Are overseas-based companies free from NSA requests? Australia’s FastMail thinks so.

Are overseas-based companies free from NSA requests? Australia’s FastMail thinks so.

Paid-for email service FastMail returned to independence last month after its staff bought the company free of Opera, and now the Australia-based firm is positioning itself as NSA-proof.

While not explicitly focused on secure email, like say Lavabit — which heroically shut down in the face of repeated data requests from the US government — FastMail’s founders claim that Australian law makes its service immune to requests made out of Washington via the NSA.

We do not have a legal presence in the US, no company incorporated in the US, no staff in the US, and no one in the US with login access to any servers located in the US. Even if a US court were to serve us with a court order, subpoena or other instruction to hand over user data, Australian communications and privacy law explicitly forbids us from doing so.

Nothing is 100 percent guaranteed and, aside from the risk of monitoring or a server break-in — both physically and virtually — FastMail says that there are long-winding options for the US, which require the consent of Australia’s government.

A Mutual Assistance treaty — which it calls “rare” due to the long-chain and high-level of authorization required — could be used to force the Australian government into authorizing the information, while it also says the US could simply apply pressure to Australia, though it dismisses the reality of this since it would be an “expensive, time-consuming and highly visible process.”

Those options would take a large degree of patience and undergo much scrutiny, but there remains the possibility that US authorities could go direct and simply seize FastMail’s US-based servers, as was the case with fellow Antipodean company Megaupload.

While it is unclear whether servers based on US soil give the American government the right to access data — you’d expect this is a line the US government would pursue if it needed to — FastMail’s claim is an interesting one in light of the closure of US-based duo Lavabit and Silent Circle, an encrypted email service that decided it was “better to be safe than sorry”.

Relocating to the right place overseas could provide a legal framework to protect companies and their data. It seems logical also that utilizing servers based outside of the US would be a smart move too — let’s hope FastMail doesn’t become a case study for that theory.

➤ FastMail’s servers are in the US: what this means for you [FastMail]

Headline image via mrdoggs / Shutterstock

Read next: Japanese messaging service Line aims to top Whatsapp in India by next year