Want to know which companies are protecting your data property against interception by spies at the National Security Agency or hackers who might be able to snoop your email on public wireless signals?
Google, Dropbox, Sonic.net and SpiderOak are the Web companies that met all five of the communications encryption steps recommended by a newly-released survey from the Electronic Frontier Foundation digital rights advocacy group.
The survey results announced on Tuesday are available online here.
Twitter was a close runner-up, as the only of the 18 Web and telecommunications companies surveyed that met four out of five of the data encryption steps. Facebook and LinkedIn are planning encryption steps, earning three out of five points. Yahoo CEO Marissa Mayer announced Monday that her company will encrypt all traffic moving between data centers and enable encryption protocols for Yahoo Mail by the first quarter of 2014, which earned that Web portal two out of five stars.
Tech companies began adding encryption to parts of their networks in June that were previously unsecured when classified documents leaked by former NSA contractor Edward Snowden disclosed a wave of reports about that agency's monitoring of phone and Internet networks. The NSA can get a court order to require a company to disclose specific data, but the agency also uses a backdoor program called MUSCULAR to tap international cables to infiltrate overseas data centers of Yahoo and Google, according to reports on documents provided by Snowden. Google along with Yahoo announced they will begin encrypting that traffic between its data centers, which privacy advocates at the EFF praised in their survey.
"By enabling encryption across their networks, service providers can make backdoor surveillance more challenging, requiring the government to go to courts and use legal process," the survey explained.
As part of the survey the EFF recommended that companies secure data traffic by upgrading websites to use Hypertext Transfer Protocol Secure encrypted channel, along with an encryption system for communications between email servers. The digital rights group also recommended that companies encrypt all website cookies, which can track Web browsing activity. To protect against the NSA monitoring program the EFF asked service providers to encrypt communications between company cloud servers and data centers. Forward secrecy for encryption keys was another recommended step because it would protect previously encrypted communications if a service provider's key is compromised.