PrivacySnowden revelations spur a surge in encrypted e-mail services

The Edward Snowden revelations about National Security Agency (NSA) surveillance programs have fueled a surge of new e-mail encryption services. “A lot of people were upset with those revelations, and that coalesced into this effort,” said Jason Stockman, a co-developer of ProtonMail, a new encrypted e-mail service which launched last Friday with collaboration from scientists from Harvard University, the Massachusetts Institute of Technology, and the European research lab CERN.

Yahoo News reports that ProtonMail is marketed as user-friendly as major commercial e-mail services such as Google Gmail and Yahoo Mail, but it offers extra security. The company notes that its servers are based in  Switzerland, making it more difficult for U.S. law enforcement to reach them. E-mail encryption has been a go-to-tool for dissident activists in China and Iran to avoid detection by the authorities, but the adoption of encryption services is now favored by many Americans who want to avoid surveillance from the NSA or other intelligence services.

Jon Callas, a cryptographer who developed PGP, a standard for encrypting e-mails using special codes and keys, and co-founder of Silent Circle, a secure communications firm, agrees that offering a user-friendly interface while maintaining maximum security is challenging. “Our vision is to make encryption and privacy mainstream by making it easy to use,” Stockman told AFP. “There’s no installation. Everything happens behind the scenes automatically.”

PGP has been around for a while, but complexities made it difficult to gain widespread adoption. ProtonMail now offers a free encrypted e-mail service as part of a basic account and added features are available for a fee. Callas’s Silent Circle is also developing a new e-mail system which offers full encryption and lets users reduce encryption levels.

The more user-friendly the system is, “the more susceptible it is to a sophisticated attacker with fake or spoofed key information,” said Ladar Levison, founder of e-mail service Lavabit, which is widely believed to be used by Snowden. Levison plans to launch a new e-mail service with other developers in a coalition known as the Dark Mail Alliance. “The goal is to make it ubiquitous, so people don’t have to turn it on,” he said. Lavabit shut down its services after federal authorities asked the firm to submit its data. The firm now faces a contempt of court order. Levison hopes his new service, Dark Mail, will become a new standard for future email services.

Google and Yahoo have also announced efforts to encrypt users’ e-mail communications, but Bruce Schneier, chief technology officer for CO3 Systems, said, “these big companies don’t want to encrypt your stuff because they spy on you, too.”

Stockman notes that even with encryption, services like Gmail and Yahoo Mail are likely to comply with U.S. authorities upon request. ProtonMail’s servers are based in Switzerland, and should a Swiss court order the firm to submit its data, “we would hand over piles of encrypted data. We don’t have a key. We never see the password,” he said.