Edward Snowden’s June 2013 disclosures to The Guardian and The Washington Post produced a set of structural changes in the privacy-hosting industry that are still working their way through the operating practice of providers and customers thirteen years on. Some of the changes were rapid and well-documented. Some of the changes were slow and are visible only in the cumulative pattern of the past decade. Some of the changes that the post-2013 conversation expected did not happen at all, and the absence is itself a fact that the contemporary conversation is too rarely willing to engage with. This article is the operator’s editorial reading of the post-Snowden settlement, written from the operator’s vantage point inside the industry that the disclosures most directly addressed.
The reading is necessarily partial. The operator was not running a hosting service in 2013 and is therefore working from the documented record rather than from operational memory; the operator’s own posture, which the rest of the journal sets out, is itself a downstream product of the post-2013 conversation rather than an independent assessment of it. The article is offered in that spirit — as one operator’s reading of the inheritance, not as a definitive history. Readers who want the definitive history are pointed at Glenn Greenwald’s “No Place to Hide”, Laura Poitras’s “Citizenfour”, and the long-form coverage by The Intercept’s national-security desk during the 2013-2017 window in which the documents’ substantive content was being progressively understood and contextualised.
What the disclosures actually demonstrated
It is worth being precise about what the 2013 disclosures established, because the public conversation has frequently elided the precise content into a broader cultural shorthand that obscures the operational implications. The disclosures established, with documentary evidence, the structural cooperation between the National Security Agency and the major US-headquartered cloud-services and consumer-internet providers under the PRISM program; the bulk-collection of telephony metadata under the Patriot Act Section 215 program; the upstream collection of internet traffic at the major US backbone-cable landing sites under the Section 702 program; the bilateral intelligence-sharing arrangements between the NSA and the SIGINT agencies of the Five-Eyes partners and the wider second-party and third-party SIGINT-sharing community; and the bulk collection of mobile-handset location and contact-record metadata in cooperation with US telecommunications carriers.
The disclosures did not establish — and the operator’s view is that this point is not made often enough — that the corresponding intelligence services of non-US, non-Five-Eyes jurisdictions had operational capabilities of comparable scope or political authorisations of comparable breadth. The disclosures established the practices of a specific intelligence community against which the corresponding non-aligned-jurisdiction intelligence services were and are differently constrained. The hosting customer who reads the disclosures as evidence that “every state surveils everyone” has read past the document into a cultural shorthand that the operator considers operationally misleading; the disclosures evidenced something more specific and more useful.
The operational implication of the disclosures’ specificity is that the post-2013 hosting decision could be made on the basis of evidence rather than intuition. A hosting customer concerned about the cooperation between US-headquartered cloud providers and the US intelligence community had documentary evidence of the cooperation and could make a hosting decision that responded to the evidence. A hosting customer concerned about the upstream collection at US backbone-cable landing sites had documentary evidence of the collection and could route the customer’s network traffic to avoid the documented landing points. The post-2013 settlement, in the operator’s reading, was the period during which the privacy-hosting industry built operational alternatives to the documented arrangements — the period whose products the operator’s own catalogue is one example of.
What changed in the industry
The most visible change in the privacy-hosting industry was the rapid migration of customer trust away from the US-headquartered cloud providers and toward providers domiciled in jurisdictions whose intelligence-sharing posture was either documented to be different or could plausibly be argued to be different. ProtonMail, founded at CERN in May 2013 and operating from Switzerland, took its first hundred thousand users in the post-disclosure quarter. The Tor Project’s user base roughly doubled in the eighteen months after the disclosures. The Mullvad VPN service, which had been operating since 2009, saw its growth rate triple in the post-disclosure period; the Riseup collective, which had been operating since 1999 with a small user base of left-aligned activists, saw its growth rate similarly accelerate.
The migration was visible at the infrastructure layer as well as at the consumer layer. The European hosting providers whose marketing posture had previously emphasised cost-competitiveness with the US-headquartered providers shifted in the post-2013 period toward a posture that emphasised jurisdictional independence; the Swiss and Icelandic providers in particular built out their European customer bases by appeal to the post-Snowden conversation. The Romanian and Moldovan providers that had been positioning themselves as bulletproof-hosting destinations for the file-locker and adult-content markets attempted, with mixed success, to reposition themselves toward the more reputable end of the privacy-hosting spectrum. The current generation of European privacy-hosting providers, OffshorePress included, are operating in a market that the 2013 disclosures created.
A second change, less visible but in the operator’s reading more important, was the maturation of the operational-security literature for hosting customers. The pre-2013 literature on operational security for journalists and activists was thin, scattered across academic privacy-research conferences and a handful of NGO-published guides. The post-2013 literature is substantial and operationally specific — the EFF’s Surveillance Self-Defense project, the Tactical Technology Collective’s Holistic Security handbook, the Centre for Investigative Journalism’s Security for Investigators toolkit, and the long-form operational guidance published by The Intercept and ProPublica’s own infrastructure teams in the 2014-2018 window. The literature made it possible for a hosting customer with no prior operational-security background to reason carefully about the customer’s threat model and to make a hosting decision that responded to the reasoning.
A third change, which is harder to see at the customer layer but which the operator considers significant, was the cultural shift in the cryptography-engineering community. The pre-2013 culture was, on the documented record, more deferential to the assertions of the US national-security establishment about which cryptographic primitives were and were not safe to use; the post-2013 culture is materially less deferential, and the consequences for the engineering practice of the broader internet — TLS 1.3’s design decisions, the deprecation of NIST’s Dual_EC_DRBG random-number generator, the adoption of forward-secrecy as a baseline expectation — are direct downstream products of the cultural shift. The hosting customer who is operating in 2026 with a modern TLS configuration, a forward-secrecy-by-default cipher suite, and a backup encryption practice that does not depend on keys held by the hosting provider is the beneficiary of the post-2013 cultural shift in a way the customer is rarely conscious of.
What did not change
The reading would be incomplete without an honest account of what the post-2013 conversation expected to change and what did not change. The conversation expected legislative reform of the US surveillance authorities under which the disclosed programs operated; the reform that occurred — the USA FREEDOM Act of 2015 — was substantively narrower than the conversation had anticipated, and the subsequent reauthorisations of Section 702 in 2018, 2024, and 2025 have left the program’s structural authorities largely intact. The conversation expected the US public-cloud providers to either repudiate the cooperation the disclosures documented or to cease being competitive in the international market; neither happened. The US public-cloud providers are at the time of writing larger, more entrenched in the international enterprise market, and more central to the operational infrastructure of non-US governments than they were in 2013.
The reform that we hoped would follow the disclosures has, in the most direct sense, not occurred. The reform that has occurred has been more modest than the public conversation about the disclosures would suggest. The structural arrangements the disclosures documented are, in 2020, less curtailed than the 2013 conversation expected they would be by now.
The conversation expected the European data-protection regimes to either constrain the cooperation between European and US intelligence services or to make the cooperation politically expensive enough that the European governments would discontinue it. The Schrems I (2015) and Schrems II (2020) decisions of the Court of Justice of the European Union represented substantive movement in this direction — the second decision, in particular, invalidated the EU-US Privacy Shield framework that had been the legal basis for transatlantic data transfers — but the Trans-Atlantic Data Privacy Framework that succeeded it in July 2023 has been characterised by privacy-rights litigators as substantively similar to the framework that was struck down. The legal-framework conversation has continued; the operational practice of European-US data flows has not changed in the way the post-2013 conversation expected.
The conversation expected the hosting customers most exposed to the documented arrangements — investigative journalism, NGO infrastructure, archival projects with politically sensitive content — to migrate away from US-headquartered providers in the same proportions that the consumer market did. The migration in this segment has been substantive but partial; a notable fraction of the journalism organisations whose reporting most directly motivated the post-2013 conversation continue to operate primary infrastructure on US-headquartered cloud providers. The operator’s reading of the persistence is that the operational cost of migration is non-trivial, that the alternative providers’ enterprise-grade tooling has historically lagged the US providers’, and that the journalism-organisation IT teams have prioritised editorial-workflow continuity over jurisdictional-posture optimisation. The operational reading is a structural problem; the cultural reading is a problem the post-2013 conversation has not adequately addressed.
The unfinished work
The operator’s reading of the post-2013 settlement, considered against the audience for which OffshorePress was set up, identifies several pieces of unfinished work that the privacy-hosting industry as a whole has not adequately addressed and that the operator considers part of the operating posture an honest provider has to take on.
The first is the operational legibility of the hosting provider’s own posture. The post-2013 conversation produced a set of marketing claims — “we don’t log”, “we operate from a privacy-respecting jurisdiction”, “we don’t cooperate with intelligence services” — that hosting providers have been free to make without the equivalent of the audited-financial-statements practice that exists in the financial-services industry. The customer who reads the marketing claim has, in the current state of the industry, no documented basis to verify the claim against operational evidence. The operator considers this a structural problem and considers the publication of the operator’s own posture, at the length the journal is set out at, a partial response to the problem. A more complete response would be an industry-standard audit framework with independent verification; the framework does not currently exist, and the operator considers its construction part of the unfinished work.
The second is the supply-chain integrity of the hosting provider’s hardware and software stack. The 2013 disclosures and the subsequent reporting documented several cases of US intelligence-service interception of network-equipment shipments to foreign customers; the operational implication is that a privacy-hosting provider’s hardware-acquisition practice is part of the provider’s posture in a way that the post-2013 conversation has not adequately engaged with. The operator’s own practice — direct hardware acquisition from European suppliers, with documented chain-of-custody from supplier to facility, and with hardware-security-module attestation against tampering — is the operator’s response to this dimension of the unfinished work; the broader industry’s response has been weaker.
The third is the long-horizon political-environment durability of the hosting jurisdiction. The post-2013 conversation produced a settled understanding of which jurisdictions were preferable on the evidence available in 2013-2015; the conversation has not adequately revisited the question against the political-environment changes of the subsequent decade. The operator’s reading of the durability of the Icelandic and Swiss postures is set out at length in the earlier article in this founding set; the operator’s view is that the durability question deserves more regular re-evaluation than the industry has historically given it, and that the regular re-evaluation is part of the operating posture an honest provider has to maintain.
The fourth is the operational-security posture of the customer’s own endpoints. The post-2013 conversation was substantially focused on the infrastructure layer because the disclosures’ content was substantially focused on the infrastructure layer; the operational-security literature that developed in the post-2013 window has been more even-handed about the endpoint layer, but the hosting industry’s marketing has not adequately reflected the endpoint layer’s importance. A hosting customer whose endpoints are compromised has a hosting decision that is, at the margin, irrelevant; the operator considers the publication of honest endpoint-security guidance — including guidance that points the customer at the customer’s own responsibilities — part of the operating posture, even when the guidance is not commercially convenient for the operator to publish.
A closing reading
The post-2013 settlement is the inheritance the operator is operating inside. The settlement is not complete and is not, in the operator’s reading, in a stable equilibrium; the structural arrangements the disclosures documented are still in operation, the legal frameworks the post-disclosure conversation expected to constrain them have been less effective than the conversation hoped, and the customer-side migration has been less complete than the industry’s marketing would suggest. The operating posture of an honest privacy-hosting provider in 2026 has to be read against the unfinished work, not against the rhetorical victory that the privacy-hosting industry has occasionally claimed for itself.
The operator’s view is that the unfinished work is the work the customer is buying the hosting provider’s labour to address. A provider that publishes a posture, defends the posture in operational practice, revisits the posture against changing political-environment evidence, and is operationally legible to the customer in a way the customer can verify against the customer’s own threat model, is a provider that is doing the unfinished work. A provider that markets a posture without the operational substance is a provider that is participating in the rhetorical victory rather than the operational settlement. The hosting customer’s responsibility, against this reading, is to read past the marketing to the operational evidence — to weigh the provider’s posture against the provider’s documented practice, against the provider’s track record under legal pressure, and against the customer’s own threat model.
The operator considers the publication of this article part of that work. The article does not resolve the unfinished work; the article documents the unfinished work and the operator’s reading of where the operator’s own posture sits inside it. The customer who is making a hosting decision in 2026 against the post-Snowden inheritance is the customer for whom the operator’s catalogue exists, and the operator’s hope is that the catalogue’s surfaces — the per-jurisdiction dossiers, the per-payment-route dossiers, the operating-principles page, and the journal in which the longer arguments are set out — together amount to the operationally legible posture that the post-2013 settlement asked the privacy-hosting industry to provide and that the industry has, in the operator’s honest reading, only partially delivered on.