US Policy Would Allow Government Access to Any Email

An anonymous reader writes "National Intelligence Director Mike McConnell is currently helping to draft a new Cyber-Security Policy that could make the debate over warrantless wiretaps seem like a petty squabble. The new policy would allow the government to access to the content of any email, file transfer, or web search."

Re:Amendment IV to the Constitution

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

"It's just a fucking piece of paper." -- US President George W. Bush on the Constitution

Re:Really?

[gnick]

And what is it going to do about my encryption keys? If things go really badly, they could pass legislation similar to the UK's that makes it illegal to withhold encryption keys and passwords if you're hit with a warrant. I'm sure if anyone has tried the "I forgot" defense yet.

Encrypt your email

[gillbates]

Seriously. There are already libraries such as FLTK and QT for the graphic front end. For the back end, you could use XySSL, OpenSSL, or even GNU GPG.

I'm about 20 hours into an encryption client, and I've already got people using it. I initially wanted to use GPG, but realized that most technophobes won't go for a command line application. So I pulled out FLUID (the FLTK design utility) and had a prototype working within hours.

Today, there's no excuse for not encrypting your email. I realize that you may think you have Constitutional rights in this regard, but GW & Co. have the guns, the taxpayer financing, and even the (unsolicited!) cooperation of the major network carriers. It doesn't matter what you think the Constitution says if you can't even get a trial. You're on your own from here on out.

So why encrypt, even if you've nothing to hide? Well, simple, really. Why let the government violate the 4th ammendment with impunity? If you encrypt your email, the government can't perform secret, mass surveillance. Sure, they can pound on your door, and even demand the key. You might even have to give it to them. But in them doing so, you've achieved three key goals:

1. In order to get the key from you, they'll have to contact you. So they can't secretly eavesdrop on your communications.
2. Should you refuse the key, they will have to convince a judge to order you to divulge it - thus, your 4th ammendment rights are preserved - the judge will require probable cause before issuing the order.
3. In demanding the key, the issue will move from the administrative branch to the judicial branch. You want to force the government into the courtroom so that your other rights are not trampled as well.

Encryption is highly Constitutional (TM) software. It keeps terrorists from eavesdropping on our conversations, knowing our whereabouts, and stealing our valuable intellectual property. If the government can't read my email, neither can the terrorists.

Be patriotic. Support the Constitution. Encrypt everything.

Unless it's bundled with Windows...

[Joce640k]

Unless it's bundled with Windows then a mass change to encrypted email simply isn't going to happen.

Encryption should have been built into the protocols from the start but now I'm afraid the horse has bolted.

Re:You can't let the terrorists win

[chuckymonkey]

Huge Wall O' Angry Rant Follows

Let me put it as easily as I can, we all worked a ummmm special mission. We were all very well trained with how to handle security and put in a position of trust. Yes it was my personal laptop and yes they can scan it which pretty much says that they don't trust me. However as you seem to be an officer just what would you have done? Can you punish me for having pictures of myself on my personal computer? Would JAG back that up? Also a few more circumstances here, they do care about obscene material as they scanned my computer mid tour and found some nude pictures of my wife and demoted me for that. I also was the guy that as a specialist redesigned the entire IT infrastructure that we were using to increase productivity substantially, I ran the entire network by myself, I ran a pacing item by myself, ran the websites by myself, built a server for them, and was the main CRO all that in addition to my regular job of 98C. Another thing that was fun was whenever the Trojan Spirit II went down they had to call me in no matter what time it was to come fix it(at least once a week because no matter how hard I screamed for them I couldn't get the A/C units fixed). I asked for people to train on the various systems, but they couldn't spare even one tech oriented person even though I had guys volunteering for it. I spent three days in the back of that damned thing working on it one time without sleep or food because my NCO's couldn't be bothered to at least bring me food, towards the end of that the ACE Cheif came to bitch about it not working. I politely told him to shut the fuck up and let me finish my job. So if I wanted to do some damage or betray anyone I damned well knew how to do it, scanning my personal equipment was a slap in the face to me and did not deserve my cooperation. Needless to say I had no respect for any level of my leadership as I was trying my hardest for a long time to be a good soldier and cooperate only to be fucked constantly. Yes, my point of view is one sided, but if they had a real problem with me then dammit that's what a counseling statement is for(I was an NCO for a while until the incident) and it could have been spelled out so I could fix it. I just didn't play games and called people out on bullshit so they didn't like me. So fuck the Army, I'm out now and they can kiss my ass.

Re:Really?

[Grave]

Seems to me if we lose the fifth amendment argument, the second amendment becomes our new best friend.

It seems almost every day I become more and more angry with the crap that our "representatives" do on "our behalf". If the PDF linked in this article actually existed, I'd be typing up letters to my congressmen. Unfortunately the article fails to present itself as credible because of a lack of sources, so in the event that the allegations are true, we don't have enough information to do anything.

what are the odds..

[purpleraison]

I hate to be the one that brings this up, but it needs to be said:

If the Bush administration 'loses' and 'accidentally deletes all traces' of their email every time they are being investigated, how could our inept government monitor the email of over 300,000,000 people in america?

Certainly there is a LOT of sarcasm in that question, but seriously [b]what grounds to they legitimately have[/b] to require access to users email WITHOUT a warrant? None if you consider that even our White House has redundant backup of their email which is likely on some cheesy Exchange server somewhere.

That means they have tons of time to get a warrant should it be justified.

Re:Really?

[FrozenGeek]

So, suppose Alice and Bob use asymmetric crypto to encrypt the email (and not just to share a symmetric session key but to actually encrypt the plain text). Yes, I know it's horribly inefficient, but cpu cycles are cheap and most email is only a few KB long, so it's not that horrific a thought. If No Such Agency hassles Alice over an encrypted email she sent to Bob, she says that she used Bob's public key and cannot decrypt it - only Bob can do so. Assuming Bob lives somewhere that No Such Agency can hassle him, he hands them his "private key" that decrypts the email to rubbish and says "Sorry, Alice must have screwed up the encryption". Worst case scenario, both Bob and Alice are screwed. Best case, No Such Agency is very unhappy.