Germany has declared that its government will no longer work with companies that hand data over to the US’s National Security Agency (NSA).
According to German daily Süddeutsche Zeitung, Germany’s coalition government will no longer to work with any organisation that cannot guarantee that its data is beyond the reach of foreign services or authorities. The Ministry for the Interior is quoted as stating that the restriction is in place to prevent “the flow of data worth protecting to foreign security authorities”.
It is possible that the government’s decision in part stems from the NSA’s arrest in 2012 of German citizen Khaled el-Masri, which came following a leak from a former subsidiary of US IT firm Computer Services Corporation (CSC).
El-Masri was released without charge, with the NSA having to admit that no crime had been committed.
Despite this episode, CSC continues to carry out a number of security-based projects for the German government, including advising the Ministry of the Interior on electronic passports.
Meanwhile, a German subsidiary of CSC is still working on Germany’s De-Mail project, which aims to make public-sector email more secure.
In related news, students at Harvard and MIT have launched an “NSA-proof” email service.
ProtonMail, written by five students who met while working at Cern, went into public beta over the weekend after being in private beta for several weeks.
Based in Switzerland – and thus covered by the country’s privacy laws – the service is “end-to-end encrypted”, cannot be accessed by the company (“we can’t read your data”), and involves no user tracking of any kind.
Andy Yen, one of the five creators, stated that if “we can’t read it, we obviously can’t turn it over to any government agencies”.
ProtonMail’s encrypted emails are sent as links, which recipients can only view with a separately-shared passphrase. The life of the email can also be limited, to be automatically deleted once read.
Secure implementations of AES, RSA and OpenPGP are among the cryptography features ProtonMail is employing.