Sunday, July 27, 2008
Keeping e-mail private
Christian Trejbal
Recent columns
- Montgomery schools' $6.2 million deficit
- This column does not compute
- Make political parties pay for their primaries
- Tough times ahead for schools
From the RoundTable blog
I never thought I would have to figure out how to keep President Bush from reading my e-mail, but now I do. Congress recently empowered Bush's spies to read my digital correspondence.
Phone calls and e-mails are at risk because congressional Democrats pathetically caved to administration demands on the Foreign Intelligence Surveillance Act. Much of the debate over the bill centered on retroactive immunity for telecommunications companies that helped the administration break the law.
The media and pundits talked less about the changes that endanger Americans' privacy. By passing the FISA revisions, Congress cleared the way for federal snoops to listen in on far more electronic communications, especially those going overseas.
Usually, at this point in a column, I would explain how the country shamefully undermines civil rights to appease fear-mongers. I would passionately argue that patriotic Americans should condemn the changes.
Meanwhile, a little voice in the back of my mind would remind me that like so many stupid things the government does, this does not really affect me.
Except this time, it does. As I studied the government's new power to spy, I realized that I and millions of other innocent Americans must now fight for our privacy from government snooping.
I have been sending a fair amount of e-mail overseas recently.
An English friend from way back contacted me out of the blue. He's living in South Africa.
Two other friends live in Canada. A couple of others travel to Japan now and then.
And a good friend is working for a nongovernmental organization in Liberia, where they do not have phone lines but they do have painfully slow Internet connections.
Complicating things, last month, all of that e-mail started routing to Google Mail rather than the private server that had been hosting it.
Granted, those are not the most incriminating circumstances, but they could still catch the eye of some National Security Agency software scanning the Internet for odd patterns. That might be all it takes to encourage the president's minions to start reading through my mail. They wouldn't even have to check with the courts for the first week.
Even if they do not read every message, my e-mail could wind up in a vast government database used for data mining.
My messages would not land me in Guantánamo Bay, but my friends and I prefer to keep our conversations between us. What we say to each other is none of the government's business.
It is finally time to start encrypting our e-mail. For years, I had toyed with the idea, but I did not have sufficient motivation until now. No doubt there are security advocates out there who will say I was a fool for waiting.
It is surprisingly easy to scramble e-mail so that the White House cannot read it. I opted for software called Gnu Privacy Guard, an open source implementation of public key cryptography. There are versions for Microsoft, Apple and Linux systems.
An extension for my Firefox browser, FireGPG, lets me encrypt Google Mail messages with the push of a button.
The math behind public key encryption is complicated, but the idea is simple. The software generates two keys -- really big numbers -- that make it all work. I make one key public. My friends use it to encode messages to me.
The public key can't decode that message, though. To do that, I use the second key, a private key that I keep secret.
Meanwhile, my friends have their own public keys I use to encrypt messages to them.
In theory, the government could crack the code, but it would take modern computers hundreds of years.
More Americans, I suspect, will soon encrypt their international correspondence, and it probably will not stop there.
If anyone can start encrypting e-mail in less than an hour, there is nothing to stop terrorists from doing so. And if the dangerous people can encrypt their e-mail, what good are the FISA revisions anyway?
All they really do is make it easier to catch exceedingly stupid terrorists and to invade the privacy of Americans unaware that the government may read their e-mail without judicial oversight.
Trejbal is an editorial writer for The Roanoke Times based in the New River Valley bureau in Christiansburg.
