Silent Circle Preemptively Shuts Down Encrypted Email Service To Prevent NSA Spying
“We see the writing the wall” wrote Silent Circle in a message telling customers it has shut down its Silent Mail encrypted email service. It hadn’t yet received any subpoena or other notice to provide data to the government, but after seeing Lavabit shut down rather than be “complicit” with NSA spying, it decided to kill off Silent Mail rather than risk its customers’ privacy.
Silent Circle reportedly saw revenue increase 400% month-over-month in July after corporate enterprise customers switched to its services in hopes of avoiding surveillance. The company giddily told Forbes it planned to nearly double staff and significantly increase revenue this year in part thanks to the NSA’s practices coming to light. In light of those comments, today’s news about shutting down Silent Mail seems a bit sobering.
Silent Circle’s other secure services including Silent Phone and Silent Text will continue to operate as they do all the encryption on the client side within users’ devices. But it explained that “Email that uses standard Internet protocols cannot have the same security guarantees that real-time communications has.” With too many opportunities for information and metadata leaks in the SMTP, POP3, and IMAP email protocols, the company believes there was no way to live up to its promise of total privacy.
In a statement to TechCrunch about whether the shut down was only because Silent Circle felt email was insecure, CEO Michael Janke tells us
“It goes deeper than that. There are some very high profile people on Silent Circle- and I mean very targeted people- as well as heads of state, human rights groups, reporters, special operations units from many countries. We wanted to be proactive because we knew USG would come after us due to the sheer amount of people who use us- let alone the “highly targeted high profile people”. They are completely secure and clean on Silent Phone, Silent Text and Silent Eyes, but email is broken because govt can force us to turn over what we have. So to protect everyone and to drive them to use the other three peer to peer products- we made the decision to do this before men on [SIC] suits show up. Now- they are completely shut down- nothing they can get from us or try and force from us- we literally have nothing anywhere.”
Silent Circle says it had been considering a more conservative slow shut-down of Silent Mail or ceasing to take on new customers, but was inspired to shut down by Lavabit.
That company was reportedly PRISM whistleblower Edward Snowden’s email provider, likely because of its claims of high security. But Lavabit was told by the government to turn over user data, and received a gag order preventing it from publicizing details of the situation. Today Lavabit owner Ladar Levison posted a note to the company’s site saying “I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit.” He chose the latter.
The move has bolstered critics who are becoming increasingly vocal about how the U.S. government’s surveillance efforts are jeopardizing American technology businesses. They fear international customers may take their cloud business elsewhere in an attempt to avoid the NSA. Jennifer Granick, the Director of Civil Liberties at the Stanford Center for Internet and Society, wrote that ”the U.S. government, in its rush to spy on everybody, may end up killing our most productive industry. Lavabit may just be the canary in the coal mine.”
Now it seems that negative impact won’t just be in the form of lost customers or businesses shut down upon receiving data demands. The destruction could reach as far companies unwilling to even risk compromising their values.