Mega says US urged PayPal to cease working with it based on end-to-end encryption

Reuters / Beck Diefenbach
PayPal will no longer process customer payments for the cloud-storage service Mega based on the latter’s use of client-side encryption. Kim Dotcom’s Mega says the decision stems from powerful American corporate influences leaning on the e-commerce site.

File-hosting site Mega made the announcement late Thursday, claiming that PayPal ultimately blamed the decision on Mega’s use of end-to-end encryption, which, to PayPal, meant an “unknowability of what is on the platform.”

Mega also suggested credit card companies Visa and MasterCard, as well as US Sen. Patrick Leahy and a report linked to the copyright-absolutists the Motion Picture Association of America (MPAA), ultimately pressured PayPal into dropping Mega.

“MEGA is aware of a report published by NetNames (partially funded from the MPAA supported Digital Citizens Alliance) that incorrectly claims MEGA's business to not be a legitimate cloud storage service. MEGA is aware that Senator Leahy (Vermont, Chair Senate Judiciary Committee) then pressured Visa and MasterCard to cease providing payment services to the companies named in that report,” Mega wrote on its site announcing the decision.

“Visa and MasterCard then pressured PayPal to cease providing payment services to MEGA.”

READ MORE: Megaupload programmer gets 1yr in prison for role with Dotcom’s site

Mega said it adequately proved to PayPal that it was a legal, legitimate service, urging PayPal to share the evidence with Visa and MasterCard.

“Eventually PayPal made a non-negotiable decision to immediately terminate services to MEGA. PayPal has apologised for this situation and confirmed that MEGA management are upstanding and acting in good faith. PayPal acknowledged that the business is legitimate, but advised that a key concern was” Mega’s allegedly unique encryption method, Mega wrote.

Mega’s client-side encryption bars it from seeing what its 15 million registered customers store on its servers, as files are encrypted on a customer’s local computer, thus reducing reliance on a service provider. This model also severely disrupts law enforcement access.

“MEGA has demonstrated that it is as compliant with its legal obligations as USA cloud storage services operated by Google, Microsoft, Apple, Dropbox, Box, Spideroak etc, but PayPal has advised that MEGA's ‘unique encryption model’ presents an insurmountable difficulty,” Mega wrote.

“The encryption models claimed by various USA and other entities apparently do not represent any problem to PayPal or the parties behind PayPal.”

READ MORE: Judge foils US investigators' attempt to seize Kim Dotcom's decryption keys

Mega said that in light of PayPal’s decision, it is seeking other payment options. In the meantime, it will lift storage limits on all of its accounts, and customers will have two more months of free storage. One possible solution is to move to accept cryptocurrency such as bitcoin.

“MEGA will not compromise its end-to-end user controlled encryption model and is proud to not be part of the USA business network that discriminates against legitimate international businesses,” Mega wrote.

Mega was created in 2013 by Kim Dotcom, the German-Finnish founder of defunct file-sharing site Megaupload, which was shut down in 2012 by the US Department of Justice for alleged copyright infringement.

The US has forcefully attempted to extradite Dotcom – whose real name Kim Schmitz – for copyright infringement, sparking a series of protracted legal battles, seen as a litmus test for internet freedoms. So far, New Zealand’s legal system has protected Dotcom from extradition, and absolved him from copyright infringements committed by users of Megaupload.