Who Will Take The Privacy Seppuku Pledge?

from the after-you dept

When Techdirt wrote recently about yet another secure email provider opting to close down its service rather than acquiesce in some future US government demand to spy on its users, we noted that Cryptocloud has promised something similar for a while -- what it terms "corporate seppuku":

In the context of privacy issues, "corporate seppuku" means shutting down a company rather than agreeing to become an extension of the massive, ever-expanding, secretive global surveillance network organized by the U.S. National Security Agency. It means, in short, saying "no." Sometimes, we hear people say that this or that company "had no choice" in what they did. Bullshit. There's always a choice; it's just that the consequences of certain options might be really severe, and are thus not chosen. But that's a choice. It's always a choice.
It has even formulated what it calls the Privacy Seppuku pledge:
if a company is served with a secret order to become a real-time participant in ongoing, blanket, secret surveillance of its customers... it will say no. Just say no. And it will shut down its operations, rather than have then infiltrated by spies and used surreptitiously to spread the NSA's global spook malware further. You can't force a company to do something if there's no company there to do it.
It's a noble gesture, but would it do much good in the real world of US government spying? Cryptostorm, the company behind Cryptocloud, has provided a fuller analysis of why it thinks such a pledge would work. Here's a key point:
That one that went thru with the seppuku? She'll likely have a new service up and running in a few days or weeks. The customers who got dinged by the shutdown? They'll all get up and running on her new service. This is all 1s and 0s, remember? You don't have to demolish a car manufacturing plant, after all -- you're just wiping some VMs and reincorporating elsewhere. Lease new machines. Call it "lavabutt" on the new corporate docs, in Andorra. Sign on to the Privacy Seppuku pledge, as lavabutt, again. Off you go. Do you think it'll be hard to get customers -- old ones migrated over, and new ones alike? Think on that: a privacy company that shut down rather than be #snitchware... do you trust them, now?
That resilience flows from the service's digital nature, the availability of powerful but free software, and Moore's Law driving down the cost of commodity hardware. Put together, they make it easy to to recreate a business if it is shut down (apart from the lost data, of course.) The NSA will get this salient feature, CryptoStorm believes:
Spooks aren't dumb -- far from it. They do these kinds of analysis -- hell, they hire some of the best game theoretic minds in the world, and always have. Local cops might be power-drunk and unable to see how their actions play out over time; the NSA isn't any of that. They have whole buildings full of very smart people paid good money to think about this stuff. They won't get it wrong.

And the outcome is simple: if the Privacy Seppuku concept spreads, it becomes useless to target companies on the pledge list! You won't get what you want, you'll make some heroes who go out and do bigger stuff next, you'll out yourselves as dangerous thugs, your "secrecy" is shot to hell, and after all the effort involved you end up backwards from where you were before. That's the scenario, it's how it plays out. There's really no alternative scenario.
It's an optimistic vision, but the fact is that at the time of writing, only two services are listed as having made the Privacy Seppuku pledge -- Cryptocloud and Cryptocat. Until more join the club, it remains more a nice idea than a practical way of fighting back against today's mass surveillance.

Follow me @glynmoody on Twitter or identi.ca, and on Google+



Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    That One Guy (profile), Aug 16th, 2013 @ 5:57pm

    Might not have been 'official', but I'd say Lavabit was the first company to make that pledge, and they lived up to it nicely.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Aug 16th, 2013 @ 8:06pm

    ObGodwin

    Companies that spy on their user are just following orders from the government, just like Nazi soldiers used to follow orders from the Fuhrer. We need more Schindlers and fewer Mengeles!

     

    reply to this | link to this | view in thread ]

  3.  
    icon
    Nigel (profile), Aug 16th, 2013 @ 8:13pm

    And....

    The terrorists win again.

     

    reply to this | link to this | view in thread ]

  4.  
    icon
    mvario (profile), Aug 16th, 2013 @ 8:25pm

    Standard part of Privacy Policies

    I think that as a part of their privacy Policy, all sites should state what their actions will be in the event they are served with a National Security letter. Users will then have that information up front to aid in their decision whether to use the site, and not have to guess whether a site will secretly comply, challenge it, or close their doors.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    No other option?, Aug 16th, 2013 @ 8:29pm

    No Other Option?

    Wellll... There IS one other option for the government. If the government knows that a company is going to shut down as a response, then the government will simply stop asking first before they take the information that they want.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Aug 16th, 2013 @ 8:29pm

    how do we tell which on the list are fake ones set up by the government?

     

    reply to this | link to this | view in thread ]

  7.  
    icon
    mvario (profile), Aug 16th, 2013 @ 8:36pm

    Riseup.net

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Aug 16th, 2013 @ 9:56pm

    Bitch????

     

    reply to this | link to this | view in thread ]

  9.  
    icon
    Atkray (profile), Aug 16th, 2013 @ 10:10pm

    Faulty premise

    "Spooks aren't dumb -- far from it. They do these kinds of analysis -- hell, they hire some of the best game theoretic minds in the world, and always have. Local cops might be power-drunk and unable to see how their actions play out over time; the NSA isn't any of that. They have whole buildings full of very smart people paid good money to think about this stuff. They won't get it wrong. "

    They will and did. If they were so smart they would have realized early on what Ed Snowden had in his possesion and moved heaven and earth to make a deal with him to bring him home and stop the releases. Give him immunity throw a couple administrators on the sacrificial altar and move on.

    These people are arrogant and believe themselves above the law and incapable of failure.

    See also: Pirate Bay Whack-a-mole.

     

    reply to this | link to this | view in thread ]

  10.  
    icon
    Uriel-238 (profile), Aug 16th, 2013 @ 10:31pm

    Maybe they will go Full Gestapo.

    Now that Ladar Levison might potentially be arrested for espionage or conspiracy, that might halt companies from carrying out corporate seppuku, even if it means disappearing all non-cooperative corporate officers and replacing them with government agents.

    We don't know. It'll be interesting to see the Levison fate (and I hope he has an offshore haven somewhere), but I'm sure if they made an example of Levison, later corporations would either bail early or fail to follow through on the pledge.

     

    reply to this | link to this | view in thread ]

  11.  
    icon
    That One Guy (profile), Aug 16th, 2013 @ 11:09pm

    Re: Faulty premise

    Nah, they didn't go the rational route with Snowden because they found themselves dealing with the kind of person that they had no experience with from their day to day lives: someone with a moral code higher than zero, and who was more interested in justice than power.

    Add to that the fact that Snowden is no fool, and wouldn't have been tricked by some sacrificial lambs being tossed out to make it look like they had 'changed their ways', and the only way they could get him was the underhanded/political fashion.

    Mind, that doesn't change the 'arrogant and above the law' line one bit, that I fully agree with, it suits them perfectly.

     

    reply to this | link to this | view in thread ]

  12.  
    icon
    Postulator (profile), Aug 16th, 2013 @ 11:14pm

    A gut-wrenching decision

    Two problems with this:

    - Once you're served with that order, to destroy any data may be a criminal offence (where is that link to the Lavabit guy's defence fund, by the way?)
    - Announcing your intent means that anyone wanting to spy on your users will look for back doors.

    A third problem being for listed companies - you try doing this, your shareholders will be after your head (as opposed to your guts).

    I had to look up seppuku (although I had heard of the more popular term). Wikipedia had a very nice article on it. One very important thing to note is that it is incredibly difficult to intentionally hurt yourself - the human mind is trained to avoid harm, and seppuku intentionally causes enormous pain leading to death. I think Cryptocloud has chosen the right term. For the company owner making such a decision, they would face enormous pain.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    techdirt commentator, Aug 16th, 2013 @ 11:26pm

    Full Gestapo

    If refusing such requests and preemptively shutting up shop is made illegal, and precedents are set to deter future copycats, the next best thing to do would be to comply with the orders but then shut up the business about 1 minute after the installation of government spywarez has been completed. That way you comply with the order but they get minimal useful data.

     

    reply to this | link to this | view in thread ]

  14.  
    icon
    Uriel-238 (profile), Aug 17th, 2013 @ 12:08am

    They don't call them black sites for nuttin.

    the next best thing to do would be to comply with the orders but then shut up the business about 1 minute after the installation of government spywarez has been completed.

    Somehow I don't think that's going to get you out of your one-way ticket to the Bradley Manning hotel and resort.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Aug 17th, 2013 @ 1:24am

    it shouldn't apply just to these services, it should apply to all. think what a difference it would have made had the various telcos decided to do something to protect their customers, instead of rolling over at the first hint of what was to come. now that would have been worth a good write up!

     

    reply to this | link to this | view in thread ]

  16.  
    icon
    Richard (profile), Aug 17th, 2013 @ 2:46am

    Re: Faulty premise

    They have whole buildings full of very smart people paid good money to think about this stuff. They won't get it wrong.

    they will and did.


    The smart people didn't get it wrong - they are probably wringing their hands right now. It is their bosses that got it wrong. What's the phrase?

    "lions led by donkeys"

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    avideogameplayer, Aug 17th, 2013 @ 3:17am

    You're forgetting about the big companies like Google and M$, etc...

    Do you REALLY expect them to shutdown and piss off all their shareholders?

    Plus they're WORLDWIDE shutting down operations on that big a scale would have to take a tremendous amount of coordination and cooperation...

    Not to mention the costs of restarting under a different company and all new equipment for it...

    Not to mention about what to do with the employees in the meantime...

    Realistically, I can't see that happening...

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Anonymous Coward, Aug 17th, 2013 @ 3:39am

    you get a court order

    IF you think you can say no, and close your business instead your wrong, it's a court order and legal requirement, if you say no, you are in violation of the law, so not only will your business close, you'll go to prison as well !!!

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Anonymous Coward, Aug 17th, 2013 @ 3:41am

    or on the other hand

    what an easy way to get these companies to shut up shot, the ones that don't want to comply, give them an order, watch them close their doors, job done !

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Anonymous Coward, Aug 17th, 2013 @ 3:44am

    I wonder

    Would Masnick close Techdirt if NSA sent him a secret order for the IP address and collected info on visitors to this site ?

    Would he say NO ?? and shut up shop, would he even disclose such an order if the order stated he was not allowed too ?

    Would he disclose such an order if it did not have a clause not to talk about it ? Would he comply with the order ?

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    robin, Aug 17th, 2013 @ 4:22am

    Not So Easy

    This is all 1s and 0s, remember? You don't have to demolish a car manufacturing plant, after all -- you're just wiping some VMs and reincorporating elsewhere. Lease new machines. Call it "lavabutt" on the new corporate docs, in Andorra. Sign on to the Privacy Seppuku pledge, as lavabutt, again. Off you go


    Levison said in an interview that he could not just do that, for as a U.S. citizen, he is still subject to the nation's laws, regardless of where the company is inocrporated and it's servers are located.

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Anonymous Coward, Aug 17th, 2013 @ 6:00am

    Sadly....

    They'll probably just make taking said pledge in the first place conspiracy, treason, terrorism, or whatever scary word whose definitions they molest.

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Anonymous Coward, Aug 17th, 2013 @ 6:31am

    Re: you get a court order

    Are you saying that in a so called capitalistic environment, a business is not allowed to fail, even though they are not too big?

    Rather than shutting the business down, what if the owner simply raised the fees through the roof? Would that also be illegal?

    If the government can force a business to continue operations regardless of whether it is profitable, would the inevitable losses then be a write off or a credit?

    Is this the new face of slavery?

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    The Real Michael, Aug 17th, 2013 @ 7:17am

    Re: I wonder

    That's an interesting question...

    How by giving companies an ultimatum ("Allow us to spy or else") is that not quivalent to hostile government takeover, a serious affront to freedom? If they know that companies would rather shut down their services rather than play ball with the NSA, this cause-and-effect scenario would give the latter the ability to get rid of sites they don't like in a roundabout way. To use a real-world analogy, imagine if you opened a business and one day an NSA agent walked in and told you that he was going to secretly set up cameras on your property and that you didn't have a say in the matter. How would you feel?

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    Anonymous Coward, Aug 17th, 2013 @ 8:22am

    Big problem: the government can just make refusal to cooperate a crime.

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    joe, Aug 17th, 2013 @ 10:33am

    Re: Full Gestapo

    "yeah sorry, our investors pulled out so we had to close down..."
    I find it hard to believe any court order could compel a private entity to continue operating a service at a loss.
    Although, IANAL. so *shrug*.

     

    reply to this | link to this | view in thread ]

  27.  
    icon
    JJJoseph (profile), Aug 17th, 2013 @ 10:35am

    Re: Re: I wonder

    Well, if they were setting up cameras to watch the people hanging around the finish line of the next marathon, I'd think "Excellent!". My reaction would be:"How can I help?"

     

    reply to this | link to this | view in thread ]

  28.  
    icon
    PT (profile), Aug 17th, 2013 @ 12:13pm

    Re: Maybe they will go Full Gestapo.

    It didn't work out so well for Joseph Nacchio, former CEO of Qwest. Perhaps he really was guilty of insider trading, but it seems improbable he would have been prosecuted and given six years for it if he hadn't stood up to the NSA.

     

    reply to this | link to this | view in thread ]

  29.  
    identicon
    Lurker Keith, Aug 17th, 2013 @ 5:21pm

    Re: I wonder

    Considering that the theoretical court order would likely be Unconstitutional, I have a feeling Mike would refuse to comply until he's given indisputable proof it is Constitutional, & make a carefully worded post about being given an Unconstitutional court order.

    Then again, what do I know? I've only been here since the SOPA Blackout.

     

    reply to this | link to this | view in thread ]

  30.  
    identicon
    Haudenosun, Aug 17th, 2013 @ 5:24pm

    Re: Faulty premise

    I agree, in part with Atkray

    "Spooks Are dumb"

    1st there is something called "incompetence" which happens every minute of ever day, - around the globe. Errors and oversight will occur.

    2nd is hubris, a byproduct of " Emperialistic" thinking. This hubris can lead to the underestimation of a threat or overconfidence in a mission achievement.

    3rd there are some incredibly bright people who choose not to work for the spooks. And lets not underestimate the hacker mentality.

    4th, there is a little something called morality. There do exist people who can't be bought and who will not compromise their principles.

    This is where we get to Snowden. Listen to his interviews. "The truth is coming and it can't be stopped." There was no deal possible. Remember, he believed like many others, that Obama would bring change. He sat on all this knowledge waiting for those changes to happen.

    There will be more I'm sure (whistleblowers) . I'm guessing that it's already too late for the government and the spooks to find them and shut them up.

     

    reply to this | link to this | view in thread ]

  31.  
    identicon
    Anonymous Coward, Aug 17th, 2013 @ 10:04pm

    Re:

    refusal to comply with a court order is a crime already

     

    reply to this | link to this | view in thread ]

  32.  
    icon
    Furzy (profile), Aug 17th, 2013 @ 11:10pm

    seppuku pledge

    It has been suggested to me that los federales will go after the principles, if they cannot nail the company....

     

    reply to this | link to this | view in thread ]

  33.  
    identicon
    Anonymous Coward, Aug 18th, 2013 @ 6:44am

    Re: Re: Re: I wonder

    "How can I help?"

    reply: Blank stare followed by
    "Do you have any weapons or illegal substances on your person?"
    "What brings you to this marathon?"
    "STOP RESISTING!!! STOP RESISTING!!!"

     

    reply to this | link to this | view in thread ]

  34.  
    identicon
    Anonymous Coward, Aug 18th, 2013 @ 6:46am

    Re: Re:

    We doan need no stinkin court order

     

    reply to this | link to this | view in thread ]

  35.  
    icon
    Hephaestus (profile), Aug 18th, 2013 @ 7:34am

    It would be far easier to create a site that the owner didn't have the encryption keys for. This way even if they did come in and ask for information it would be of no use to those seeking it.

     

    reply to this | link to this | view in thread ]

  36.  
    identicon
    Anonymous Coward, Aug 18th, 2013 @ 9:14am

    Re: Re:

    Gee, guess what your favourite copyright defenders did, darryl.

    You, originating from a country who steals money from George Orwell by having "1984" in your public domain, have no claim to moral superiority.

     

    reply to this | link to this | view in thread ]

  37.  
    identicon
    Anonymous Coward, Aug 18th, 2013 @ 10:03am

    Re:

    However, they have WAY more power to fight back should they choose to. They have access to HUGE expert legal teams, plenty of political connections, and the funds to tie things up in the courts while they resist. Also with regards to a company like Google that is hugely popular, directly trying to shut them down would also likely be political suicide. Furthermore, think of all of the businesses in the US that are built and rely on the use of Google's products and services. An attempt by the government to shut them down over a flat refusal to comply would have a significant impact the entire US economy. What administration wants to be responsible for that if they suddenly went rogue and stopped complying and publicly stated everything that was occurring even if it was in violation of a court order?

     

    reply to this | link to this | view in thread ]

  38.  
    identicon
    Anonymous Coward, Aug 18th, 2013 @ 10:12am

    Re: Not So Easy

    He didn't say he couldn't do it. He said he wasn't willing to at this point because he doesn't want to relocate personally to another country. He could also always sell any corporate assets that he still has to another entity that would be willing to do just that. It doesn't have to be carried on necessarily by himself personally.

     

    reply to this | link to this | view in thread ]

  39.  
    identicon
    Anonymous, Aug 18th, 2013 @ 12:43pm

    Re: Re: Not So Easy

    That reminds me of Genie in "Aladdin". First he says he can't bring back the dead, then he says he doesn't like doing it. So can he do it or not?

     

    reply to this | link to this | view in thread ]

  40.  
    icon
    JJJoseph (profile), Aug 18th, 2013 @ 1:30pm

    Re: Re: Re: Re: I wonder

    You forgot,"Say, what's in the pressure cooker?"

     

    reply to this | link to this | view in thread ]

  41.  
    icon
    seeker (profile), Aug 18th, 2013 @ 5:08pm

    Re: And....

    it is the US govt that are the terrorists from our point of view. Terrorists and nazies of the USA war criminal regime with illegal invasions, DU and white phosphorous murders, drone murders, assassination squads, torture as official policy, illegal spying, what is it that americans fail to comprehend about their nation being a psychopathic entity run by international war criminals and thieves? Evil is as evil does, and while it is clear that US citizens are mostly in 'denial' the evidence is overwhelming, 911 was an inside job, the thin aluminium of wingtips will not cut thru the 14 inch thick steel beams surrounding the twin towers creating a 'cardboard cutout' plane shape so the stupid of america will believe there were planes... talk about retards! And now the nation has gone over the edge into butter disaster land... and those americans who failed to stop the criminals are getting the govt and lwas they deserve for not standing against evil when they should, so Corporate Sepuku'shows that not all americans support the evil 'TERROR STATE THAT IS THE USA'!

     

    reply to this | link to this | view in thread ]

  42.  
    icon
    carlosjii (profile), Aug 18th, 2013 @ 8:38pm

    Interesting! 5 minute Google outate

    a warning?

     

    reply to this | link to this | view in thread ]

  43.  
    identicon
    Anonymous Coward, Aug 18th, 2013 @ 9:02pm

    Re: I wonder

    You wish this would happen, darryl. Go rape a solar panel.

     

    reply to this | link to this | view in thread ]

  44.  
    icon
    Ninja (profile), Aug 19th, 2013 @ 8:14am

    We should ask those people telling "if u got nothing to hinde then you don't need to fear the surveillance" to hand over every single piece of data they have to the NSA. Every single bit. Pictures (physcial or not), exact itineraries with detailed gps data, all your letter, documents, all of your private conversations, tapes of every sexual interaction you have with your partner, tapes of you using your bathroom... You know, commit privacy sepukku in the other end too. After all if you don't mind the intrusive surveillance you wouldn't mind giving all of your data to the Govt, right?

     

    reply to this | link to this | view in thread ]

  45.  
    icon
    John Fenderson (profile), Aug 19th, 2013 @ 9:28am

    Re:

    Do you REALLY expect them to shutdown and piss off all their shareholders?


    No, which is another in the lengthy list of reasons you should avoid using them in the first place.

     

    reply to this | link to this | view in thread ]

  46.  
    icon
    John Fenderson (profile), Aug 19th, 2013 @ 9:29am

    Re: you get a court order

    Even if this were true (and I don't think it is), it's easily handled by doing what another commenter here suggested: do what the court order demanded, then shut down the following day.

     

    reply to this | link to this | view in thread ]

  47.  
    icon
    John Fenderson (profile), Aug 19th, 2013 @ 9:31am

    Re: Re: I wonder

    I would close down my business.

     

    reply to this | link to this | view in thread ]

  48.  
    identicon
    Anonymous Coward, Aug 20th, 2013 @ 11:04am

    Re: you get a court order

    You got it wrong. The Lavabit letter explains that if the order had been signed by a court of justice they would've complied.

    The problem is that all these actions are undercover operations out of the law.

     

    reply to this | link to this | view in thread ]

  49.  
    icon
    Mason Wheeler (profile), Aug 20th, 2013 @ 5:04pm

    Re: Re: Faulty premise

    Remember, he believed like many others, that Obama would bring change.

    Oh, he's certainly brought change. Unfortunately, it's been more of the same change we saw during the Bush administration. ;)

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This