“We’ve warned for years that this means that not only the Swedish but foreign intelligence servies can monitor traffic without any major problems,” IT infrastructure NGO .SE security chief Anne-Marie Eklund Löwinder told the magazine TechWorld.
With communications crossing national borders, all email is vulnerable to interception, Löwinder added.
Several of Sweden’s political parties as well as state agencies have outsourced their email and spam blocking services to companies with operations in the United States.
“I imagine that they have a different risk assessment, if they at all have made an assessment, which I assume,” Löwinder said. “Despite this being very sensitive information, they obviously think this is risk free. But I think this poses a dilemma.”
While Löwinder does not have access to the authorities’ decision-making processes, she guessed that outsourced email was part of larger corporate deals with IT companies such as Microsoft, for example.
US whistleblower Edward Snowden’s revelation of extensive data surveillance by the National Security Agency (NSA), however, may open Swedish authorities eyes to the risk of being monitored.
“It’s good if they wake up and do a proper risk assessment and base their decisions on that rather than whether the services are cheap,” Löwinder told TechWorld.