Groklaw is one of our favorite blogs; it's a discussion and dissection of the intersection of technology and the law, focusing on open source but also on antitrust and patent law and all kinds of other things we care about. And today the founder and chief writer, Pamela Jones, announced that she's shutting down Groklaw for good, citing concerns over government surveillance.
"They tell us that if you send or receive an email from outside the US, it will be read. If it's encrypted, they keep it for five years, presumably in the hopes of tech advancing to be able to decrypt it against your will and without your knowledge. Groklaw has readers all over the world," writes Jones, presumably talking about Gmail, which retains encrypted emails. "There is no way to do Groklaw without email," she continues, though she doesn't elaborate (presumably this is how she communicates with sources and legal advisers who like to remain anonymous). She says she is personally switching to Kolab, a Swiss email company, but that her "personal decision is to get off of the Internet to the degree it's possible."
Kolab does not offer encryption, but it's a paid service that keeps all data in Switzerland, which is somewhat of a haven for privacy (the country, according to Kolab, wiretapped only 20 times in 2012, which is basically nothing compared to the U.S.). Kolab says it complies with Swiss requests, but only Swiss, and vows to publicize it if it ever receives one.
It's an odd choice, to shut the site down completely; there are plenty of secure email services out there, as Jones knows, considering she's switching to one. The motivation seems less about concerns that her personal email will be read than total disgust that the state of privacy and the law has come to this. "What I do know is it's not possible to be fully human if you are being surveilled 24/7," she writes. Jones is semi-famously private; she writes as merely "PJ." "I originally wanted to stay anonymous, in a sense, by just saying PJ. Eventually media attention and other factors made it impossible to remain just PJ but I would have if I could have. I have no desire to be famous, for one thing," she once wrote.
We'll miss Groklaw if it's truly gone, but if this shutdown, along with Lavabit's, is an early sign of mass revolt against surveillance, perhaps it'll have some positive effect after all. Groklaw will remain online as a resource, but will not update with new posts.
"....2 Encrypted Email Services Shut Down to Avoid NSA Snooping
By Lorenzo Franceschi-Bicchierai/Aug 09, 2013Two encrypted email services shut down on Thursday, citing concerns related to NSA surveillance and government requests for user data.
Private communications startup Silent Circle preemptively shut down its encrypted email service on Thursday evening, an unexpected move that came just a few hours after Lavabit, another encrypted email provider, allegedly used by Edward Snowden, decided to close doors rather than comply with a national security-related investigation.
See also: Is It the Dawn of the Encryption App?
"We see the writing on the wall, and we have decided that it is best for us to shut down Silent Mail now," wrote Silent Circle's CTO and cryptographer Jon Callas on the company's blog, after explicitly pointing to Lavabit's earlier decision. "We have not received subpoenas, warrants, security letters, or anything else by any government, and this is why we are acting now."
Silent Circle, a startup founded by former U.S. Navy Seal Mike Janke, and well-known cryptographer Philip Zimmermann (pictured above), provides encrypted phone calls, text messages and video calls for $10 a month.
In a phone interview with Mashable on Friday, Janke said they had been thinking about this decision for a while, but Lavabit's announcement gave them the final push to not only close down the service, but to also wipe the servers and destroy them, removing "every and all traces of email in the entire architecture," he said.
The main reason behind their decision, however, is that even encrypted email isn't completely safe, he said.
"Email is fundamentally broke," Janke said, explaining that even perfectly encrypted emails leak metadata — the sender's IP address, the subject of the email, the time it was sent and received. "All those things are really, really sensitive information that governments can use to pinpoint and track you, and know who you're communicating with and where you're at and what time."
Janke said that 50% of Silent Circle's total users, though he declined to give a specific number, used the encrypted email service. Most of them, according to Janke, were supportive of the company's decision. And although Janke admits the action was abrupt and without prior warning, it had to be because many Silent Circle users are government employees around the world or people that might have been targets.
"If we send an email saying, 'in 12 hours we're shutting off email,'" Janke said, "it doesn't take but a half hour for a government agency to send you a National Security Letter."
Despite the current service being effectively destroyed, Janke revealed they're working on a fully encrypted and peer-to-peer email service which could be unveiled in the next few months.
A few hours before Silent Circle's decision, Lavabit had announced it was suspending its service.
"I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit. After significant soul searching, I have decided to suspend operations," wrote Lavabit's founder Ladar Levison.
The reasons behind Levison's decision are as yet unclear, though his full statement hints that he is under gag order following an unspecified request from the U.S government. (Levison didn't respond to Mashable's requests for comment.)
CNET reporter Declan McCullagh speculated on his Google Plus page that the reason might have been that the FBI served Lavabit with an order to intercept Snowden's, or other users', passwords.
The two companies' surprising decisions do appear to be ideologically motivated, but they are business decisions as well. Both Lavabit's and Silent Circle's business models are built on the promise of private communications and their advertised inability to comply with surveillance orders. Hence, it makes a lot of sense from a business perspective to fight government snooping. "If we turned evil, then you're still covered," Phil Zimmerman told Mashable in a previous interview, alluding to the value of protecting user data at any cost.
"Lavabit and Silent Circle's extraordinary behavior demonstrate not only their principles, but that they understand the business they're in," wrote computer scientist Matt Blaze on Twitter.
CryptoCat, a browser-based encrypted chat service, also announced it would do the same if necessary... "
Back in the earlier days of the interwebs it was common for peeps to run their own email servers. This was largely scuttled, a sad casualty of the spam wars but I wonder if its time for a renaissance. If everyone ran their own email server the guberment would have to come to us directly when they wanted to steal our emails (which they commonly do without warrant and include gag orders). These micro servers would still be web based, you could even integrate the service in your linksys router.
Best thing that's coming? the impending supernova of betelgeuse. one day, perhaps a thousand years from now it will wipe the slate (hard drive) clean. perhaps in a few years if we are lucky.