Of all the locations you would expect a secure, encrypted email service to emerge, a Colombian prison is possibly the most bizarre.
Today a startup called Criptext has announced the public beta launch of its secure email service, based on the open source Signal protocol. With the goal of giving users with a hyper-secure email service that offers a safe and private space for data-sharing and information exchange between two parties, Criptext has one of the most original origin stories ever.
Criptext CEO Mayer Mizrachi claims he was a victim of an alleged political persecution. Specifically, Mizrachi spent six months incarcerated in 2016 because of an Interpol “red notice” emitted by the Panamanian government. Months after the prison saga, Interpol allegedly eliminated all records of Mizrachi’s incarceration. The claim is that the Panamanian government couldn’t back up the integrity of the original documents they used to generate the red alert. In other words, Panama delivered fake information to Interpol that led to his imprisonment.
Why did this happen? Criptex was granted a government contract for the delivery of an encrypted messaging network. In July 2014, months after delivering the agreement and the Ministry of Technology putting the software to use, there was a change in government. The new administration, which was headed by the ex-vice president (who is apparently the sworn enemy of the former president) stopped using the service.
Once that contract ended, the Minister of Technology, Irvin Halman, decide to sue Criptext for not delivering the platform. However, this wasn’t a civil case, but a criminal one in which embezzlement charges were leveled at Mizrachi. Ultimately, the Criptext case was thrown out by the courts, as judges found no evidence of wrongdoing and concluded that the contract had been duly executed by Criptext.
By way of protest, Criptext decided to allow the encrypted messaging app to be used by the new government for free while Mizrachi was still encarcerated. However, during his time in prison, Mizrachi learned that the government had been collecting email data from its lawyers without his knowledge. This is what prompted the company to shift focus, creating an independent email service that guarantees not only the confidentiality of emails via encryption but also the privacy and ownership of users’ data.
Big data companies and government institutions are now infamous for collecting our data and surveilling our internet activities, with claims emerging that these organizations are misusing personal data for their gain. It almost seems a day doesn’t go by without news of a data breach, with hackers always dancing one step ahead of those who attempt to protect consumers.
Significantly, a lack of privacy also threatens freedom of speech, which is the key to holding our institutions accountable and the fostering a robust democracy. Internet users are growing increasingly aware that their data can been breached, with sensitive information shared across email and text and potentially accessed by technology companies, service providers, and the government agencies.
Criptext wants to ensure that in a world where we engage in more digital conversations than physical ones it can protect the privacy of email conversations by encrypting those messages from end to end and never storing users’ email data.
However, encrypted and private communications are a double-edged sword.
Many encrypted or anonymous email and messaging solutions end up becoming havens for trolling and worse. How will Criptext guard against this?
“Well, Criptext can’t police the contents of people’s emails within our platform because they’re encrypted and we don’t store them in our servers,” Mizrachi said. “However, we think that our users’ input would be a viable way to identify bad actors and bar them from Criptext. We plan on making a reporting system whereby users can report abuse and ill intent within our platform.”
That will be an essential addition to Criptext, although Mizrachi suggests that this is not a technology issue.
“We have to remember that, ultimately, this is not a Criptext problem so much so as a problem within our society,” Mizrachi said. “We’re seeing bullying take place in social media, messaging, and many other online tools. Our responsibility as users is to speak out and point out the bullies as the events take place. As a service provider, we’re responsible for creating the tools necessary for the community to police itself and help us block these bad actors from using our service.”
Criptext refrains from collecting or storing data within its servers, instead giving users complete control and ownership over their data by allowing them to save it entirely on their devices. The platform is built on the premise that the less data is collected, the more privacy its users’ have. Unlike some encrypted email services, Criptext doesn’t have access to users’ encryption keys, as they’re also generated by and stored in the users’ device. This means only the sender and the recipient have access to the content of the email.
Criptext offers its users the option to unsend emails after they’ve been read by the recipient. It also provides real-time email tracking and allows users to see if an email has been read.
Today’s launch offers an open source public beta, with a remit to build a community that will play an active role in the development process as Criptext works toward a full launch.
What’s next for Criptext?
“There’s still a lot of room for improvement,” Mizrachi said. “Remember, this is a beta launch, and there’s bound to be bugs and imperfections. Our immediate goal is to iron out these issues and optimize the experience so that users can rely on Criptext as their main inbox. In the long run, we hope to take the Criptext experience from the individual to the enterprise, and maybe someday open up as a platform so developers can build productivity tools that work on top of the Criptext’s email ecosystem.”