This Message Will Self-Destruct: CIA and Homeland Security Seek To Officially Destroy Thousands Of Emails

When you delete your emails, it's likely just to remove clutter, liberating your inbox from constant coupons, ads, e-pleas, etc.  But when the CIA and Homeland Security want to delete emails, considerably more eyebrows are raised.

According to engadget.com, two of our most totally-not-shady Big Brother organizations want to delete all of their emails that are seven years or older, as well as the emails of all CIA employees who have been retired for 3 years.  A plan of action was shown to the National Records and Archives Administration (NARA) that indicated this intent, with only 22 top officials' correspondence to survive the digital culling.

History now seems to be written by the digital winners.
(Image courtesy news.yahoo.com.)

For two organizations who thrive on intelligence (one where it's in the very title of the company), this seems like a bad idea.  Numerous senators, including Dianne Fenstien (D-CA), are actively opposing this plan, fearing the expunging of evidence.

The motion was made by the CIA as part of an effort to help streamline its email collection for better management, a mission that NARA had asked of all government agencies to figure out a plan for.  Homeland Security's excuse was that it would free up valuable server space ($50 a terabyte per month) and that deletion could also possibly thwart the intended intelligence-gathering of Einstein, their government-website traffic-tracker.

They can stash endless info on regular citizens, but heaven forbid their own emails get retained.
(Artwork by Will Varner / Image courtesy twistedsifter.com.)

While this would be a win for private privacy, the overarching scope of government intel is something that people don't want to be able to simply vanish like so many extraordinary renditions before it.

Lee Tien of the Electronic Frontier Foundation told Gizmodo, "It's kind of sad. I want to applaud the government for choosing to discard unnecessary data about people. But we have good reason to question the government's reasons because of what we've learned about what we've NOT been told."

If you think the government shouldn't be doing the modern equivalent of shredding countless files and burning the confetti, you can tell NARA right here.

Uh...thanks but no thanks.
(Image courtesy reanimatedresidue.wordpress.com.)

Going Dark: New Email Technology To Easily Encrypt Everything

The unabashed abuse of privacy on the global scale is one of the most troubling invasions of our time. Now, one programmer is advocating a new paradigm of electronic communications that is simple and effective: "Dark Mail" that encrypts every email, every time.

Ladar Levison created the popular and secure email service Lavabit, which made news when he shut down the service entirely rather than cede to the goverment's demands that he surrender his security keys (which would have effectively undermined the entirety of the operation's purpose.) This happened hot on the heels of the Edward Snowden leaks, and since then no seriously secure single service has stepped forward to fill the gap. Now, as popularmechanics.com reports, Levison still wants to keep you covered.

In an interview posted today, Levison stated that everyone should be under the assumption that their electronic communications are being monitored at all times. This creepy but cruelly accurate statement is one that has yet to sink in for modern society, even though it means that everything from their (possibly "dangerous" and defamatory) private opinions to naked pictures are subject to scrutiny. He argues that the complexity of the e-communication infrastructure, coupled with the ease of cracking "endpoint security" (one's personal computer or device) makes things difficult for the average privacy-prone person. He has created "Dark Mail", a new encryption idea, to aid in spreading the powers of privacy.

As Levison explained:

"Dark Mail is really an effort to turn the world’s email dark—to make email encryption ubiquitous, universal, and automatic. The simplest explanation of what we’re doing is that we’re rewriting the protocols of email—the standard rules computers use for delivering email messages—so that messages are encrypted before they leave your computer and can’t be decrypted until they’ve reached the recipient’s computer. And because this is built into the system, there’s no cognitive burden. Grandma could use this—you don’t need to understand encryption or why it’s important. If someone can use email today, they will be able to use Dark Mail tomorrow."

Levison went on to elucidate that Dark Mail is not an email service, rather, it is a technology than any provider could implement. Expounding on PGP (Pretty Good Privacy) software, Dark Mail implements asymmetric cryptography techniques that use a public key (given to anyone who would like to send an automatically-message to a specific recipient) and a private key (theoretically, only the viewer of the message) to keep communications secure. Layers of anti-metadata technology to shake electronic position trackers are also in the works.

Levison went on to reference Phil Zimmerman, PGP's creator, and his lengthy police investigation and legal battle stemming from the creation of an encryption so strong that it was at first considered a munition (although the charges were eventually dropped.) On paper (and e-documents), there are laws that are in place to allow us this level of privacy.

Even if you feel you're doing nothing wrong, how do you know what those who would malign you are using against your favor? Why become a target just because you might be seeking knowledge that someone else deems illicit? Keep your privacy and your freedom close at hand, for both are valuable enough to be stolen.

If George W. Bush's personal oil painted nudies can be e-heisted, your info doesn't stand a chance. 

Brazil Planning Encrypted Email Service

Following on the hells of German, from BBC:

Brazil has confirmed plans to create a secure email service, following revelations of cyber-surveillance techniques used by the US and UK.

President Dilma Rousseff posted a series of tweets over the weekend, saying the move was required to "prevent possible espionage".  She added the country's Federal Data Processing Service (Serpro) would be charged with developing the system.

One expert said the tech involved was well established but had limitations.
"There's a good precedent for this with the German provider Gmx.de," said Prof Ross Anderson, head of the security research group at the University of Cambridge's computer laboratory.

"They just need to tell a company to keep the servers in Brazil, encrypt all the traffic inside or outside the country, and only give access to Brazilian police and intelligence services.

"Bang, finished, it's trivial. It's a well understood and well solved problem."
He said that the Brazilian system could be designed to interact with Gmx and equivalent encrypted services, in which case the NSA (US National Security Agency) and GCHQ (UK Government Communications Headquarters) would effectively be shut out unless the countries where the relevant servers were based decided to co-operate.

Google: No Expectation of Privacy in Gmail Emails

From Slate:

If you happen to be one of the 400 million people who use Google's Gmail service for sending and receiving emails, you shouldn't have any expectation of privacy, according to a court briefing obtained by the Consumer Watchdog website. In a motion filed last month by Google to have a class action complaint dismissed, Google's lawyers reference a 1979 ruling, holding that people who turn over information to third parties shouldn't expect that information to remain private.

Texas Set to Enact New Bill Protecting Email from Government Snooping

From Ars Technica:

Assuming that Texas Governor Rick Perry does not veto it, the Lone Star State appears set to enact the nation’s strongest e-mail privacy bill. The proposed legislation requires state law enforcement agencies to get a warrant for all e-mails regardless of the age of the e-mail.

On Tuesday, the Texas bill (HB 2268) was sent to Gov. Perry’s desk, and he has until June 16, 2013 to sign it or veto it. If he does neither, it will pass automatically and take effect on September 1, 2013. The bill would give Texans more privacy over their inbox to shield against state-level snooping, but the bill would not protect against federal investigations. The bill passed both houses of the state legislature earlier this year without a single "nay" vote.

Despite the Texas law, all Americans remain vulnerable to email snooping attacks from the federal government. 

No Brainer: Email Should be Protected from Illegal Search and Seizure, Just Like Snail Mail

A California state senator has come to the radical conclusion that email should be afforded the same privacy protections as traditional snail mail.  How many people out there are unaware that their email correspondence is not secure against unconstitutional and illegal search and seizure?  From ABC Local:

If law enforcement wanted to read your letters or other paper correspondence, they have to get a warrant. But in this age of technology, you don't have the same protections. If your email has already been opened or is more than 6 months old, law enforcement and other government agencies can read them.

"The courts have said that the laws are very confusing and have permitted the government to search your emails held by providers without a warrant," said Francisco Loboco with the American Civil Liberties Union.

While government investigators generally look at email for evidence of criminal activity, that's not always the case. Email privacy became a national debate after CIA Director David Petraeus resigned over an extramarital affair. Privacy groups asked if the CIA can't keep the FBI from reading Petraeus' private email, what protections do ordinary people have?

State Sen. Mark Leno (D-San Francisco) wants to clearly define the line in California. Electronic communications should be no different than paper communications: They're all private.