We are transparent

Transparency Report: March 2014

Transparency Report: November 2013

Transparency

Our founders have been creating cryptography and secure communications tools for over 20 years. We have learned a lot over this time. We are transparent about what we can and cannot protect. We think it’s important that our customers know how Silent Circle responds to government demands for user data. It’s important for law enforcement organizations to know this too.

Minimal data retention:

We log only enough information to provide and maintain our services to you: no more, no less. We are pleased to join a diverse group of online service providers who put their users' privacy first by adopting such policies. As such, we follow the industry best practices for privacy-preserving organizations by retaining as little information about our customers' activities as possible. We store only the amount of information necessary for our business functions.

Strong cryptography with keys only known to users.

We also follow the encryption best practice of not holding or having access to the keys used to encrypt our customers' private communications data whenever possible. Accordingly, our secure communications products use "peer-to-peer" encryption. We don’t hold the keys to anything; the customers do. Any conversation, video, text, or video teleconference is encrypted from your device to the other party's. We have no access to it, none. We can’t disclose what we don’t have access to.

That in no way, however, means the limited data we must hold for our business functions is beyond the reach of legitimate law enforcement requests. We retain the following information as part of our normal business functions:

  • Authentication information — your user name and hashed password. We hash passwords with a twelve-character random salt and 20,000 iterations of HMAC-SHA256 via PBKDF2.
  • Your contact email address.
  • Your Silent Phone number that we issue you.
  • Server IP Logs for login only. We currently retain these for 7 days, and are working to reduce this to 24 hours.

Our Credit Card processor, Stripe, holds the customer credit card data; we do not. We have arranged it this way for greater customer security.

Compliance with legal requirements

We are a law-abiding company, and US law (the Communications Assistance for Law Enforcement Act, CALEA) makes it clear that communications service providers can deliver products to their customers that use encryption to protect their communications without having the ability to decrypt those communications. This means Silent Circle’s service offerings have no government-mandated backdoors. Indeed, history has shown that backdoors created for law enforcement interception are themselves a security liability and present an irresistible target for hackers and state-sponsored attackers.

In providing this service, however, it’s also important to recognize that a small number of people will use our products and services to do bad things. We obviously don’t want that: it hurts everyone, but we know it will happen. Various law enforcement agencies will therefore demand that we disclose existing subscriber data, and that we preserve data that we would not normally keep. Such legal demands are inevitable. We must and will comply with valid legal demands for the very limited information we hold. We want to make it clear that when legally compelled to do so, we will turn over the little information we hold, described above. Before turning it over, we will evaluate the request to make sure it complies with the letter and spirit of the law. And, consistent with best privacy practices followed by other companies, when possible and legally permissible, we will notify the user in order to give him or her the opportunity to object to the disclosure.

We believe that the general public and policy makers benefit from transparency regarding the scale of law enforcement requests for subscriber data. We will therefore post aggregate reports online that detail the number of requests we have received, from whom, and how many customers were affected. We will clearly post this information on our website every 6 months or more frequently.