German parties help email users to keep it cryptic
Requests for email encryption rise as leading US provider Lavabit closes down following claim of NSA request for data
A screen grab of Lavabit.com’s home page shows a letter posted by the website’s owner, Ladar Levison. Lavabit, an encrypted email service believed to have been used by US whistleblower Edward Snowden, shut down abruptly on Thursday amid a legal fight that appeared to involve US government attempts to win access to customer information. Photograph: Reuters/Lavabit.com
There’s no music and no dancing at these parties. Instead you will find up to 15 people hunched over their laptops, anxious to keep their email from prying eyes.
Welcome to the Berlin Crypto Party where, in a nod to George Orwell, the motto is: “Party like it’s December 31st, 1983.”
Since Edward Snowden went public with his revelations about US surveillance of worldwide communications, German computer groups from Berlin to Bavaria have recorded a spike in requests for online privacy information.
They have responded with weekly Crypto Parties, offering easy-to-understand courses on keeping online activity private.
The most popular approach uses special software to encrypt email, ensuring that only the intended recipient, using a software key, can decrypt and read it. The most common maceration software, known as PGP (pretty good privacy), is over 20 years old and commonly used in computer circles. Now they hope to use the momentum of the Snowden affair to drag a minority interest into the mainstream.
Berlin Crypto Party organiser Hauke Laging says that, since mid-July, the profile of attendees has broadened from computer anoraks to mainstream users including, a week and a half ago, the first woman.
“As long as people have an email account and a computer we can set up a key for them and install the software,” said Mr Laging.
“At the end of our event people will be able to receive and send encrypted mails at the push of a button.”
Once more unto the breach
The growing demand for greater email privacy in Germany comes as US encrypted email provider Lavabit – which reportedly counted Edward Snowden among its customers – shut down its service.
On Thursday Lavabit founder Ladar Levison said he was pulling the plug rather than comply with the US’s National Security Agency requests to hand over user emails and, as he wrote, become “complicit in crimes against the American people”.
European operators were quick to step into the gap left by Lavabit yesterday. German operator Potseo, for instance, allows users to set up anonymous accounts without any personal details – and pay for the service in untraceable cash. Norwegian service Runbox, meanwhile, advertises that it is not obliged under Norwegian law to retain log data often requested by intelligence services.
Back in Germany, mainstream telecoms firms are jumping on the security bandwagon. Yesterday the two biggest operators in the country, Deutsche Telekom and United Internet, announced a “made in Germany” partnership that keeps all user data on servers in Germany and closes some email security gaps.
Computer experts were divided over how whether their announcement was a security measure or publicity stunt. Mr Laging hopes a critical mass of German users can force their internet providers to offer greater encryption options.
“When you send a mail you should be asked whether you want to encrypt as standard,” he said. “Online security is like eating salad and taking regular exercise: people know it’s a good thing but the difference is between knowing and doing.”