Posted on

How Email Encryption Protects Everyone in the UK

In the UK, there’s talk of government moving to ban end-to-end encryption. According to leaked documents, the legislation in question would force technology companies to “build backdoors into their products, in an attempt to allow its intelligence agencies to access civilians’ private data and messages.”

 

This is alarming for many reasons.

Backdoors are easy to exploit. It’s not a case of only granting access to government surveillance teams. Encryption technology doesn’t work that way. Once a backdoor is built into technology, anyone with the know-how — including criminals or corrupt government officials — could gain access to private data. It’s no longer secure.

Frustratingly, a move like this also assumes everyone who uses encryption is a criminal or planning a terrorist attack, despite the fact that all citizens in the UK have a right to communicate securely and privately.

Encrypted communication protects everyone, whether you’re sharing sensitive client documents, planning an event or sending family photos of your baby.

 

Without encryption communications, we’re all at risk

Earlier this year, the UK home secretary pushed for WhatsApp, the widely popular messaging service, to install backdoors in its technology to make it accessible to authorities. Her reasoning was that criminals are discussing their plans using the app and investigators require access.

While no one can prevent criminals from using encrypted communications, a ban on it would risk exposing huge swaths of financial and personal data, simply for the sake of catching a small number of criminals. It’s too big of a threat on civil liberties.

Relying on mainstream telecommunications providers for secure email just isn’t advisable either. Providers regularly store communications and must comply with requests from law enforcement to hand over data.

A sweeping bill — nicknamed The Snooper’s Charter — passed last year in the UK, giving government even more surveillance power and the ability to hack and store data relating to internet use. The Investigatory Powers Act gives the British state the ability to compel service providers and mobile networks to store what you do online for 12 months.

This includes email correspondence and browsing histories.

 

PGP encryption is for anyone who needs it

Myntex users are individuals or businesses in the UK who value their privacy and security. They’re committed to being able to express themselves freely without outside intervention. Businesses have trade secrets they want to protect, as well as sensitive information that cannot be leaked like financial reports and health data.

Using BlackBerry email encryption protects these communications by making intercepted messages impossible to read, and deleting the messages themselves within 24 hours. Because we don’t store messages or encryption keys, there’s nothing for us to turn over to law enforcement even if we are the subject of a subpoena. You’re protected no matter what laws are enacted in the UK.

 

Ready to learn more about encryption?

Posted on

Everyone Has the Right to Privacy: Knowing Your Digital Rights in the Netherlands

Everyone has a fundamental right to privacy. It’s a reality that in our fast-paced digital world, this right to privacy is constantly under threat. Unlike paper data, digital information can swiftly move across borders and fall easily into the wrong hands. Mobile internet usage in the Netherlands has skyrocketed in the last five years. Statistics show that 80% of Dutch citizens are mobile internet users.

Unfortunately, many people continue to use insecure communication methods that put their privacy at risk, often due to a lack of education about digital privacy laws and surveillance tactics. Knowing your digital rights in the Netherlands will help you make choices that will ultimately guard your privacy.

 

Digital privacy laws in the Netherlands

Laws pertaining to electronic communications and personal data privacy in the Netherlands fall under either the Personal Data Protection Act (PDPA) or the Telecommunications Act, and sometimes both.

Under the PDPA, personal data can be legally accessed under certain conditions. Consent must be obtained by the data subject (that’s you) before the act of collecting or processing any identifiable information. Of course, there are exceptions to this right to consent. It’s still possible for your personal information to be shared without your knowledge because of requests from internet service providers or Dutch law enforcement agencies.

According to the Telecommunications Act, it’s your right to be informed by your service or network provider that there’s been a breach of security. Dutch law says that data can be legally stored if it is being used in a criminal investigation or persecution of a serious offence such as terrorism. In this context, the stored data can only be kept for one year.

If you suspect that your personal data is being viewed or processed, it’s your right to request the service provider or party in question to confirm whether or not this is the case. It’s also your right to ask for the logic behind why your data is being processed. You must receive a response in writing within four weeks.

Dutch citizens have the right to submit complaints about digital privacy violations to the Dutch Data Protection Authority via the National Ombudsman.

For more information and support on digital rights in the Netherlands, consider checking out Bits of Freedom, an advocacy organization.

 

How to protect yourself

While Dutch laws seem to have the intention of protecting citizens, it’s obvious that exceptions made for law enforcement investigations and security breaches could still put your personal privacy at risk.

It wasn’t encouraging to see this Dutch official express a willingness to sacrifice privacy for security in order to install encryption “backdoors” in popular messaging apps (luckily, the Dutch government didn’t agree).

Nonetheless, here are some tips for protecting yourself.

Take the time to research telecommunications providers in the Netherlands. The two biggest issues for telecommunications providers are data storage and interference from law enforcement.

A popular provider, KPN, was the victim of a massive hacking incident in 2012. A 17-year-old managed to gain access to the KPN servers and the email addresses of two million users. KPN was forced to revoke access to the email accounts and ask users to reset their passwords.

The company was ultimately fined by the Netherlands Authority for Consumers and Markets for “insufficiently securing customer data.”

The logical next step is to choose a provider that not only encrypts your communications, but doesn’t actually store any of your private information.

Beyond researching your telecommunications provider, consider what may happen to your digital data if you try to cross an international border, as some citizens have run into problems trying to enter the U.S. in recent months. Border guards have asked to search their mobile phones.

While it seems to be within the rights of travellers to refuse the search, it may be easier to delete any unnecessary apps before travelling, take a temporary phone while on vacation or simply use an email encryption service that automatically deletes messages over a day old, and can be wiped at a moment’s notice.

 

Choose PGP encryption for secure communication

Because as citizens we’re at the mercy of laws set by those in power, it’s vital that you choose a communications provider, and a secure device, that makes reading your email impossible.

While BlackBerry PGP encryption can’t necessarily stop emails from being intercepted, the emails themselves are encrypted and can’t be read. You’re in total control of your privacy.

 

Interested in how to protect your communications? Find out more.

Posted on

Why Myntex Owns Their Canadian Data Centre (and Why That’s Important)

Unlike many encrypted email providers, Myntex houses their servers onsite at our Canadian headquarters. We’d like to explain why having our data centre on the premises is significant, and how this influences how users ultimately choose between encryption providers.

 

We have total control over our servers

Because our data centre is located in our headquarters, we have total control over it. In the event of an issue arising, we can be onsite immediately to troubleshoot the problem. We keep the servers running smoothly, installing critical updates ourselves, controlling the heating, cooling and humidity, and ensuring we have disaster recovery plans in place.

This means fewer interruptions to PGP BlackBerry encryption services for users.

DDOS attacks are a massive problem for communication companies. Competitors, activists and hackers launch DDOS attacks to disrupt users’ service and sometimes even to test exploitable networks. Running your own data centre means you can use multiple methods of DDOS protection with flexible mitigation options.

Our office is located in Canada, so we benefit from laws that protect the digital privacy rights of citizens. Canadian laws aren’t as invasive as those in other countries. If law enforcement wanted to gain access to our servers, they would need a warrant.

Of course, even if Canadian authorities did gain a warrant, they wouldn’t be able to access any emails because they are deleted every 24 hours and without access to the PGP keys, decryption is impossible (more on that later).

 

No security in unstable countries

Unauthorized access to data centres is a real threat in less stable countries. Unfortunately, many encryption providers choose to house their servers in countries different than their headquarters. They may not own their own data centre, as this is a significant investment, so they co-locate in someone else’s data centre. This is incredibly risky for several reasons.

Unstable countries often have unstable governments, who are more likely to bribe a data centre employee for access to their servers. Your data may feel safe until it’s not. As well, there’s no one onsite from the PGP encryption provider to keep tabs on equipment failure, tampering or theft.

 

We don’t actually host data

It’s important to note that all data that comes through Myntex’s servers is encrypted. The encrypted email service is also subject to an automatic delete policy, which means emails are wiped every 24 hours. No one’s data sits needlessly on our servers.

 

Have more questions about our Canadian data centre? We’re happy to chat. Get in touch.

Posted on

The Reality of Encryption

We’ve all seen political leaders and law enforcement from around the world trying to abolish end-to-end encryption, why is that? Follow along and we will share why we think encrypted communication is being scrutinized.

In countries around the world today encryption goes hand in hand with the right to privacy. You as a person have the right to privacy, and henceforth the right to secure your private data. While this seems like an opportunity to hide wrongdoings, or illegal activities this isn’t the case for the grand majority of the population.

The average person uses encryption far more than they may be aware of. At the time this article was published over half of web traffic has been encrypted using the HTTPS protocol. Why is internet traffic encrypted? Well that’s quite simple! Without encryption, hackers, scammers, and criminals would have access to all the data you transmit and receive on a daily basis. HTTPS wasn’t created and implemented to cover up a criminal conspiracy theory, it was invented to allow the safe transit of information.

So what would happen if the powers that be succeeded in ending encryption as we know it? Well this is where it gets interesting! Encryption is plain and simply just math… The same kind of math that was invented by the Babylonians nearly four thousand years ago. So quite frankly we don’t see Math going anywhere anytime soon. That being said, this means encryption itself would be the target of a new law forbidding math!?

Let’s imagine for a moment that this encryption ban was successful, what would that mean to the average law abiding citizen? Well it would be quite detrimental to your digital life as you know it. You would no longer be able to secure or encrypt family photos, email accounts, digital journal entries, or any other digital information stored on your computer, cellphone, hard drives, etc. This would cause mass data leaks, and theoretically end the last bit of privacy/anonymity we as law abiding members of the digital age possess.

In this same theoretical circumstance what would that mean for the criminals that were the initial target for the encryption ban? Well… to be frank, if someone was to break the law as a way of life, why would they draw the line at this new encryption law? Albeit a new kibosh on encryption would not affect criminal behavior in any way, if they are prepared to live a life of crime why would they follow this law and break all the others?

In our humble opinion the idea of putting an end to encryption would be setting us further back than forward. We believe everyone has the right to their privacy, and by implementing a ban on encryption it would only succeed in removing freedom and privacy from the people who deserve it most.

Nothing to hide is not the same as nothing to lose.

Don’t hesitate to reach out to us here at Myntex to let us know what your stance on encryption is!