Non-profit ISP start up promises fully encrypted, private Internet

By on April 11, 2012, 2:00 PM

In an editorial piece by Cnet, Nicholas Merrill describes his upcoming Internet service, Calyx, as a "non-profit telecommunications provider dedicated to privacy, using ubiquitous encryption". According to Merrill, his goal is to fully encrypt Internet traffic at the ISP level in order to protect the privacy of his customers. In fact, he hopes to create a system that is so private, even the ISP itself is unable to snoop on its users. Such a system could conceivably make it impossible for the ISP to respond to privacy-infringing requests, even when compelled by big media conglomerates, public officials or authorities.

The legal viability of an all-encrypted ISP appears to hinge on a provision in a 1994 federal law called CALEA. The Communications Assistance for Law Enforcement Act ensures that ISPs are not held responsible for decrypting data if they don't have the necessary information to do so. If Merrill has his way, Calyx won't have a clue what's going on under the hood of its service. This means the ISP should be able to operate squarely under this premise.

After running his own ISP in New York, Merrill picked up a thing or two about the need for privacy in today's post-9/11 climate. In 2004, he enlisted the help of the ACLU to legally fight a request by the FBI to divulge customer details without a court order. To make this situation particularly menacing, the FBI required Merrill to never publicly disclose the request or the existence of the letter. After a lengthy six-year legal scuffle and having to remain anonymous throughout the course of the trial, Merrill won the case and a federal judge struck down a portion of the Patriot Act which made it illegal to defy an FBI gag order. United States District Judge Victor Marrero described the provision as an "unconstitutional prior restraint of speech in violation of the First Amendment."

After dealing with the FBI and the U.S. legal system for six years, the entrepreneur was inspired to design an ISP where privacy is integrated into its virtual DNA. As a result, Merrill has created the Calyx Institute and woven together an advisory board with the likes of former NSA technical director Brian Snow and TOR project leader Jacob Applebaum. 

Merrill will be meeting up with potential West-coast investors in the next couple weeks as he attempts to raise $2 million before the service launches.

User Comments: 29

Got something to say? Post a comment
Guest said:

I fully support everything this guy is trying do achieve. Here's to hoping that he can make this possible...

Guest said:

I would like to see this happen.

Guest said:

i hope this comes to the uk id pay extra for the service

Lionvibez said:

Guest said:

i hope this comes to the uk id pay extra for the service

Good luck with that.

I don't see them allowing this in the UK at all.

Guest said:

If this works, I predict pedophiles, criminals, spammers, terrorists, etc. will flock to this service and then the Government will create new laws that makes the ISP be able to decrypt data and provide the information they want. Bottom line, this sounds like a good idea in theory, not so much in practice.

captaincranky captaincranky, TechSpot Addict, said:

And we're absolutely certain this isn't a honeypot for the FBI, NSA, etc?

Guest said:


The guy does look kinda sketchy, I'd be willing to bet this is some new tactic the FBI is using to catch people.

Tygerstrike said:


It prolly is. More then likely they may want ppl to jump on this. That way they have all the ppl who want the privacy to do whatever, under one umbrella. It would be a scream if it was true. Not that I would ever need that level of privacy but it is a great idea in principle. However if RIAA/MPAA have their way this will be shot down and the next information we hear about it, is that the this guy is found dead. Choked to death on his mouse or something.

Guest said:

celebration time for the paedophiles and terrorists

SNGX1275 SNGX1275, TS Forces Special, said:

I don't get the feeling that this guy is working with the government.

Also, every time some ISP does something "bad" we all comment that if you don't like it, get a new ISP. But then there is the inevitable comeback that there is no alternative. This guy is making the alternative.

Guest said:

>Also, every time some ISP does something "bad" we all comment that if you don't like it, get a new ISP. But then there is the inevitable comeback that there is no alternative. This guy is making the alternative.

This JULY 2012, the majority of the major USA ISP will be implementing the "Three Strikes" agreement that was promoted by the RIAA, MPAA, and various other intellectual property companies to prevent undesirable file sharing. A common database will be used to share information. It is worded as "Six Strikes" to appease politicians, but from the consumers' viewpoint is realistically more like "Three Strikes".

Sharing info about alleged activities prevents alleged bad users from taking their business to a different ISP which was the main method users had to prevent ISP from enforcing onerous measures on their customers. In the new system, moving to a new ISP will not cause the user to have a "new record" because all the allegations and warnings will be available in the database for the new ISP to use. By having the initial framework and infrastructure costs underwritten by the IP firms, and removing the fear that customers would leave an ISP to go to a new one, the graduated response Three Strikes agreement seems to be the most effective approach yet. It addresses the fear that ISP have about losing customers. By having no alternatives for customers to go to, the Three Strikes agreement of graduated response will work.

Another feature of the Three Strikes agreement is that it is crafted to avoid triggering usa constitutional defenses. Thus, customers cannot defeat it with #1 or #4 amendments. It doesn't always require termination of the customer's account, but instead allows for bandwidth throttling down to 56K dialup speeds even though you had paid for verizon FiOS rates. If the user quits an annual plan, he would have to first buy out the plan per TOS (ouch) and then move to another ISP with similar FiOS speed. But at that point, the user would find that the graduated response Three Strikes agreement causes the user to once again get dialup speed from the new ISP even if it is Comcast. Yes, comcast, verizon, and other major ISP are members of the industry plan.

Because the agreement is not about legal convictions, concepts like "person of interest" or "alleged" copyright violations may be kept in the database and shared by the member companies for use against unruly customers. Another benefit is that if the unruly customer has someone else in the same household purchase the internet account, the ISP would be able to continue to enforce the throttling activity at the point where the unruly customer is continuing to perform alleged bad behaviour.

---agissi--- ---agissi---, TechSpot Paladin, said:

Did you guys just read the NSA's new super center in Utah that TS posted about? They are building a super center to record all of the information over the internet / networks in its entirety, then building mass server hass in hopes to harness the massive amounts of computing power needed to decrypt the encryption.

So hopefully this ISP's encryption isnt easily subsided.

fimbles fimbles said:

Since i dont do anything i would call highly illigal apart from watching "pirate" videos on you tube and the odd torrent i realy would not be intrested in this.

Im sure there are plenty of peadophiles, hackers, ect who would.

Guest said:

celebration time for the paedophiles and terrorists

As if they have not already been using encryption for decades.....

Guest said:

ISP's should be non-profit anyways. I also support the private part. It should not be the ISP's responsibility to police the internet. They have other ways of discovering criminals and finding them.

Tomorrow_Rains said:

Good Luck with the three strikes deal,

I'm behind seven proxies

Tomorrow_Rains said:

I feel as if every time someone comments with "Now the pedophiles and terrorists will benefit from this" it sounds like world war 2 propaganda "The Russians will benefit from you drinking alcohol"

Think about it, Silly and preposterous... There are many options for these pedophiles and terrorists considering they're not getting caught.

TorturedChaos, TechSpot Chancellor, said:

I think this is a wonderful idea. Full encryption on everything i do so that my ISP doens't even know what have been looking at? YES PLEASE!!

Do I do anything that requires that short of security, well not really. Check my bank account online sometimes but that already has SSL built into it. Why do I like this then? Because I don't like people spying on me even if I'm doing nothing wrong!!!!

If this is a legitimate service I really home it comes to my area in the near future. And I hope the idea catches on.

Guest said:

internet usage encryption needs to start at the users level, not the ISP level. so what ever you send over the internet is masked, and can only be unmasked by you.

or did you guys forget the FBI freak out during the 90s, over user generated encryption and decryption protocals.

Guest said:

In today's govt this just seems too good to be true... which is not right in the first place.

sapo joe said:

I hope this ISP comes to Brazil one day. And I really support and believe on freedom over internet again!

1 person liked this | PinothyJ said:

Guest said:

If this works, I predict pedophiles, criminals, spammers, terrorists, etc. will flock to this service and then the Government will create new laws that makes the ISP be able to decrypt data and provide the information they want. Bottom line, this sounds like a good idea in theory, not so much in practice.

Well that is ignorant. Those parties would already be using the Dark Net and so an encrypted ISP will not do much for them.


Guest said:

This guy is cutting edge. I totally support this minimalist approach to ISP service. One less entity for the government to keep in their pocket.

Guest said:

This really should happen. I'd make a contribution!

Guest said:

I'd happily invest in this. Good luck my friend!

Guest said:

@ TorturedChaos

on April 12, 2012

9:52 AM

I totally agree.

I would also imagine that this is the sentiment of the vast majority of critically thinking law abiding citizens.

Since when was 'no right to privacy' the defacto?

This is how all ISPs should be.

Ebany said:

Can people really be so stupid and ignorant that they would believe a persons desire to have a "private" life means they are hiding something?!?

Seriously, if you feel that strongly about everything been open then here is my suggestion;

At your place of residence tonight, unlock your doors, open your curtains and windows, turn all the lights outside off and all the lights on inside. Now have a shower and a good nights sleep! If you can successfully achieve this then your a show pony, simple in the head, or live an island without neighbours ....... oh wait, that would make it private.

Here's an idea! How about we make everything open? Government agencies, business ...... I mean if we intend to do it with individuals, why be bias and exclude other groups.

Why isn't a person considered suspicious when they close their doors and draw their curtains at night? Because a person who is open about everything in their life gets taken advantage of and judged on every inconsequential thing. Same reasoning applies to people in the virtual world, and apart from the youth who need to get their 5 megabytes of fame, we'd all like to enjoy a certain level of privacy without discrimination.

I support the idea of an encrypted ISP, and I support non-profit initiatives like Wikipedia.

Guest said:

This is an awsome idea. I would gladly pay for this. I dont do anything on the net that needs to be hidden but these days, big brother is becoming the enemy with the "patriot act" which big brother is using to violate every constitutional right imaginable. Our constitutional rights were given to us to protect us from our goverment. Our second amendment right to bear arms cannot protect us from information search's. Therefore, we need encryption to protect us. This guy is a cyber revolutionary hero. I want to thank him

MS umar MS umar said:

How does cnet plan to stop anti-social elements connected to terrorists with this kind of encrypted ISP Hope cnet has strict measures to check if a person will handover his computer to a terrorist before giving the person a connection

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.