After watching recent events regarding our Federal Government reading the phone records of American citizens, and the acknowledgement by the NSA chief that they’re monitoring the phone calls of Americans, I’ve decided I’m getting a little annoyed with these casual little incursions into our privacy. Since it seems that our Federal Government has show no interest in preserving our privacy rights, I’ve decided that in the little ways that are afforded to a private citizen, I’m going to begin pushing back.
I’ve started once again encrypting my email, as I’m able. Of course, in order to do this, the person that I’m writing to must be able to support reading that encrypted email. So, I’m writing this to offer my reasons for encrypting my email, and encourage others to do the same. At the end of the post, I’ll include links for you to begin encrypting your email.
In 1991, Phil Zimmerman wrote an interesting little application that he humbly titled Pretty Good Privacy. I say humbly, because the software that he released brought real data encryption to the common folk. For a while, Zimmerman was prosecuted for violating munitions export laws.
During the time he was being prosecuted, Mr. Zimmerman wrote a defense of PGP and email encryption in general entitled “Why Do You Need PGP?“. Many of the thoughts I’m writing are echos of Phil Zimmerman’s ideas written is that article.
More fundamental than the question of whether we should encrypt email is the question of whether we should keep secrets in the first place, and from whom we should keep secrets. As Zimmerman notes, as a rule, we naturally consider our letters confidential enough to put them into an envelope instead of using postcards. We would also be upset if we received a letter opened by someone unknown. Yet, for some reason, we have no problem sending emails in an easily readable format.
More importantly, the easy of our electronic communication directly leads to the ease by which anyone who listens between you and your recipient can gather and read all your email. Zimmerman writes the following:
Today, if the Government wants to violate the privacy of ordinary citizens, it has to expend a certain amount of expense and labor to intercept and steam open and read paper mail, and listen to and possibly transcribe spoken telephone conversation. This kind of labor-intensive monitoring is not practical on a large scale. This is only done in important cases when it seems worthwhile.
More and more of our private communications are being routed through electronic channels. Electronic mail is gradually replacing conventional paper mail. E-mail messages are just too easy to intercept and scan for interesting keywords. This can be done easily, routinely, automatically, and undetectably on a grand scale. International cablegrams are already scanned this way on a large scale by the NSA.
Sadly, Zimmerman’s analysis is out of date, as the NSA is not limiting their surveilance to international communications. The NSA has installed in AT&T’s switching office a software package that can “reconstruct all of their [users] e-mails along with attachments, see what web pages they clicked on, we can reconstruct their (voice over internet protocol) calls.”
The problem is that the people who are reading your email to check for terrorist activities are human… it could be your next-door neighbor, your old college ex-girlfriend, or some guy who’d love to dig up dirt on you. While the law has always allowed for surveilance of suspects, that surveilance always had the checks and balances of the courts, who were responsible to make sure that both your privacy and the 4th amendment are being preserved. It seems that this is no longer the case.
Think about sending an email to a Christian in China or Saudi Arabia. If their government found out that one of their citizens is a practicing Christian, it could subject them to prison, or even death. The benefits of encrypted email are obvious in this situation. However, think about the problem that encrypting sensitive email causes. While an observer may not be able to read the contents of the message, the fact that the message is encrypted can alert an enemy that the communicants are hiding something.
That’s why it’s important to make encrypted email the norm, and not merely the exception. Just like a letter in the mail does not signify sensitivity of its content, neither should an encrypted email imply that the content is anything but normal.
I encourage you to consider using email encryption on a regular basis, and to convince others to do the same.
How to Start Encrypting Your Email
You probably won’t even need to change your email client in order to start encrypting your email, as encryption plugins exist for every major email software, including Outlook, Outlook Express, Thunderbird, and Eudora.
- Thunderbird – A free email client
- GnuPG – Free encryption software
- GPG4Win – Windows version of the GnuPG software. Also includes a standalone email client, and a plugin for Microsoft Outlook.
- Enigmail – An encryption plugin for Thunderbird
- My GPG Public Key – What you need to encrypt an email to me.