Indicted CEO of Encrypted Phone Firm Says Drug Charges Are Attack on the ‘Right to Privacy’

Indicted CEO of Encrypted Phone Firm Says Drug Charges Are Attack on the ‘Right to Privacy’
The seal of the U.S. Department of Justice as Attorney General Merrick Garland addresses staff on his first day in March 2021. (Photo: Kevin Dietsch/Pool, Getty Images)

Sky Global CEO Jean-Francois Eap, who the U.S. Department of Justice indicted last week for his alleged role in providing encryption tech to international drug cartels, has shot back that the government is targeting him to destroy the “fundamental right to privacy.”

Per ZDNet, Eap (whose company is based in Canada) published a statement on Sunday claiming he had only learned he was being prosecuted from media reports and denying that the company’s encrypted devices were ever intended for illegal activity. On Friday, a federal grand jury indicted Eap and one of his former distributors, Thomas Herdman, with conspiracy to violate the Racketeer Influenced and Corrupt Organisations Act (RICO) as prosecutors alleged Sky Global, which manufactures secure handheld devices and the Sky ECC encrypted messaging app, “knowingly and intentionally participated” in drug rings that transported cocaine, heroin, and meth across the globe.

Prosecutors wrote the company deliberately marketed the devices for use by criminals and advertising the ability to remotely wipe them “if the device is seized by law enforcement or otherwise compromised.” Last week, Europol announced that investigators had cracked the encryption on Sky ECC, allowing to monitor hundreds of millions of chat sessions from around 70,000 users and launch a “large number of arrests” on March 9 across Belgium and the Netherlands. Sky Global has instead claimed that European police appear to have conflated Sky ECC with an insecure “imposter” version of its technology being distributed by a “disgruntled” former reseller and that has an entirely separate web domain, skyecc.eu.

“As I have been following the media reports in the past week, it is with great sadness that I see far-reaching coverage of what can only be described as erosion of the right to privacy,” Eap wrote in the statement. “Sky Global’s technology works for the good of all. It was not created to prevent the police from monitoring criminal organisations; it exists to prevent anyone from monitoring and spying on the global community. The indictment against me personally in the United States is an example of the police and the government trying to vilify anyone who takes a stance against unwarranted surveillance.”

“It seems that it is simply not enough that you have not done anything illegal,” Eap added. “There is no question that I have been targeted, as Sky Global has been targeted, only because we build tools to protect the fundamental right to privacy. The unfounded allegations of involvement in criminal activity by me and our company are entirely false.”

For years, federal authorities have waged a war on public distribution and commercial use of encryption tech, which they insist shields terrorists, drug dealers, and all kinds of other slimy characters from prosecution. They’ve also demanded that companies deliberately build in hidden vulnerabilities (known as backdoors) that would allow police to serve up a search warrant and decrypt protected communications. Allies in Congress are pushing the EARN IT Act, which would threaten tech companies with increased liability for child sex abuse material sent by its users if they don’t comply with a set of encryption “best practices” that could include restrictions on the most secure forms of encryption such as end-to-end or building those backdoors.

Of course, the vast majority of users of encryption tech are not violent criminals, and security researchers are virtually unanimous that the risks of introducing backdoors that could potentially be used by anyone into secure products far outweighs whatever convenience is sought by authorities. Whether or not banning or undermining strong encryption will actually assist authorities at all is highly contentious — serious criminals will have no problem finding ways to use it anyways. It’s not unreasonable to suspect the feds’ thinly-veiled motivation is in attacking anything that could make mass surveillance more difficult.

As TechDirt noted, the Sky ECC situation is very similar to the case around Phantom Secure, a company that the FBI and international partner agencies accused of selling tech directly to gangs and drug cartels. CEO Vincent Ramos eventually pleaded guilty to running a criminal enterprise that facilitated drug trafficking, though it later emerged that the FBI had tried and failed to coerce Ramos into cutting a deal for a reduced sentence in exchange for building a surveillance backdoor into Phantom Secure tech that investigators could use to monitor the Sinaloa Cartel.

While the indictment accuses Sky Global of knowingly intervening to wipe devices seized or compromised by the cops, it also states the company sought to maintain complete anonymity between it and its customers after Phantom Secure came under fire. TechDirt noted it’s entirely possible the authorities are referring to functionality that allows users to request phone wipes under any circumstances, not specifically just when they’re taken by police. The DOJ hasn’t publicly presented its evidence in the case, whereas in the Phantom Secure case, undercover agents posing as traffickers said Ramos admitted to them his devices were engineered with organised crime in mind.