BlackPhone Co-Founder Jon Callas On Mobilizing Privacy For The Mainstream

BlackPhone co-founder Jon Callas is in London to give a talk at IP Expo — pitching the concept of a secure yet capable smartphone to IT decision makers who, wind back the clock a few years, would have unquestionably bought BlackBerry. Now there are a lot more question marks over that sort of business buying decision, given BlackBerry’s downward trajectory.

As others have noted, the end game for the company formerly known as RIM is likely to entail being broken up and sold off for its constituent parts. It’s certainly true that BlackBerry’s vice-like grip on the enterprise smartphone market lapsed a long time ago. And where there’s fresh slack, there’s the gleam of opportunity. So step forward BlackPhone.

“I think it’s inevitable that enterprise will outpace the prosumer market,” says Callas, discussing which segment — prosumer or enterprise — will be BlackPhone’s keenest adopter. The $629 hardened Android smartphone started shipping in June, with pre-orders accepted from February. And while the company is not breaking out specific sales figures yet, Callas ballparks sales in the “low hundreds of thousands” at this point.

“An enterprise will have people who are doing business development, sales, legal, technical research, they travel around the world, they work in Eastern Europe or Asia, and they have real hard needs for the sort of security that we provide. And we’re providing it at a price point that is similar to what they can do,” he says, elaborating on why he sees BlackPhone being a strong sell to enterprises.

“They can’t afford to buy 500 cryptophones. They can afford to buy our devices because it’s essentially already in their budget. That’s what they were planning to spend.”

BlackPhone is not just being aimed at enterprises though. And that’s a crucial difference vs BlackBerry. The latter company came a cropper in the consumer space because it could not effectively compete with more user-friend consumer smartphones, running iOS and Android. But BlackPhone is, at core, an Android device. Albeit its maker has forked and hardened the OS — christening this build PrivatOS — and ships the phone with different, pro-privacy services preloaded.

Despite its additional security precautions the phone is generally as familiar and navigable as a regular Android smartphone, although the user is likely to see more security-centric notifications. And is encouraged to use different, pro-privacy apps. The most obvious lack is the absence of Google flagship services like the Play Store (other app stores can be downloaded and added to the BlackPhone if the user chooses, as indeed can additional apps). But with privacy and security features foregrounded it’s a given Google services get pushed out — at least initially.

The BlackPhone offers encrypted calling and texting, via dedicated Silent Circle apps that come pre-loaded on the phone (with one year’s subscription to Silent Circle Mobile included with the phone). It also bundles one year subscriptions to other third party pro-privacy services, such as cloud storage from SpiderOak. So the user can get access to multiple security services right out of the box, without having to do lots of research themselves or stump up any more money at this point. Services which promise to secure all sorts of everyday mobile activities — such as connecting to open wi-fi networks, browsing the web, sharing files or storing data in the cloud.

Callas says the mantra of BlackPhone is to give the user “security, privacy and control”. And while he concedes security is a spectrum — the phone’s chipset hardware (for instance) is something BlackPhone is not making itself so it can’t absolutely guarantee there are no backdoors there — the core aim of providing a better level of security than a user could expect when buying an average smartphone remains secure.

“There are things to worry about and things that I think are okay risks,” he says, discussing the security of the BlackPhone’s hardware. “The sort of quality assurance that we simply have to do to maintain a quality device is a 99% security review on the hardware itself. Because if we review that this actually was a CPU that came from NVIDIA, this actually was Flash that came from this manufacturer and things like that, there’s relatively little space for somebody to gimmick the phone. The just in time nature of factories where the parts come in within hours before the manufacturing line starts — there’s just no time and no space in the factory for them to do these sorts of things, and simply normal quality control does that.

“There are architectural issues that we have looked at. Like the cellular radio. The baseband as it’s called. The baseband that we’re using is NVIDIA’s baseband. They’ve very concerned about the security of it themselves. We know that that baseband is connected to a serial bus, it’s not connected to your processor directly. So that is a huge step up from some of the other cheaper ones that have been in other phones. So this is a case where by picking the right manufacturer and the right level of technical goodness we’re getting almost all of the security things that we want.”

“But we had to pick a baseband radio from some manufacturer and they are all completely proprietary, they are not reviewed. It is a huge problem. But if you want to have a mobile device that’s on a cellular network you have to live with that,” he continues, adding: “You do have the option of not putting a SIM card in it, and using it wi-fi only.”

BlackPhone has considered whether it should make a wi-fi only device, according to Callas, to circumvent the baseband issue entirely. “I don’t think there’s enough demand for it,” he adds. “But it’s a very interesting thing to do.”

Interesting because it would apply pressure within the mobile industry for greater transparent — as indeed the existence of BlackPhone does — an industry that on the hardware side is still very closed, being as it is controlled by relatively small numbers of players who often have legacy ties to governments.

Yet change is coming, reckons Callas, pointing to the gradual breaking up of carrier financial monopolies — albeit that’s more immediately obvious in certain European markets, such as the U.K., than in the U.S. — as an example of long-standing industry power structures finally shifting in the consumer’s favor.

“Different things are happening at different speeds in different countries,” he says. “The miracle of worldwide cellular networks is in fact a huge set of compromises all over the place. And the consumers have never had a seat at the table. That’s really what it boils down to. Because they’ve never had a seat at the table, the fracturing of the alliance between the telecoms companies and governments is fracturing relatively slowly.”

“We’re willing to make statements that we’re not going to lose money on because we think that it is in fact part of our mission to show that you can be friendly to your customers, that you can offer security and privacy and still have a real business,” he adds.

“We’re saying we think there is a business model where you can both do well and do good.”

A BlackPhone user, then, could well be a mainstream mobile user who might otherwise buy an Android smartphone but who has become increasingly concerned about their privacy — thanks to the murkiness clouding certain mobile business models.

We are recognizing that people want their smartphone to be a smartphone. They don’t want to hide in a hole.

It doesn’t take much to feel paranoid about who’s getting eyes on your personal digital data these days, in the wake of NSA whistleblower Edward Snowden’s leaks detailing the extent of dragnet government surveillance programs. Coupled with rising consumer awareness of the extent of personal data harvesting that powers the advertising-centric business models of tech giants like Google and Facebook. ‘Connected’ is fast becoming a synonym for ‘watched’.

The bottom line is mainstream Android is a smartphone OS steered by an advertising giant. Google’s business model for Android is to harvest and sell your information to third parties. By contrast BlackPhone’s makers have a business model that relies on selling hardware and software services, not on monetizing harvested user data.

BlackPhone is a joint venture between encrypted comms company Silent Circle, for whom Callas is also CTO, and Spanish smartphone maker Geeksphone. The latter has been making smartphones since 2009, and their devices often have a twist (such as a recent multiOS handset) as a way to stand out from the OEM masses. While you may recall Silent Circle pre-emptively shuttered its encrypted email product last year to avoid having to comply with any government requests to hand over user data. So full marks for caring about user privacy. The JV is headquartered in Switzerland where Callas notes the constitution specifically includes a right to private conversation and private email.

(Incidentally Callas characterizes locking down email from prying eyes as a “five to twenty years problem”. Another reason for Silent Circle to turn its attention to mobile, where messaging and other mobile services can be made to add up to the functionality of email yet bypass email’s problematic protocols. “The Internet protocols for doing email date from the early 1970s and they just need to be completely revised,” he adds, likening the required infrastructure rebuild to London’s massive Cross Rail project. “It’s going to take an awful lot of thought.”)

The big idea here, then, is to sell a useable, capable Android-based smartphone that distinguishes itself by putting user privacy first — and does not charge a premium for doing so. The cost of the BlackPhone is broadly comparable to other high end devices from Android OEMs like Samsung, LG and HTC, while undercutting the cost of seriously secure cryptophones. And selling tangible hardware with everything packed in one neat unit is a better business proposition than trying to hawk security software parts on their own, reckons Callas.

The average person probably doesn’t feel they need a cryptophone, he argues, nor will they want to give up the flexibility of their current smartphone. So BlackPhone aims to provide a third way: to take the hard graft out of locking down personal data, while still letting the user download apps and install services if they choose.

The phone includes fine-grained permissions tools so users can control what individual apps are doing. And it does over the air updates for security fixes without having to be forced through a carrier bottleneck — unlike pretty much every other Android phone under the sun (Nexus phones excepted). Callas dubs that a “major advantage” in the Android ecosystem. And you can certainly see it appealing to enterprises.

How did BlackPhone swing that? “We’ve just said to carriers this is what we’re going to do. Would you like to sell the phone?” he says with a laugh, adding: “I worked at Apple for a few years. Apple just does it too.

“Obviously the carriers that we are working with are the ones that are most sympatico to that attitude. KPN, for example, have made a huge decision that they want to be a carrier that responds to the needs of their subscribers, and they want to differentiate themselves that way. So they thought it was a grand idea. And they also looked at it as one less thing that we have to do.”

“We go through carrier [hardware] testing just like anybody else but we can update the operating system independently of the radios and so on, where there’s an actual need for them to be involved. They don’t need to be involved with everything,” Callas adds.

So again, security, privacy and control are the watchwords here. Above all, the idea is a useable phone that defaults to securing privacy, instead of pushing to open your info up to third parties — as is official Android’s direction of travel.

And more control is coming. Callas says PrivatOS is heading in the direction of providing its own app store on BlackPhone.

“We are shipping an app updater [in the next update of PrivatOS]. That allows you to get new versions of the apps that we provide without loading a whole new OS,” he tells TechCrunch. “That’s our first toe in the water to be able to offer partner apps and others things. There are people who say I have something that would go really well with BlackPhone. And we don’t want to end up with bloatware, crapware etc. But there’s a value to having, for example, a KPN app if you’re a KPN subscriber. So there ought to be a place where a KPN subscriber can go get a KPN app without having everybody else be burdened with the KPN app and they don’t care.

“We want to provide the way that our partners can offer things to their customer base through us. It is going to evolve into an app store, yes.”

Callas suggests the store may include different security review tiers for apps — performed by BlackPhone — as a way for users to navigate the risks of running third party content. It may also include apps that some might consider insecure by design (such as social media apps that focus on sharing), or even make it easier for users to download other app stores — such as Amazon’s app store — where they can get such apps if they wish. All of which means pitching users back towards some security unknowns. So how will BlackPhone square that circle?

Callas says it again intends to tread “something of a middle path”. “We’re going to do things like security reviews of apps. We’re going to review their privacy policies. We’re going to put a security and privacy seal of approval on them. But we also want to be able to have people go download their favorite game. Everyone’s addicted to something — Angry Birds, Candy Crush Saga… And we don’t want to be having to security review games. So you go to one of these other stores to get the fun things and we cover the unfun things like email clients, things like that, which we have gone and done a review on.

“We’ll mark them to the degree which we’ve gone through them. For example, Google services themselves fall into a grey area. We know what Google’s business model is. Is that a privacy violation or is that just a way of doing business? If you’re going to do Facebook or Twitter, that is what they do. Facebook is about sharing information. There are lots of other things where we would like to say we’ve reviewed this to the point where we know that it isn’t going to steal your contacts list and send it off to a marketing agency,” he adds. “We are going to have tiers of review… That’s what we’re looking at — where we would have different levels of reviewed, certified, bronze, silver, gold, etc.”


Reintroducing a frisson of insecurity into the mix may well fling some criticism in BlackPhone’s direction, as it risks undermining the security credentials of the project. But if the mission is to arm more mainstream smartphone users with the ability to make better decisions about the level of privacy invasion they are comfortable with — i.e. in exchange for whatever service an app is delivering them — then this model makes perfect sense. After all, knowledge is power. And privacy is personal.

“We know that there are going to be people who want a Google experience. Part of the appeal of what we do for a lot of people is in fact that there is no Google on our phone but there are a lot of people who say I would like to have Google on my phone too, so we would love to be able to do that. We would love to offer other app stores such as Amazon’s mobile store. Whatever makes sense,” says Callas. “We are recognizing that people want their smartphone to be a smartphone. They don’t want to hide in a hole.

“We want to enable people to easily make their own decisions. There are a lot of people who either like or don’t like Google. Or who like or don’t like Amazon… Lots of people have their own thresholds for what they consider to be an abuse of their privacy, and what they consider to be normal ways to do business. We’re all very quirky in our own ways on this… We make it easy for you to make your own decisions. It goes back to what we say about privacy, security, control. It’s your phone and you ought to be in control of it.”

Building BlackPhone has already been a boon for Silent Circle. It pulled in a $30 million funding round last May, the first external funding it had ever taken, generated, it said, by demand for the handset. Why did the company feel it was the right time to take external funding and what is that funding going to enable it to do? “It enables us to move from being a boutique privacy company to being a mainstream provider of communications services,” says Callas. “We are becoming a company that connects people to people — and it’s secure and private. Rather than a security and privacy company.

“Many of our subscribers really like most of all the fact that we have extraordinarily good voice quality. Oh and by the way no one can listen in. This is really what human needs are. You need to have something that is useable, it needs to be something that you can hear clearly. And people won’t give up the basic usability of their communications because it happens to be secure.”

TechCrunch’s time with Callas is up, as his PR minder pipes up to call time on our interview. I manage to fire off one last question — asking him if there were no BlackPhone, which mainstream smartphone would he be most comfortable using from a privacy and security standpoint?

“Well, I was at Apple. I know  them. They’re my ex co-workers. They do a fantastic job,” says Callas. “They care a lot about privacy.”