In the wake of the Edward Snowden scandal, two of the biggest names in encrypted email have terminated services to prevent government access to their databases.
Lavabit And Silent Circle Shut Down Encrypted Email Services
When NSA whistle-blower, Edward Snowden, leaked documents detailing the federal government’s data-gathering program, PRISM, he knew there would be consequences for his actions.
But Snowden likely had no clue just how extensive the damage would be, resulting in not only his own self-imposed exile from the United States, but also bringing down two of the country’s best known providers of secured email communication, Lavabit and Silent Circle.
Both companies offered encrypted email services, offering improved security for transmissions.
The trouble began when it was discovered that Snowden regularly used Lavabit in his correspondences, which naturally aroused the attention of the NSA.
Though the exact nature of the government requests made on Lavabit were, what is known is that the company feared that the private data of their userbase was at stake. Rather than risk being forced to hand the information over, the company opted to instead shut down its operations.
The reasoning behind this decision was shared by Lavabit’s owner and operator, Ladar Levison, in a letter on the company’s homepage.
In the message to Lavabit’s users, Levison stated that rather than ‘become complicit in crimes against the American people’, he chose to suspend operations. Levison also made vague comments regarding an impending court battle, though was unable to provide specifics due to a federal gag order.
Levison closes the letter by calling on fellow defenders of the Constitution to donate to the company’s legal fund, in preparing for what he suspects will be a lengthy, and expensive, fight for the company’s beliefs.
In the wake of Lavabit’s closing, competing service Silent Circle announced they would also cease providing their encrypted email service, Silent Mail. Though demands for access to their data from the government was reported, the company feared they might share the fate of their peer.
Though the company’s Silent Phone and Silent Text services offer fully guaranteed end-user encrpyted transmissions, the company had admitted Silent Mail did not share the same protection, as email by design uses ‘standard Internet protocols cannot have the same security guarantees that real-time communication has.’
With the loss of both Lavabit and Silent Mail, the concept of email confidentiality has become an, at best, nebulous concept. As stated on Silent Circle’s WordPress blog post, ‘Email as we know it with SMTP, POP3, and IMAP cannot be secure’.
Just how secure any person’s email correspondences are in reality will likely depend solely on just how willing and (financially) able they are to fight off the federal government in the court system.
For now, the future of secure Internet correspondences appears grim, as in the words of Ladar Levison:
“This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would _strongly_ recommend against anyone trusting their private data to a company with physical ties to the United States.”
What do you think of government agencies, such as the NSA, demanding increasing access to the data of private citizens? Are such intrusions a necessary evil in fighting the War or Terror, or do you think the federal government is over-stepping their bounds for other, more nefarious reasons?
Let us know what you think in the comments section!