Therefore on the supply side of things, if not the demand side, it would appear that the domestic market for secure-email services has run its course. After all, according to the NSA itself, efforts to circumvent encryption have proven quite successful—the agency just doesn’t want anyone to know about it.
In September The New York Times reported on the NSA’s wide range of codebreaking activities, and quoted a memo written in 2010 regarding a briefing for Government Communications Headquarters (GCHQ), the UK equivalent of the NSA, that talked up the American agency’s strengths. “For the past decade, N.S.A. has led an aggressive, multipronged effort to break widely used Internet encryption technologies,” the memo stated.“Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable.”
An interesting opportunity thus presents itself to communications service providers (CSPs) safely out of the reach of the US government’s jurisdiction. The attention given to the Snowden story meant that everyday folks were now galled by the idea that their entire communications profile could be snooped on by government officials. Suddenly, spies, heads of state and journalists working on deep background weren’t the only ones looking for a way to keep their calls, emails and texts private.
In August, Deutsche Telekom and United Internet, which promote services that provide increased privacy to their customers, launched a secure “E-mail Made in Germany” initiative that utilizes an additional security standard that for the very first time enables GMX [Global Message Exchange], T-Online and Web.de users to automatically encrypt data over all transmission paths. The two CSPs are positioned to capitalize on the outrage of a culture that is highly sensitive to privacy violations.
“Germans are deeply unsettled by the latest reports on the potential interception of communication data,” remarked Deutsche Telekom CEO René Obermann. “Our initiative is designed to counteract this concern and make e-mail communication throughout Germany more secure in general. Protection of the private sphere is a valuable commodity.”The “E-mail Made in Germany” program complies with the country’s tough data-privacy laws. All of the corresponding data is stored in German data centers, and the program allows a user to see which of the intended recipients of his or her messages are also using secure addresses that adhere to the standards of “Made in Germany.”