re seeking a service that’s super secure, all-encompassing, and easy to use, the best choice would probably be to go outside the U.S., where legal measures could make it more difficult to access data. But you’ll have to pay a hefty price for it.
Swiss banking is famed for its commitment to privacy. The Swiss company Artmotion is poised to bring that reputation to the digital security market as a “bank for your data,” their slogan runs. They cite Switzerland’s financial stability and political neutrality as reasons customers should sign up. At low levels, their secure storage can cost upwards of $400 a month plus $400 set up, and packages for companies could run in the tens of thousands of dollars. Add to this the fact that the NSA has already been shown to aggressively compromise privacy services abroad, and you have a not-so-great deal.
There’s one ultimate solution that will keep your data completely safe and untouchable by any government entity, and possibly yourself: keeping it offline and putting it in a place where no one can get at it. HavenCo is a digital service that’s in the process of relaunching. The company was originally based on Sealand, a micronation perched on an oil platform six miles off the shore of the U.K. that only follows the rules of its own micro-government. That’s also where they plan to stick hard drives that will be in “cold storage”—completely inaccessible through any means but physical invasion. “No one knows what happens when the man comes knocking until it actually happens,” the company’s co-founder Avi Freedman warned. HavenCo offers the ultimate insurance; if you need to keep something backed up and concealed, there’s no better answer.
HavenCo will also offer more traditional online security services through anonymous web proxies and servers hosted on Sealand, hoping to piggyback off the micronation’s reputation for privacy to launch their independent brand. Yet the absurdity of having to isolate computers on an oil platform underlines the fundamental issue at stake in the data security industry. Should we really have to go to such great lengths and pay money to keep our information safe? Should privacy only be for people who can afford it?
Even those profiting from the leaks wish they didn’t have to sell the services they offer. “Though it was a good development for my company, the truth is my reaction was depression,” said Wilcox-O’Hearn. “It made me feel afraid for the integrity of my country.”
“In an ideal world, email would be secure. Calls, texts, storage, and hosting would all be secure,” Silent Circle’s Jon Callas argued. “In an ideal world I’d be doing a different job because data security would be like seat belts for cars—there's no need for a company making seat belts as a standalone product.”
Kyle Chayka is a technology and culture journalist in Brooklyn who contributes to Pacific Standard, New York Observer, The Atlantic, and other publications.