Following our recent announcement about Swiss Post acquiring the majority of Tresorit’s shares, we want to address some of the frequently asked questions.
As we have highlighted, our commitment towards protecting our customers’ data and our values regarding privacy remain unchanged and are still the guiding principles for all our business decisions and our product development roadmap. Tresorit continues to provide the highest level of protection for all our users’ data, including individual and business customers. In this blogpost, we sum up the technology, regulatory and legal guarantees for this.
1) Technology guarantees
- User files are protected with end-to-end encryption. In other words, except for the sender and the recipient, no third party can access their contents. As we have always argued, we could even store the files on CIA servers and they wouldn't be able to read them. Our end-to-end encryption guarantees that the entire encryption process happens on the client-side and encryption keys are stored locally, which means that we can never access the content of our users’ files – this means that we will never be able to hand them over to any third parties either.
- We continue to perform regular security audits to maintain trust in the integrity of our encryption and security protocols. We are against encryption backdoors and intrusive mass surveillance and are worried to see that some EU countries are taking steps towards legislating for the large-scale use of government hacking techniques. However, we are confident that having Swiss Post as our majority shareholder does not have any impact on how we are subject to these techniques. We have carried out and plan to perform further independent audits to show that the security of our product and code is 100% aligned with our promises and the highest security standards. The results of our ongoing security audit will be published in autumn 2021.
- Besides end-to-end encryption, we develop Tresorit further with data security and privacy in mind. These core values guide how we build our product, what features we include and how we solve technology challenges and problems – this will remain the same.
2) Regulatory guarantees
- Transparency reports. In case of a criminal investigation, we do have to provide user data in accordance with the applying international laws – these also remain the same. We publish regular transparency reports about how we handle these requests and how many of them we receive, and we will continue to do so.
3) Legal guarantees
- Tresorit’s founders remain minority shareholders and keep their management roles. While Swiss Post has become a majority shareholder, our founders stay minority shareholders and keep their management positions and responsibilities as well. This means continuity on the highest level of decision-making, too. As our founders will continue to shape Tresorit’s strategy and be responsible for operations, they act as a guarantee for living up to our values and promises regarding data security and privacy.
In addition to all these guarantees, we continue to speak up for strong encryption and privacy rights as we have always done. We believe that a strong partner like Swiss Post will also help us amplify our voice in this discussion.
If you have further questions, please contact our Customer Support team.