What kind of privacy legislation would you like to see in the near future?
I’d like to see data retention laws changed. There’s discussion in the EU now for a “right to be forgotten.” In many cases, this is being aimed at the likes of Google and Facebook, and the difficulty in keeping them from tracking you. Yet the EU has data retention laws that require service providers to keep lots of unnecessary information about everyone’s network activities, and this is far more intrusive than anything else. The idea is good, and I support it. We need more of it.
Can you introduce Silent Circle to our readers? What are its main features?
Silent Circle is a secure information service for mobile devices. It provides secure voice and video calls and secure texting with attachments through our proprietary global network and our Silent Phone and Silent Text mobile apps. The keys are on your device. Not even we can decrypt them.
We also don’t keep metadata, which is suddenly very big in the news. We don’t keep track of who you call or who you text. The servers have to make connections, of course, but they don’t keep track of it.
We also have an email system that’s okay as email systems go, but email itself is broken beyond help from a security and privacy standpoint. We’re using PGP Universal for it, and it works for people with the right threat model, but it doesn’t have the really cool security properties of our peer-to-peer Silent Phone and Silent Text apps, for example.
As you might expect from things I wrote in response to other questions, we charge for the service. Our idea is that we are offering to use our expertise to protect your privacy, and part of the contract is that you’re paying us, so we’re obligated to do our best.
What were the most significant challenges you encountered while developing Silent Circle? How has user feedback defined the product?
The biggest challenge was deciding to do it. When we were planning the company, I was the one raining on my partners’ parade. I think I estimated that there would only be ten to twenty thousand people in the whole world willing to pay for a secure service. I was wrong and I’m pleasantly surprised.
User feedback has helped us a lot. We wouldn’t have introduced our email service, Silent Mail, if people hadn’t asked us for it. We have been focusing on very strong commitments to security, which is also an interesting intellectual problem – how do I make a service that considers me part of the threat? But people wanted something that just works, so we did email, too.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.