E-Mail, Privacy and the Law

Not From Me writes, "sendmail.net has an eye-opening article about how 'private' e-mail is in the eyes of lawyers and courts, called E-Mail, Privacy and the Law. Scary stuff, and important to know."

What's the point?

[zpengo]

We all know that e-mail should be private, the but the question is, "Why isn't it?"

E-mail can't be used to "prove" anything. It's disturbingly easy to forge. A printout of an e-mail could easily have simply been typed. There are no signatures, no postmarks, just bytes of data that can be forged by anyone who has half a clue what they're doing.

ICQ: 49636524
snowphoton@mindspring.com

Re:What if you delete or have "misplaced" it.

[TheTomcat]

Perhaps the best idea that I have is to simply have a convincing fake on hand to lure would be lawyers into thinking something else when it's really not the case.

Woah. I think you might be on to something here.

I'm not a crypto guru. I barely understand public key encryption as it is, but here goes:
What if an encryption scheme were devised where the plaintext is encrypted with two or more pivate keys (belonging to one person), plus the other key. The encrypted would decrypt to two or more different texts, depending which key is used.

So, I could encrypt "Meet me at midnight." and "Happy birthday, Ed." With two keys, into one block of encrypted text. Then, if I use my private key A, it returns "Meet me at midnight." and if I use my private key B, it returns "Happy birthday, Ed."

If we could somehow make the number of original plaintexts undetectable, could supply keys to those who demand them, where they would decrypt our code to get "Happy birthday, Ed." when the REAL secret was "Meet me at midnight."

I know I could've worded that better, but is this a possibility? Is it already being done? I know it's a little along the lines of Steganography, where the encrypted text is inserted into a piece of digital media, making it look less like an encrypted message.

Summary:
If we could encode, say, 4 strings into one crypto block, and have it return different unencrypted text for 4 different keys, while keeping the number of original strings undeterminable, the party decyphering the string would never know if they have ALL of they keys, thus they would never know if they have the data that the sending party doesn't want them to see.

Why is an encryption key discoverable?

[Get+Behind+the+Mule]

The article explained that an email is "discoverable" because it fits all the legal definitions of a "document", and documents are discoverable. That much I can follow.

Then it went on to say that encryption won't help, because your key can be subpoenaed; but no legal grounds for this were given. If I've committed my key to memory, it certainly doesn't seem to fit any definition of "document" (unless legal definitions are even crazier than I thought possible). So what are the legal grounds for forcing me to reveal something that exists only in my head?

Could someone with some legal expertise comment on this?

As I remember the Co$-vs-the-Net war, $cientology subpoenaed computer files from Grady Ward (who most certainly was not Scamizdat). So he turned over a bunch of files, including PGP-encrypted files, and that was that. He was never even asked for a key, IIRC. The Co$ went on to hire a Special Master who attempted to decrpyt the files, much to the continuing amusement of all observers.

The Co$ notoriously uses every legal means available to get what it wants. So if they didn't even ask for a key, I'd very surprised if there is any legal grounds for doing so at all.