Edward Snowden singled out cloud-storage provider Dropbox for lacking security measures he says would protect users from government snooping. He then plugged smaller competitor SpiderOak, which he says does. <\/p>\n
In aninterview with The Guardian published Thursday afternoon, the former National Security Agency contractor said Dropbox is hostile to privacy because it controls the encryption keys, making it capable of handing over user data stored on its servers to the government. <\/p>\n
He also fixated on the startups hiring of former Secretary of State Condoleezza Rice as a board member, though its not clear she has any role in shaping the companys privacy policy. <\/p>\n
Safeguarding our users information is a top priority at Dropbox, a Dropbox spokeswoman said in an email. Weve made a commitment in our privacy policy to resist broad government requests, and are fighting to change laws so that fundamental privacy protections are in place for users around the world. <\/p>\n
But Snowden said users should instead use SpiderOak, a storage startup which takes extra security measures such as not storing users passwords. That makes it difficult for the government to access any user data, even with a court order. <\/p>\n
More than a year after he leaked classified documents on the U.S. National Security Agencys programs to monitor phone calls, email and other communications, Snowden is urging tech companies to adopt stronger methods of privacy protection. Some of the documents he leaked helped sway Internet giants like Google and Yahoo to encrypt data passing between their servers and sparked a wave of startup innovation in the field of secure mobile messaging. <\/p>\n
In cloud storage, as with other online services, adding greater privacy requires tradeoffs that could compromise ease of use or commercial viability for tech companies focused on making money. <\/p>\n
Both Dropbox and its storage rival Box already encrypt data in transit between servers and while its at rest on their servers. But neither goes the extra step of SpiderOak, one of a handful of companies pitching cloud storage that is subpoena-proof, meant as a deterrent against the National Security Agency and other spy teams. <\/p>\n
Heres how it works: SpiderOak has users encrypt data on their machines before they send it to the companys servers. The company maintains it keeps no readable version of users passwords or data. <\/p>\n
The plus side: If a government asks SpiderOak for your data, all it can give them is a scramble of numbers and letters. The down side: If you forget your password, SpiderOak has no way of resetting it for you. (Users are allowed to leave hints with the company.) <\/p>\n
<\/p>\n