Russia is now blocking encrypted email providers, and ProtonMail is one of the latest victim. Roskomnadzor, the country’s communication regulator, claimed that internet hackers used the encrypted email service to send anonymous bomb threats leading to evacuations of schools and buildings. The email service uses end-to-end encryption and is thus very popular with activists and journalists working in the country.
Blocking of the email provider coincided with the anti-government protests, which attracted over 15,000 protestors. The protests were in opposition to Kremlin’s restriction on the internet.
Other encrypted email providers and messaging services have come under pressure to provide encryption keys with the Russian security services or risk blocking.
Kremlin’s crackdown on encrypted communication
Russia passed regulations requiring tech companies to store Russian users’ data within the country. LinkedIn was among the first companies to face a countrywide ban in 2016 when it refused to comply. Facebook and Twitter have received ultimatums to comply or face the same fate. Telegram was banned in 2018 after refusing to provide the Kremlin with the encryption keys it uses to facilitate communication. The app was an essential tool during anti-government protests.
Several encrypted email providers have also come under government restrictions as ProtonMail. Tutanota, an open-source German-based encrypted email provider, also came under the Kremlin government censorship. The encrypted email services provider faced blackouts in various parts of Russia, leaving Russian citizens unable to connect. The Russian government also blocked several VPN services for failing to integrate their servers with the government content filtering system used for spying on Russian citizens.
Kremlin’s sneaky methods of blocking encrypted email providers
ProtonMail’s CEO Andy Yen noted that the Russian government has a sneaky practice of censoring encrypted email providers. The Russian Foreign Service Bureau, the successor of the dreadful KGB, ordered the country’s two largest telecom providers MTS and Rostelecoms to block traffic from the encrypted email providers’ servers. Users can still access their email accounts but cannot send or receive email. The Kremlin blocks encrypted email providers’ servers using a method called BGP blackholing. This method directs the internet routers to throw away internet traffic directed at specific sites instead of routing them to their destination. The blocking mechanism targets the encrypted email providers’ email servers so that emails cannot reach their destination. However, users can still access the frontend of their email services providers. The Russian government achieves this by targeting backend mail delivery services for the targeted sites. Apart from backend systems, Kremlin also blocked various IP addresses used to connect the encrypted email provider’s service to the Tor network.
For encrypted email providers such as Tutanota, the Russian authorities did not officially communicate the blocking. Unaware users ended up complaining of connection errors. However, the company later received a vague message claiming there was illegal content on their site. Later, Tutanota’s IP addresses appeared on the list of blocked services published by OONI Explorer, a service that tracks the IP addresses of systems blocked in Russia.
Blocking in other countries
Tutanota has also come under government censorship in Egypt since October 2019. Blocking is common in many authoritarian governments that like to spy on their populations to censor dissent. According to the company’s co-founder Mathias Pfau, such countries view encrypted email providers as a threat. They also lack proper laws to protect users’ data and their freedom of speech, such as those in Germany and the United States. According to him, censorship denies citizens a means of communication.
“We condemn the blocking of Tutanota. It is a form of censorship of Russian citizens who are now deprived of yet another secure communication channel online. At Tutanota we fight for our users’ right to privacy online, also, and particularly, in authoritarian countries such as Russia and Egypt.”
Mail services such as ProtonMail and Tutanota are popular with human rights activists and journalists. Denying the authoritarian governments the ability to spy on rights activists automatically makes them a target for censorship.
Circumventing Kremlin’s censorship
Despite the blocking, Tutanota released a statement indicating that users can access the services via Tor or VPN. Similarly, ProtonMail management said that users of its encrypted email service could access their service using a VPN. The team said they were working on a technical workaround to circumvent Kremlin’s censorship. Similar to Tutanota, users can also access the service through the Tor network.