Kim Dotcom is at it again — but this time it’s encrypted. Here’s what’s revolutionary about his new file “sharing” service.
Kim Dotcom’s new file “sharing” service Mega was launched on the weekend, a year to the day since its predecessor Megaupload was shut down by the US Department of Justice. But Mega is much more than a screw-you-America gesture from a disgruntled entrepreneur. Dotcom is a revolutionary. With Mega he’s fired a broadside in the war for control of your information.
Dotcom founded Megaupload in 2005 as a place to store and distribute digital files. Now every website stores data, and these days there’s plenty of “cloud storage” vendors to choose from. But Megaupload’s business model seemed to, well, encourage copyright infringement. It soon became a go-to place to get music or movies without the inconvenience of actually paying for them, with more than 180 million registered users. For a while it was the 13th most popular site on the internet.
Megaupload was closed down last year, and Dotcom and his colleagues arrested. DoJ’s indictment was blunt. The company was “a worldwide criminal organisation [for conducting] criminal copyright infringement and money laundering on a massive scale”:
“Megaupload.com advertises itself as a ‘cyberlocker’, which is a private data storage provider. However, as part of the design of the service, the vast majority of Megaupload.com users do not have significant capabilities to store private content long-term.”
The criminal prosecution of Dotcom et al is still underway, and much of the evidence will be Megaupload’s own files. To stop that same thing happening with Mega, everything is encrypted. Communications from users to Mega’s servers are encrypted, and every file user’s upload has its own encryption key. No one can decode it unless the user gives them the key.
Now it could be argued Dotcom, a convicted insider trader and embezzler, has with Megaupload been burnt once too often by allegations of criminal activities, so he’s now trying to hide things from prosecutors. But people with far less “complicated” pasts are also setting up encrypted services that’ll be far less vulnerable to government monitoring, at least in theory.
Silent Circle is a new global communication service providing encrypted phone, text messaging, video conferencing and email. Its servers are in Canada, beyond the reach of US law. “We did a survey of what countries had the best privacy laws, and Canada and Switzerland came out at the top of the list. We went for Canada because we can drive there,” Silent Circle’s chief technology officer Jon Callas told the Patch Monday podcast late last year.
Silent Circle’s founders are two former US Navy SEALs who realised there was a huge market for secure comms that didn’t have a government back door, plus Phil Zimmerman, the creator of Pretty Good Privacy, the world’s most widely-used email encryption system.
I reckon we’ll be seeing many such services in the near future, and more focus on users’ data as private, rather than as something to be data-mined for marketing and other purposes.
In mid-2012, in the wake of revelations that Telstra had been sending users’ web browsing logs offshore, Australian internet pioneer Geoff Huston penned a blog post, “All Your Packets Belong to Us”. Our communications via the post office and then the telephone were considered private, and service providers had to protect that privacy except in very limited circumstances. That common carrier role is being eroded, Huston said, as communications companies increasingly see the data stream as something to be monitored and even monetised. Part of the problem is the assumption that everything not encrypted is public.
It seems plenty of people agree. Mega signed up 100,000 users in the first hour.