How about using a private forum for secure communications?
One advantage to this approach over using encrypted email is persistent and organisable content to allow collaborative discussion and planning also PMs can be used for email like communication anyway.
That is less secure for classified communication, but indeed we should have that, also, for unclassified communication.
SSL protects privacy just as well as PGP.
By browser default, it does not. Any Certificate Authority (CA) can perform something I call a Certificate Authority in the Middle (CAitM) attack. How difficult do you think is it for a government to have a Certificate Authority (CA) headquartered on their territory issue them a fake certificate? Secure Sockets Layer (SSL) and/or Transport Layer Security (TLS) can be secure only if all Certificate Authorities (CAs) are set as untrusted and Request for Comments (RFC) 6091 applied, instead.
One disadvantage will be hosting and maintenance costs but those are not so great especially for a very small forum just being used by the company agents.
I will have that set up on the Tor anonymity network; in fact, it will be the Bit the Coin (BtC) Tor Web site. It will cost me about 1 Bitcoin (BTC) without monthly fees until further notice. Care to contribute some part of that 1 Bitcoin (BTC)?
I could help with setting that up, I already have a VPS running.
May I propose we rent a dedicated server in the Swiss Confederation for a few dozen Swiss francs (CHF) per month as a primary, special-purpose server plus a dedicated server in the Republic of Austria for 29 Euros (EUR) per month as a secondary, general-purpose server? The latter has 320 gigabytes (GB) of disk space. I also need servers for a basically-free e-mail service similar to the one used by Eduard Snowden which I'll be running. The trick in my service will be full compliance with any Swiss government requests. Instead of witholding data, I will make sure correspondents encrypt as much as possible using asymmetric keys beyond my reach by charging for the reception and transmission of unencrypted e-mails. You will see how people will suddenly become tech-savvy. Also, I need a name for the service, if you feel like coming up with some the applicable ".ch" and ".net" domains should not be taken.
MicroSDXC cards are 35 GBP and upwards in the UK.
They cost about the same here, but I can't get the best ones here, so your source might come in handy.
Look forward to working with you and I can't wait to make a start.
I did not reply sooner, because I was transferring the hosting of lovric.net to the Swiss Confederation, creating the Lovrić Extreme Technologies Tor Web site, and working on the Open-Source Antigovernmental Messaging Application (OSAMA) did you know that 2,048-binary-digit-(bit) Rivest-Shamir-Adleman (RSA) is equivalent to 103-binary-digit-(bit) symmetric keys and can be broken by intelligence agencies within somewhere around 15 years with ordinary hardware and now think of special hardware?