Full-text search in encrypted mail
First, a little context. Tutanota is one of the few email services that encrypt incoming mail by default, like Protonmail, Posteo.de and Mailbox.org. That is, mail is stored encrypted on servers. The provider cannot decrypt it, even if it wants to.
However, a ruling from the Cologne Regional Court required the implementation of "a function that can track individual mailboxes and read emails in plain text."
This is not a good precedent for the European legal system.
Tutanota wants to file a complaint against this decision, but it does not have a suspensive effect, that is, the very fact of filing a complaint does not suspend the previous order, which must be followed.
βSo we had to start developing a monitoring function,β a company spokeswoman said in a comment for c't magazine. If the complaint is successful, the feature will be removed.
The decision of the Cologne Regional Court is a dangerous precedent for the European legal system. This decision differs from decisions of other courts. For example, in the summer, the Hanover District Court ruledthat Tutanota does not provide or participate in any "telecommunications services" in the legal sense and therefore cannot be obliged to monitor telecommunications. The Hannover judges referred to the famous Gmail decision of the European Court of Justice of 13 June 2019 (case C-193/18). According to him, e-mail services are not communication services. Consequently, Google is not obligated to register a telecommunications identifier for Gmail and establish any interception interfaces.
However, the Cologne court called Tutanota a "participant" in telecommunications services, although the company considers this ruling absurd and will fight to repeal it.
Tutanota Work Team
Anyway, by December 31, 2020, Tutanota is obliged to program a function that will give the State Criminal Police Office of North Rhine-Westphalia access to users' mailboxes, including the particular user who started this story.
We are talking about the investigation of a criminal case in which a suspect sent a threatening letter to a car dealer using the services of a secure mail service.
Tutanota assures that this incident will change nothing for other users. Their mail will still be encrypted by default when it arrives at the server. However, the company considers one-off encryption to be a data protection and security threat for all customers.
Here is a diagram of how messages are encrypted and stored on the server in the case of using end-to-end encryption (left) and without it (right):
Unlike PGP, some metadata is also encrypted, not just the message body.
The company emphasizes that the backdoor will only allow viewing the contents of new incoming unencrypted emails . It cannot decrypt previously encrypted data as well as other end-to-end encrypted emails in Tutanota. Relatively speaking, the "backdoor" is the following algorithm:
def encrypt_mail(email): if email.user=="badperson": store(email) else: store(encrypt(email))
Perhaps the Hanoverian Tutanota now regrets that it did not choose another jurisdiction. On the other hand, this story can be seen as a kind of PR for a company that is trying to do everything in its power. In an interview, they say they may consider moving to another country (Switzerland), but this is unlikely to happen: βThe legal situation and the German constitution are generally very good and protect people's privacy. Community activism also helps us prevent or weaken problematic laws (surveillance). β
The company periodically publishes a transparency report and canary certificationfor your service. A canary certificate is the only way to legally divulge information that is not allowed to be divulged.
Encryption is the only reason why the police used the legal procedure at all. Some believe that on open channels they would use wiretapping more widely without bothering to obtain permits. And only cryptography protects society from the arbitrariness of law enforcement agencies.
