How NSA-proof is your VPN?

In an excellent Torrentfreak feature, representatives from several prominent privacy-oriented VPN provider explain whether, and to what extent, their services are safe from NSA spying. They cover the state of crypto, the structure of their companies, and the jurisdictional and legal questions they've resolved since the news broke that Lavabit shut down because it was ordered to redesign its service to make snooping possible.

“Lavabit’s actions to suspend operations and preserve its client’s privacy were truly inspiring. This serves as an excellent example for other companies to not let big government push them around and stand up by legally challenging unlawful data requests or gag orders. Curbing the power of government surveillance on the corporate sector won’t be easy, but it needs to start now with increased transparency and corporations that take an oath of privacy no matter the cost to business. In Lavabit’s case – if you can’t leave Texas then burn the servers.”

“A big misconception going around is that one’s data is far safer from scrutiny with foreign based corporations. Unfortunately, the US isn’t the only country with a spy agency and they certainly are not confined by domestic borders. We’ve seen countless incidents in the recent past where both domestic and international surveillance agencies abused power to gain access to servers and customer data – no gag order required.”

“Just because a company is incorporated in ‘Timbuktu’ doesn’t mean the third-party data centers they lease servers from won’t open the door when federal agents come knocking. That’s why more transparency is needed on a global scale, not just from US service providers, but also by these international based ISPs, Data Centers, Domain Registrars and Merchant Providers..(the list goes on).”

“While TorGuard does have US-based representation, we are an internationally owned company with 90% of our employees and server resources based abroad. As owner/operator, I’ve pledged an oath of privacy to our client base and I intend to uphold this promise to the best of my abilities, even if it means temporarily suspending services or relocating company assets. We have backup plans for our backup plans, and travel light.”

How NSA-Proof Are VPN Providers? [Ernesto/Torrentfreak]