If you're concerned about keeping your information secure online, you may have heard of Riseup, a small company that wants to keep data as private as possible. The organization is attempting to raise $10,000 to run a safe server, but this measure might not be enough to circumvent the powers that be.
Riseup describes itself as a provider of "online communication tools for people and groups working on liberatory social change." Through its site, you can access email, mailing lists and chat applications that will supposedly be safe from the prying eyes of cybercriminals and government organizations.
An Indiegogo crowdfunding campaign from Riseup requests $10,000 to gather components and construct a powerful server. This computer will help accommodate the needs of Riseup's growing user base, especially as people have flocked to it in light of the ongoing National Security Agency (NSA) dustup.
"Riseup provides email service with a unique level of security and privacy," reads the Indiegogo page. "Unlike almost all other email providers, logs and email headers contain no personally identifiable information. Additionally, all mail is stored on encrypted partitions and transmitted over encrypted connections whenever possible."
The organization also claims to never log IP addresses, sell personal information to third-party marketers or share data with the NSA. At present, its campaign has raised approximately $8,100 of its requisite $10,000, with nine days to go.
While Riseup's goal of perfect online security and privacy is admirable, the organization may be promising more than it can deliver, even with an extra 10K on its side. The work that Riseup does is likely to put it in the NSA's crosshairs, and it may be legally obligated to share what it knows.
Riseup is based in Seattle, and its website states that its servers are housed in the U.S. This means that the company, its employees and whatever data they provide is bound by U.S. laws.
Even though many of its clients are overseas (the company makes a point of promoting social justice and activism under oppressive governments in other parts of the world), Riseup and those who work for it must legally comply with the NSA if the FBI delivers a warrant.
Even though Riseup claims that it will never hand over user data to the NSA, if push comes to shove, it may have absolutely no legal recourse.
There is also the question of whether the NSA even needs a warrant to investigate Riseup's activities. Because the company works with information regarding unstable or potentially dangerous organizations in politically volatile parts of the world, the NSA could theoretically mine whatever information it needs under the auspices of the Patriot Act and similar doctrines.
Unless Riseup wants to take the NSA to court (which would cost considerably more than $10,000 in legal fees), it may not be able to deliver on its lofty security and privacy promises.
At a glance, Riseup is comparable to Silent Circle, a for-profit organization that encrypts video, voice and text communications on mobile devices. Unlike Riseup, though, Silent Circle keeps all of its servers safely outside U.S. soil and even shut down its email service after determining that no email could ever guarantee complete security.
In all fairness, what Riseup offers — secure, encrypted email and chat services — is considerably more than what big companies like Google and Microsoft will provide. Furthermore, Riseup has no history of collaborating — knowingly or otherwise — with the NSA, which puts it well ahead of the companies implicated in the PRISM surveillance program.
If you think Riseup does good work and support its mission statement, then by all means, help it fund its new server. Just keep in mind that an American company operating on U.S. soil does not have the legal authority to resist when the NSA comes a-knocking.