In the months since the NSA spying scandal became front page news around the world, sparking a global debate about what constitutes ‘crossing the line’ in the name of safety, another issue has also become a center of focus. How do we make our information…ours?
Privacy has never been so important, but in a digital age where personal information made public is easily retrievable, and even private data isn’t necessarily safe, what alternatives have been produced to respond to the growing demand for online solitude?
With regards to communication, Swiss startup ProtonMail has been making headlines with its encrypted email platform. The system, created by a team of former CERN employees, is set on protecting user privacy rights via encryption. Making no mistake to clarify what the product is a response to, it’s been acclaimed by Forbes as being “NSA proof”.
So how do you fund a project aimed at protecting privacy rights online as a response to mass surveillance? You appeal to the people at risk of having their data monitored to begin with.
ProtonMail started a crowdfunding campaign on Indiegogo to first showcase its product to the world. The results were well beyond expectations, with the company to date having amassed over five times the initial $100,000 goal. At the moment, the service is available through invite only, but can boast an expanding user base.
To learn more about the venture we got in touch with Co-Founder Andy Yen. He was nice enough to answer a few of our questions about the service. Here’s what he had to say:
To begin, congratulations on the success of the crowdfunding campaign. Did the team expect such a favorable reaction from the online community so quickly?
“The crowdfunding campaign definitely exceeded our expectations. We set a goal of $100,000 and in the end, we exceeded that by over 500% despite some difficulties such as PayPal freezing our account. It is great to see such strong support from the online community for privacy initiatives such as ours, I believe we ended up setting a software technology crowdfunding record”.
In light of the NSA spying scandal, how important was it for the market to produce a system capable of essentially ‘out-innovating’ an agency which had overstepped its boundaries?
“I believe it is absolutely essential. The NSA is just one of dozens of agencies which have overstepped, and in many countries such agencies are also tools for oppression. Privacy is an important fundamental human right, without it, key freedoms such as the freedom of speech are not possible”.
Tell us about some of the basic security features offered. From what we understand, emails are encrypted once they’re sent, meaning they’re inaccessible on the company’s server?
“ProtonMail utilizes a zero access architecture meaning that even we do not have access to users’ data. We believe the best way to protect data is to simply not have any data at all. We accomplish this by encrypting data before it reaches our servers, with an encryption key only the users have access to”.
When dealing with people’s personal information, there are bound to be trust issues that take time to overcome. However, it seems you don’t need users to trust you, is that right?
“Our objective is to build a system that requires as little user trust as possible. We encrypt entirely on the client side where we do not have access to client keys, and the code that is used to do this is also viewable by the users”.
From the Indiegogo page we can see that encrypted chat is the next new feature on the horizon. What can you let us in on about that?
“Encrypted chat is something we really want to do, provided we have sufficient resources. Our main focus however is on email. We want to build not just the best encrypted email service available, but the best email service period. There have been a lot of requests for encrypted chat so we do have it on our roadmap after we complete a couple more key features for email”.
Being based in Switzerland offers a number of advantages with regards to data protection. Can you tell us some of those, and how they play into further securing ProtonMail’s platform?
“Switzerland has a long history of respecting personal privacy and today offers some of the strongest data protection laws in the world. It has always been neutral and very independent. Switzerland is outside of EU and US jurisdiction which ensures that only Swiss law applies. By hosting all of our servers in Switzerland, we ensure that ProtonMail cannot be subjected to unwarranted wiretapping requests and other sorts of interference with our service. However, the exact location of our servers does not matter so much because we cannot decrypt the encrypted data on our servers anyways”.
As alluded to in the crowdfunding video, an encrypted email service on such a large scale has never succeeded before. Why will ProtonMail?
“One of the, in my opinion, positive side effects of the end-to-end encryption model that we use is that it is not possible to serve targeted advertisements. If we can’t read user emails, we can’t really serve them ads like Google does. This effectively cuts out advertising as a source of revenue. If you look at the main email service providers in the world today, they are all advertising based. Simply put, the Google and Yahoo’s of the world depend entirely on advertising to survive, so encrypted email services simply are not compatible with their business models. As a result, there hasn’t been any impetus to go in this direction. As a startup that is backed by the community and not by ads, we have the unique opportunity to go in this direction”.