US Wants Courts to OK Warrantless Email Snooping

Erris writes "The Register is reporting that the US government is seeking unprecedented access to private communications between citizens. 'On October 8, 2007, the United States Court of Appeals for the Sixth Circuit in Cincinnati granted the government's request for a full-panel hearing in United States v. Warshak case centering on the right of privacy for stored electronic communications. ... the position that the United States government is taking if accepted, may mean that the government can read anybody's email at any time without a warrant. The most distressing argument the government makes in the Warshak case is that the government need not follow the Fourth Amendment in reading emails sent by or through most commercial ISPs. The terms of service (TOS) of many ISPs permit those ISPs to monitor user activities to prevent fraud, enforce the TOS, or protect the ISP or others, or to comply with legal process. If you use an ISP and the ISP may monitor what you do, then you have waived any and all constitutional privacy rights in any communications or other use of the ISP.'"

"Think about it"

[BadAnalogyGuy]

Anytime someone tells you to "think about it" and then proceeds to explain how one little point can be logically followed to some outrageous conclusion it means that they have no real proof and are relying on your credulity to fill in the gaps in their logic.

Think about it.

Re:"Think about it"

[Opportunist]

"Think about it" comes in the same jar as "obvious". Both have only one reason to exist, to make you look like a fool if you don't agree.

"Think about it" is usually the final sentence after a list of "proofs" that present the point of the one arguing. "Obviously" is used whenever he does not have any facts to support his theory. No facts needed, it's "obvious" and if you don't agree, you can't even see the obvious, dumbass!

Re:"Think about it"

[Anonymous Coward]

That's pretty obvious, if you think about it.

Re:"Think about it"

[$RANDOMLUSER]

Perhaps you and the GP should read TFA and become [eff.org] aware [typepad.com] of some [google.com] of the issues [wikipedia.org] here.
Oh, and for the "it's the Register, pooh pooh" crowd, the original FA was frist psoted on Security Focus [securityfocus.com].

Re:"Think about it"

[ajs]

Alarmist? Here's what he said:

What is important in this case is not the ultimate resolution of that narrow issue, but the position that the United States government is taking on the entire issue of electronic privacy. That position, if accepted, may mean that the government can read anybody's e-mail at any time without a warrant.

This seems to be a fairly reasonable assessment of the situation. The assertion in this case is that electronic mail has no reasonable expectation of privacy. If that's upheld, then the 4th amendment doesn't apply.

Your comment about "followers" of Security Focus is way off base. Outside of the world of artificially constructed arguments on TV, people aren't "followers" of news outlets. We are readers or subscribers or viewers, but we're not "followers." You might want to re-evaluate how you select and scrutinize your news.

PS: I'll note that I've been saying for years that it's imperative for stand-alone personal MTAs to remain viable, and this is why. Routine, passive end-to-end encryption is the way that we make this impractical.

Re:

[Zenaku]

Wow, you are reading the wrong sentiment into what I said. I was making an amusing (to me anyway) observation, not an argument.

To be clear, I'm dead set against the government reading my email, encrypted or not. All I was trying to say is that the phrase "reasonable expectation of privacy," on which the legal test is currently based, is a shitty test, as what a reasonable person would "expect" the government to do is to violate you in any manner they can get away with.

In other words, this is an unconstitu

Re:"Think about it"

[Scratch-O-Matic]

Hopefully in 2008 someone sane will enter the White House...

I have a strong suspicion that the next President, whoever she may be, will be briefed on all this stuff and will determine either that 1) the real threat is actually so great that the surveillance programs should continue, or 2) the conduct of the surveillance programs is actually more in keeping with accepted American principles than is commonly believed among the public. I predict that for at least the duration of the next presidential term, we will not hear of any surveillance program being shut down by order of the President.

Re:

[Chris Burke]

1) the real threat is actually so great that the surveillance programs should continue

I assume the implication here is that the threat is much greater than we, the people, know, and that the surveillance has been more successful at stopping the threat than we know. Well that would be rather odd given that Bush's PR team takes every possible opportunity to play up the threats and their successes, rarely even waiting long enough to figure out whether their PR fluff will hold up once the facts are brought in

Re:"Think about it"

[fyngyrz]

Considerably more germane to how the US is supposed to work than a religious quote, the constitution has this to say:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Notice how a warrant has to be issued describing the "place" to be searched. The beginning of the amendment specifies "houses", but the rest is more general - the implication is that your shed, your place of business, someone else's coffee kiosk or bench or "mailbox of letters" or "container of packets", all are protected against unreasonable search. What is unreasonable in this context? It's right there, just read it: "right of the people to be secure" - that's unreasonable to violate. If you're not secure, you've been violated unless (a) they have probable cause and (b) they have a warrant and that warrant is supported by oath or affirmation.

With regard to communication modalities, at the time, what they had for remote communications was basically paper. Please note the explicit constitutional reference to the security of papers. You could write something down and send it elsewhere. This is where the idea that your mail should be secure comes from. Well, today, we have other mechanisms. Do you think that in ANY rational world, if the authors of the first amendment knew that you could send messages over wires or through the air, that they would have said, "Oh, well, in that case, you have no right to be secure? You can't base such an argument on how "easy" it is to read such communications, because there's nothing as easy to read as the mail is.

Those authors weren't trying to enumerate the "only" places you were to be secure, they were trying to say you should be secure PERIOD unless... oath, probable cause, warrant. I read the "persons, houses, papers and effects" as a general set of guidelines that is broadly inclusive; that reading is particularly supported by "effects", because that word is about as non-explicit as you can get in the language of the day.

Privacy is the social boundary that the citizens agree shall not be crossed. Closed doors shall be knocked upon; locked or not. Skirts shall not be looked up, short or long. Envelopes shall not be opened, unless addressed to you. Diaries shall not be read except by explicit permission from the author. These things are all important cornerstones of how society works. Not a one of them carries the addendum "unless it is easy" because it is obvious to each and every one of us that the existence of such boundaries is what makes life as an individual reasonable.

To the extent that the government argues that "because it can", it should be allowed to, we are faced with an intrusion that is both antisocial and constitutionally wrongheaded, as well as, I would argue, constitutionally anticipated and explicitly forbidden.

Re:

[spun]

I have no idea if you think of yourself as a Christian, but I don't think your theology matches mainstream Christianity. First off, God doesn't care what you've done as long as you accept Christ as your personal savior. Good works won't get you into heaven. Second, God's judgment is absolute in a way mere mortals' never can be. Forgot to ask Christ's forgiveness, even though you've led an exemplary life? You are going to hell FOREVER. Infinite punishment for finite sin is pretty damn absolute.

As for privacy

Re:"Think about it"

[ShieldW0lf]

Human beings don't need proof to operate. We are intuitive computers, and are capable of seeing where trends overlap to produce synergistic effects. If we weren't, we would be incapable of making a decision to achieve effects larger than the span of our own lives, and yet we are.

Sometimes, "think about it" is an invitation to test your brain and see if it's broken before they write you off as an idiot who really is.

Obviously.

Re:

[ubrgeek]

Slightly off-topic, but a random quote I received today seems to be related: "I never guess. It is a capital mistake to theorize before one has data. Insensibly one begins to twist facts to suit theories, instead of theories to suit facts. - Sir Arthur Conan Doyle"

Re:

[ShieldW0lf]

Sounds like something a detective in a writer of detective fiction with a flair for the dramatic would say.

Of course, if you were to look for someone with experience being in a position of command, where who doesn't have the leisure to refuse to guess, a professional writer of fiction would probably be the absolute worst choice you could make. A housewife or a traffic cop would be better prepared.

It's very eloquent though.

Re:"Think about it"

[Opportunist]

There's a difference between postulating a theory as a theory, offer methods of testing the theory and make it open for discussion, and claiming something as fact and true, without a chance to disprove it. For reference, see science vs. religion.

Re:

[Opportunist]

I'm a statistician (yes, the ways of the invisible pink unicorn are odd and I ended up in antivirus research). One of the things our department head at the university kept repeating over and over was to get your facts straight, verify your facts, test your facts and most of all, don't interpret them until you have at the very least thought of a way to interpret them to argue exactly in the opposite direction. If you can use them that way, toss your facts, your statistic and everything you want to argue for.

Outrageous conclusion?

[voss]

This is the same administration...

1) Staged faked news conferences and failed to tell the real reporters
2) Cant decide whether waterboarding is torture

These people will do anything they are allowed to until they are told no and
sometimes even after they are told no.

There is a way around this, if a court says the ISP agreement is what creates
or does not create a reasonable expectation of privacy then the day after
the court rules as such then I will tell my ISP either they change their ISP
agreement to say that my emails are private and will only be disclosed upon a valid
court order or I will find a new ISP that will do so.

Re:

[rikkards]

Here is a better alternative http://www.gnupg.org/ [gnupg.org]

alternative?

[jefu]

Here is a better alternative http://www.gnupg.org/ [gnupg.org]

Only as long as it remains legal to encrypt your mail.

Re:

[Anonymous Coward]

If you think the current administration is responsible for the exponential growth of the US government over the past 200 years, in both revenue and power over the people, then you haven't been paying attention to history.

There's a reason why every year we are subject to more laws than the year before. There's a reason why every year government spends more than the year before. There's a reason why every year power is concentrated further into the hands of the few. There's a reason why every year you are les

Re:Postcard/email analogy...

[conlaw]

The Sixth Circuit panel that decided the case did not agree with your view that one does not have a "reasonable expectation of privacy" with regard to email being stored by the ISP.

It is true ... that by sharing communications with someone else, the speaker or writer assumes the risk that it could be revealed to the government by that person, or obtained through a subpoena directed to that person. ... The same does not necessarily apply, however, to an intermediary that merely has the ability to access the information sought by the government. Otherwise phone conversations would never be protected, merely because the telehone company can access them; letters would never be protected, by virtue of the Postal Service's ability to access them; the contents of shared safe deposit boxes or storage lockers would never be protected, by virtue of the bank or storage company's ability to access them.

The entire opinion can be found at http://w2.eff.org/legal/cases/warshak_v_usa/6th_circuit_decision_upholding_injunction.pdf [eff.org]

"Land of the Free"

[FyRE666]

So much for that slogan - The US and China (or even cold war Russia) are not really that different. Total government control over communications, news media under govt control, corruption (although to be fair that's standard operating practice for any govt...)

Re:"Land of the Free"

[rvw]

"The government".... Does that mean Bush and his mates can monitor all Democratic email traffic? That would be handy for the upcoming elections!

Re:

[Opportunist]

I bet Nixon feels really stupid now. I mean, with a bit of planning...

Re:

[Opportunist]

Really? Man, if Dick hears that he'll rotate in his grave. He could've gotten off the hook so easily.

Why didn't anyone tell him?

Re:"Land of the Free"

[Kelz]

Well, if the government doesn't need a warrant... does it apply to the public as well? I'd personally love to see some of the RNC's email, especially some juicy Rove memos.

Monitor Democratic e-mails?

[twoallbeefpatties]

Here's the ironic side of this - the Democrats are pretty much in a lock to have the next White House, barring another extreme disaster that sends people running back to Big Brother again. All of these broad, sweeping changes for the power of the White House will only be partially in effect for Bush's term... and fully in effect for Obama or Clinton's term. The Democrats would like to thank the Republicans for giving them such broad power. (Not that I support either of them having it, mind you.)

Re:

[cayenne8]

"Here's the ironic side of this - the Democrats are pretty much in a lock to have the next White House, barring another extreme disaster that sends people running back to Big Brother again."

Do you really believe that? I think it is MUCH more up in the air at this moment. I mean, congress is at an all time low. The Dems got in, and pretty much have failed to do ANYTHING they said they were gonna do if voted in over the Reps. War? Still going on. Privacy matters? Nah...they gave in on the recent chance to p

No Dissent. Evil Past and Worse Future.

[Erris]

They can spy on Democrats, their own people and anyone's and that's why this is more important than firefly diatribes. Without privacy in communications anyone who would bother to stand up for your rights can be identified and punished. Targeting can start in school, before the victim understands the issues or can defend themselves. Anyone who would encourage or aid the dissenter can also be punished. What the current administration is asking for is a tool more complete than Orwell was able to imagine in a paper world.

Imagine, for example, that Martin Luther King Jr. [wikipedia.org] had been identified when he was a Morehouse College, instead of 1961. Do you think he would have been able to withstand such early and sustained attention as he suffered later [wikipedia.org]? As late as the 1980's some asshole decided to prove that King did not deserve his PhD [wikipedia.org]. If a smear campaign had been launched while King was at Morehouse, he would never have made it in to Boston or Crozer. Would it have been possible to recognize a pattern or would society have simply been robbed of a charismatic champion?

It's cases like King's that created the outrage that outlawed domestic spying. We should remember those foul deeds and start the pendulum swinging back towards privacy. What we find today may be worse than what we know about King because technology has made things so much easier to identify, smear and harass.

Re:

[Detritus]

Anyone who is a public figure can expect their past to be closely scrutinized. Why should King get a free pass for a PhD thesis that had large sections that were plagiarized from other people's work? I thought plagiarism was supposed to be a mortal sin in academia.

Re:"Land of the Free"

[arevos]

The US and China (or even cold war Russia) are not really that different.

When trying to convince people of the dangers of government control, hyperbole like this doesn't help. A US citizen still has considerably more rights than a Chinese citizen.

Also, you can't reasonably expect any privacy in email unless you encrypt its contents.

Re:

[jamar0303]

Depends on what you do in your day-to-day life. Quite a few times I feel more free in China than I do than America (particularly when it comes to cellphones- carrier locking? Even the CDMA carrier here has open phones, and if it's locked, the locals will find a way to unlock it- with a couple of exceptions- not the iPhone).

Re:"Land of the Free"

[Felix Da Rat]

When trying to convince people of the dangers of government control, hyperbole like this doesn't help. A US citizen still has considerably more rights than a Chinese citizen.

Also, you can't reasonably expect any privacy in email unless you encrypt its contents.

As you didn't provide any more information regarding those rights for the U.S. Citizen, you are doing the same thing as the Parent Poster. I believe the original post was making the argument that the US Citizen, by actions like this is losing those rights. Or at least in danger of doing so.

On privacy, while it is possible to read an unencrypted e-mail, that is not the same as an invitation to do so. It is possible to read my documents in my locked file cabinet, it just requires access and a pull hammer. Does that mean that those can be reviewed by the government? My phone line can be tapped by pretty much anyone, but does that mean it is okay for everyone to do so?

I don't disagree, I think that encryption is a fine thing, and should be used more often. However, I do not believe that my right to privacy exists regardless of the technological possibilities to interfere with it.

Re:

[Chris Burke]

Apparently "expectation of" has become a very technical term, basically meaning "desired."

Well yes it IS a technical term because we're talking about Constitutional Law here. The fact that it is expressed in English, where words can have multiple meanings, should not be taken to mean that any definition you like is the one that applies. The meaning of the phrase is put down in case law, not the Oxford English Dictionary.

And no, it doesn't just mean "desired", it means that it was the intent to be private,

Re:"Land of the Free"

[mi]

The US and China (or even cold war Russia) are not really that different.

Yep... 20 mln citizens have already gone to labor camps and hundreds of thousands executed [wikipedia.org], while deliberately-induced starvation [wikipedia.org] is killing millions more on conquered lands. No private property can legally exist — all enterprises belong to the State (of Workers and Peasants). It is illegal for peasants to leave their village without the headmaster's Ok (he is the one issuing them passports), and for all others to leave the country. Those suspected of subversion are tried by secret courts — either for the actual subversion, or (in the later stages of the Cold War) for "drug dealing", "gun possession", or homosexuality [wikipedia.org]. It is illegal to own "xerox" machines and other "publishing" equipment.

Hot water is a luxury available in cities, and even the running cold water (where available) could be out for days and weeks at a time. Wait for for an apartment is counted in years (and decades), as is the wait for telephone connection. Cars are small, unreliable, polluting, expensive, but you can't get them anyway. Same is true of electronics and most other manufactured things.

Yes. America is not that different at all...

Total government control over communications

Patently false — the government is seeking access to one particular method of communication — unencrypted e-mails. Whether they get it or not, you are a fool, if you expected privacy of that to begin with...

... news media

Except the Register, right? Phew...

Postcard/envelope analogy

[lobiusmoop]

Using a snail-mail analogy, I can understand this. If I send a postcard out (plain email), I don't expect the message on the card to remain private, as anyone in the delivery chain can read it without any tampering. When I do want privacy, I can put my message in a sealed envelope instead (PGP encryption for email) to ensure only the recipient can read it. Seems fair to me. The general populous need to be more aware that plain email is more like a postcard than a message in a sealed envelope though.

Re:

[cenonce]

In the end, however, I think your sealed envelope is more like plain e-mail. If your envelope is ripped, damaged, held up to the light or whatever and the Postal Service (or anybody) looks at the contents and sees what they believe is illegal activity, a warrant based on that info is not going to get tossed. Same as if some sysadmin, script kiddie or whoever is looking at packets as your e-mail goes through the system and somehow catches you are doing something illegal. If script kiddie gets a momentary

Re:Postcard/envelope analogy

[Null Nihils]

The general populous need to be more aware that plain email is more like a postcard than a message in a sealed envelope though.

Which is funny, because the canonical user interface icon for e-mail is... a sealed envelope. Even ISPs will present their e-mail services with such an image.

In other words, the snagging point is the definition of "expectation of privacy" -- but the situation is really quite simple: The average user simply expects privacy, but the government is trying to force them to abandon that expectation, so they can then go and install ubiquitous e-mail surveillance without violating the letter of the US Constitution. The government is trying to win by arguing semantics, so what I find hardest to believe is that anyone is taking all this blatant skullduggery seriously. I've seen better weaseling from schoolkids trying to avoid homework assignments.

E-mail is electronic, so the message is NOT viewable in transit without making an effort to intercept and decode it, even if the encoding is just ASCII. It's not like mailing a postcard, it's like sending an electrically encoded text message over a packet-switched data network where the only expected viewing point is at the intended recipient's terminal; this is how the e-mail protocol was designed to work. Sure, a malicious party can read it because it's not encrypted, but someone can easily slice open a postal mail envelope and read the contents of that, too.

The bottom line is, since a non-trivial effort has to be made to read the contents, and since the service has always been presented as a "sealed letter", the average user is not unreasonable in expecting privacy.

Re:Postcard/envelope analogy

[DrFruit]

Here is another point I miss in the e-mail/postcard analogy. Even if you accept that e-mail is more like a postcard than a sealed envelope (which I agree is a false analogy and used as an excuse to erode our expectations of privacy), how does that justify routinely reading messages? Post office workers may read the occasional postcard for a laugh, but who would expect a government (or any other organisation) to routinely copy every postcard and scan it for illegal or suspect content?

Re:Postcard/envelope analogy

[tkw954]

[Email is] like sending an electrically encoded text message over a packet-switched data network...

Where's Bad Analogy Guy when you need him?

Re:

[n3tcat]

He used up all his clever thoughts for this thread in the first post.

Re:

[EriDay]

These pinheads have no understanding of blowback. This will cause the small amount of communications being encrypted in the past to become the majority of communications being encrypted in the future. Yesterday they could look at the profile on a user and encrypted email might set off alarms. Next year every user will encrypt all email, they may try to prevent this domestically, but the international community will lead the way to 100% strong encryption on email seamlessly integrated into the client.

Re:

[Kelz]

IANAL, but it seems the government has a bit of a conundrum. Half the time people want the internet to be free/anonymous, and half the time they want it to be private information. Truthfully it can't be both, and I don't see unencrypted emails going through public ISPs as ever being called private, no matter if they are treated as such by the sender. People can look at them if they put the time in.

Now though, following with the the governments policy on encryption via the DMCA (as I understand it, once a

Postcard/envelope analogy difference

[tjstork]

The difference is, when you send out a letter, it takes a deliberate act of intrustion to read the contents, just as it takes a deliberate act of intrusion to read someone's email. If you get a postcard on your hand, sure, then read it. But, that's really more like someone sending you an email by mistake.

You Don't Understand At All.

[Erris]

The general populous need to be more aware that plain email is more like a postcard than a message in a sealed envelope though.

"Reasonable expectation of privacy" arguments mask the true cost of tyranny and the public should object to all forms of domestic spying. The right emails do not just fall from the sky onto FBI agent desks so that criminals can be prosecuted. It costs money to read and sort email. It's outrageous to waste tax money on things like that because criminals know how to hide and the machinery will be abused for political purposes [slashdot.org]. One way to protect the public from that kind of waste and abuse is to demand government obtain search warrents for email snooping. This is what the fourth amendment is all about.

Re:Postcard/envelope analogy

[$RANDOMLUSER]

Fun fact: What you write on a post card can't be used against you in a court of law.

Really? I suggest you write "I'm gonna fly a plane into the Sears Tower" on a postcard and see how much hilarity ensues.

Re:Postcard/envelope analogy

[aichpvee]

Everyone knows by now that they don't resort "courts" or "laws" in those kind of cases.

Re:

[Anonymous Coward]

Really? I suggest you write "I'm gonna fly a plane into the Sears Tower" on a postcard and see how much hilarity ensues.

It would probably go unnoticed.

Re:

[Mathinker]

> Fun fact: What you write on a post card can't be used against you in a court of law.

Let's see you test this. Take your fingers and make nice clear prints on a postcard, then write a death threat to the president on it and send it from your neighborhood post office to the White House. Repeat this action once every month.

Please let us know what happens (find a Slashdot-enabled lawyer before you start the experiment, please).

Re:

[mdwh2]

Let's see you test this. Take your fingers and make nice clear prints on a postcard, then write a death threat to the president on it and send it from your neighborhood post office to the White House. Repeat this action once every month.

But in that case, sending the postcard itself constitutes a crime, in that you're making a threat. I presume he meant the information obtained by the authorities reading a postcard whilst it's sent through the post. A better experiment would be to send it to someone else, de

Re:

[A beautiful mind]

One guy who I know from IRC sent a postcard [styleliga.org] when he was visiting the USA, to his german friend. The post was delivered by the german police to his friend. Funny eh.

Re:

[vrmlguy]

Well, I was going to ask about your public key, but I've run into a roadblock of sorts. Like many sites, /. lets you post personal information about yourself [slashdot.org], such as AIM info, ICQ UIN, Yahoo! ID, Jaber, a public Calendar, a Mobile Text Address, and a Public Key. Some of it, such as Jabber info, is displayed on my user page [slashdot.org]. However, I can't seem to figure out how to view anyone's public key. Before I dive into the source, anyone got a clue? Thanks!

While this is an affront...

[Null Nihils]

to any citizen who believes in a free and open society, I'll be EXTRA worried when they outlaw encryption...

Re:

[rucs_hack]

They can't outlaw encryption, since that will affect business badly. Nor can they outlaw encrypted emails, same reason. All they can do is make it so they can have the keys on asking, which I imagine is already the case. Mind you under this totalitarianist approach, the mere act of using encryption as a private citizen places you under suspicion.

So, how is it there in the land of the free? Good still?

Apple logo and Turing.

[TapeCutter]

"to any citizen who believes in a free and open society, I'll be EXTRA worried when they outlaw encryption..."

Oddly enough until recently it was standard practice for western governments to "outlaw encryption". Before public key encryption came along some of the 'founding farthers' of computer science had worked out how to crack most types of encryption with relative ease and on the side they built computers with meccano sets that calculated trajectory tables.

As a direct result of the German and Japan

Doesn't matter anyway...

[xheliox]

It's not like the Bush administration cares what a court says. They'd do it regardless. It's a matter of national security, you know?

Re:Doesn't matter anyway...

[dkleinsc]

No, it does matter: What they're trying to do is ensure that any administration that comes after them can't prosecute them for what they've done.

Bush's "farewell" press conference...

[TapeCutter]

..."Opps, pardon me!"

Re:

[mbone]

I do wonder though if Bush can pardon himself.

No, he can't. Nor can he pardon anyone else "in cases of impeachment." From Aricle II, Section 2 :

...and he shall have power to grant reprieves and pardons for offenses against the United States, except in cases of impeachment.

Note that it doesn't say anywhere that impeachment cannot be done after the end of an administration.

Nor, in practice, can he pardon war crimes, as they are globally enforceable. It's the war crimes charges that will eventually

In other words...

[Opportunist]

It's only fair and understandable that I use GPG and onion routing for even the most trivial matters, since now it's public knowledge that whatever I send via the internet can and will be read by anyone wanting to do so.

Using any kind of encryption is thus quite normal behaviour and can never be seen as any kind of sign that I could possibly be discussing the whereabouts of Ozzy.

Re:

[blackest_k]

Perhaps your right, more of us should use encryption by default.
Pidgin has encryption plugins which you can use fairly transparently on a one to one basis. Talking to friends with encryption on is effortless.

So what about email how easy is it to default to encrypted and not make it awkward for the recipients to read the content?

Any recommendations?

incidentally it might have a side benefit of making encrypted mail easy to white list. would spammers have your public key ...

Right..

[Morky]

Because, of course, terrorists are using unencrypted email to plan their misdeeds.

Re:

[The_Mystic_For_Real]

Terrorists are not known for their computer savvy. I remember a couple years ago Al-Qaeada's supposed head of computing was arrested and he was running windows with his entire hard drive (which was full of evidence) was entirely unencrypted. Apparently they have done some things possibly with freenet that have been fairly anonymous but I would not be surprised to learn that a lot of plaintext e-mail about sensitive matters gets tossed around, like in any organization.

Re:Right..

[BadAnalogyGuy]

from: 4114hox3nfr33@aqhq.co.af
to: aq-all@aqhq.co.af
date: Nov 5, 2007 5:00 PM
subject: ne1 up 4 ultimate tonight?

<eom>

Re:

[pla]

Because, of course, terrorists are using unencrypted email to plan their misdeeds.

Some do. The stupid ones that keep getting caught do.

The rest (including the successful ones) either don't use email at all, or they use all the best privacy-protecting tools available.

What privacy?

[cenonce]

ISPs are not government entities, though I get that in the digital age, the line of who is a state actor and what is a state action is less clear. So there is no 4th amendment protection against what the ISPs do with your data (though there may be some statutory or common law tort theories for privacy violations). ISPs can provide you service under any terms they see fit, and you certainly don't have a constitutional right to broadband internet access.

The far more impacting (and interesting) legal question is how the courts are going to view the 4th amendment (and others) in light of the way communications are stored for eternity on the internet. A traditional approach seems unwise, since the way ISPs word their terms of service make it so your data practically falls under the "open fields" doctrine for purposes of search and seizure. On the other end of the spectrum, I don't want police investigations entirely shut down just because we want heightened protections for data that we keep in essentially insecure methods.

If you are that worried about privacy, use PGP or GPG.

Re:

[Opportunist]

How should it affect police investigations?

Those who do have criminal activities in mind will, or do already. Do you really think those Al Quaida guys don't know how to use PGP? Do you really think they send any kind of crap unencrypted anymore? If at all, that is?

Imagine you know what you're doing is against the law. Do you do it where you can be seen and snooped, especially after hearing so much about it being used? How hard do you think it is for them to use halfway decent encryption that thwarts such sn

Re:

[cenonce]

Well, first you make an assumption that all criminals, and all members of al-quaida are sophisticated enough to use encryption. In light of the crap I have seen posted on myspace, youtube, facebook and the like, that is clearly not the case.

Second, I was really making a comment on the interpreting the 4th amendment in the digital age. One of the ways that privacy, though not necessarily 4th amendment protected privacy, is "violated" is by snooping. The question is, where does the 4th amendment kick in?

Re:What privacy?

[Wylfing]

ISPs can provide you service under any terms they see fit, and you certainly don't have a constitutional right to broadband internet access.

BZZZT. Once again this fallacy rears its head.

The U.S. Constitution is NOT a positive enumeration of citizens' rights. You have a right to do everything except what is specifically forbidden (by laws that we consent to live under). In addition, the Constitution isn't even about you, Mr. Citizen. The Constitution is about what We the People will permit government to do and not do. In other words, we (the people) already have all the rights in the universe*. A few of those we will consent to give for the purpose of living more-or-less harmoniously, and a few of those we will permit to the government. All else we reserve for ourselves and for the individual States in which we consent to live.

* So yes, I do have a Constitutional right to broadband Internet access.

Re:

[dpilot]

You're absolutely right, and in the Constitution it explicitly states that rights are "not restricted to those herein enumerated," yet somehow "strict constructionists" keep saying, "That right is not specifically stated in the Constitution, therefore it does not exist."

Re:

[Rohan427]

ISPs are not government entities, though I get that in the digital age, the line of who is a state actor and what is a state action is less clear. So there is no 4th amendment protection against what the ISPs do with your data (though there may be some statutory or common law tort theories for privacy violations). ISPs can provide you service under any terms they see fit, and you certainly don't have a constitutional right to broadband internet access.

Once an ISP begins providing the government informat

Re:

[cenonce]

Maybe in Deadwood (which I never watched), ISPs are state actors, but not in the U.S.

I do however see the point you are trying to make. Unfortunately, I don't think the line is so easily draw with ISPs as to when they may be doing "state action" and when they are private companies asserting their position of strength over the consumer. At least, the world has come a long way since Marsh v. Alabama. [wikipedia.org]

PGP might not be dead

[LM741N]

It might take something like this to put PGP and the like into the mainstream.

Two words

[pedestrian crossing]

Key exchange

"By the people ... for the people..."

[Opportunist]

Maybe I have some funny concepts what the difference between a company and a government is supposed to be, but a company should first and foremost have its shareholders and owners in mind, a government its people (who're, technically, its owners).

Is it me or is that difference not quite clear here? That an ISP snoops on its users is not a good thing, but considering that its customers are just the necessary evil to get the money for its owners, they're not their main concern. The people, on the other hand, should be the main concern of a government.

It's the governments only excuse to exist at all!

Unprecedented is seriously inaccurate

[OeLeWaPpErKe]

Unprecedented in the US, yes. Just about anywhere else, no. China, morocco, iran, Russia and the Netherlands are all 4 running much worse programs. (like constant monitoring for keywords for example).

And we're not even going to "really" oppressive countries like north korea or pakistan.

If you speak dutch, read http://www.onderwereldblog.nl/?page_id=64 [onderwereldblog.nl] for example.

Re:

[Cyberax]

Actually, Russian laws require law enforcement to get a court order to wiretap anything.

Of course, I don't think the law is being followed to the letter...

oblig xkcd

[RuBLed]

A'la'ih Do'neh'lini [xkcd.com]

No worries for me

[William Robinson]

01001001 00100000 01100001 01101100 01110111 01100001 01111001 01110011 00100000 01110011 01100101 01101110 01100100 00100000 01101101 01100001 01101001 01101100 01110011 00100000 01110100 01101111 00100000 01101101 01111001 00100000 01100111 01101001 01110010 01101100 01100110 01110010 01101001 01100101 01101110 01100100 01110011 00100000 01101001 01101110 00100000 01100010 01101001 01101110 01100001 01110010 01111001.

Let them read... my headers.

[hacker]

No problem... let them snoop. Now I'll just be twiddling the "Encrypt and sign all outgoing email" box on my MUA, and finally start using GPG [gnupg.org] full-time for all of my incoming and outgoing email, instead of with just my friends and close colleagues.

There are plugins for Evolution [lwn.net], pine [dma.org], mutt [codesorcery.net], Thunderbird [mozdev.org] and just about every other Mail User Agent you can find out there.

Another great benefit, is that I can automatically block/quarantine/delete any and all email that does not contain a gpg-signed component (i.e. 99.999% of all email out there, mostly spam). dspam [nuclearelephant.com] does an amazing job, but being able to just reject it at the MTA level would be great.

And for those that wish to converse with me, please make sure to use my GPG key [veridis.com] to do so (also available here [pilot-link.org] with detailed instructions).

Re:

[Tony Hoyle]

All of it? That's gonna work well when you post random encrypted crap onto a mailing list and all the outlook users go 'wha..?'

The problem with encrypted email is there are at least two competing major standards, and 99% of users don't have mail packages that understand either.. so you can't send it unless by prior agreement with your close friends. In practice this ends up as almost never.

Re:

[hacker]

I could care less about my public mailing list messages, it's the other email that matters.

Is DHS going to really put me on a watch list because of my contributions to Project Gutenberg, Plucker, the core Mediawiki code or dozens of my other contributions? Not likely.

Are they going to put me on a watch list because of my political affiliations? My emails pointing out the egregious flaws in our administration? The methods people can use to personally protect themselves from an oppressive government? You

Re:

[dpilot]

Actually, the biggest problem with encrypted email is the number of people who now use webmail. How many people READ the service terms for webmail? Once your email remains on someone else's server, your privacy expectations become much less than even when it simply passes through. I fetch my email regularly, delete it from the server, and place it on my own IMAP server. In order to read my email, an intercept/duplicate decision has to be made prior to my fetching and deleting. With any mail it can be r

Not so fast

[bryanp]

Whenever someone screams "They're violating our First Amendment rights!" about some private company being restrictive, I'm one of the first to explain that the 1st protects our right of free expression from Government interference. Converseley, lets say for the sake of argument that I have waived my 4th Amendment rights to my ISP in exchange for using their email service. This doesn't mean the .gov gets to abuse them. Hopefully a half sensible judge will toss this out.

In the meantime I'll just be happy that while my ISP is in the US I don't use their email service. Good luck convincing the service I pay to use out of Norway to give up my email. ;)

Foreign emails too?

[Peeloo]

Does it mean that if I use an US mail server, like gmail, from a foreign country, these mails can be wiretap too?

Re:Foreign emails too?

[Attila Dimedici]

Does it mean that if I use an US mail server, like gmail, from a foreign country, these mails can be wiretap too?

In that case they don't even need this ruling, communications between individuals outside of the US may be legally intercepted by the US Government at any time the Federal Government believes there is national interest at stake and has the ability to do so. The whole NSA wiretapping scandal arose from the Bush Administration's interpretation that this legal authority extended to communications between individuals outside the US and individuals inside the US. I have not looked at this closely, but some of the articles I have seen suggest that the Bush Administration interpretation was also the Clinton Administration interpretation as well (and possibly going further back).

What?

[ScrewMaster]

How do you "waive a Constitutional right?", without anyone at least asking you if you mind waiving it?

They could and get a positive answer.

[iknownuttin]

How do you "waive a Constitutional right?", without anyone at least asking you if you mind waiving it?

If they did ask, I bet that most of the US population would just go along with it. Because, Civil Liberties is for "criminals to hide behind", "pinko hippies", "gays", "folks who don't want God anywhere", and any other issue that the ACLU and their sister organizations have taken up.

Why, law abiding citizens do not need Civil Rights!

This country and her Constitution is in trouble my friend.

Its nuttin' but spam anyway...

[crovira]

Why, I'll even forward it to any address they want.

The perfect time to discover enigmail

[Chemisor]

Today is the perfect time to discover enigmail [mozdev.org]!

Ironically...

[mrjb]

...if they're going to try to monitor all email, they will have to weed through 95% of spam *first*.

This is how liberty dies...

[ZeroExistenZ]

...with a lengthy bill, a large cheque and a monkey in the office.

Blatantly unconstitutional

[tjstork]

The Constitution does not grant the Congress or the President the power to read email, so therefor, it is unconstitutional to do so. The 4th amendment affirms the rights of the people, and is not a limitation of them.

Re:

[cbiltcliffe]

the constitution does not mention email....

Since the constitution enumerates the government's rights, then the fact that the constitution doesn't mention email means that the government has no right to fsck with email.

Life, Liberty and the Pursuit of Happiness

[giafly]

If you've ever agreed a typical EUA, seems to me you've waived at least two of these.

Where's the news on this?

[eebra82]

The scary part is that this news is not on any major American news network, or at least with so small printing that I can't even find it. Why does it take a company from the UK to inform us that our own government is bullshitting us again?

It's okay...

[etherlad]

I don't care if the Feds can read my email. I don't use Email anymore. I upgraded to Gmail. That's, like, two versions better, right? I hope so; I think I missed the release of Fmail.

Can someone please explain....

[JustNiz]

I'm English so don't understand the US system. I always thought that the US constitution was the very foundation of US law. So please can someone explain:
How is it that the US government can choose to violate the constitution? Isn't the whole point of the constitution that they are obliged to conform to it?

Re:

[bogjobber]

First off, IANAL, so this won't be entirely correct but here's the basic idea. The 4th amendment to the constitution say this:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

How that has been interpreted is firstly that y

Re:

[Dunbal]

Actually, I'd say anything that takes place in public, or over a public network, the governement has a right to observe.

      So you're fine with the idea of being randomly stopped on the street and searched by the police, right? Empty your pockets, son, and pop the trunk. Why? Well if you have nothing to hide, you should have nothing to worry about...

Re:

[acvh]

Well, no. The telephone network is a circuit switched network. By making a call I am requesting that a private, one to one, circuit be established between my phone and the recipient's phone. Nothing public about it.

On the topic at hand (e-mail), while I am aware that there are multiple points in email transmission that can provide an opportunity for someone to see the contents of my mail, I do not, have not, and indeed quite possibly can not, waive my right to be protected from government surveillance witho