Who Else Is Reading Your Mail?

There is something going on that bears watching.

I am not a person that readily supports grand conspiracy theories. And I don’t think there is one here. But individual agencies are putting in place some dubious policies that are inimical to the freedom of the Internet. In my view, this presents a direct and significant threat to the emerging e-commerce environment.

I have recently introduced a free service that offers a far more powerful, reliable and confidential form of email called 1on1mail. The product incorporates the most powerful encryption available, leading me to think far more about web privacy issues.

Universal access to encryption is making the job of agencies like the NSA and FBI harder. There is no doubt that criminals are already using encryption and the Internet to bury illegal activities. Imagine the frustration of an agency that impounds a computer belonging to a known criminal, who then finds the contents of the disk indecipherable.

But is this a justification to try to prevent honest people from enjoying the same level of confidentiality? I don’t think so. In any event, regulatory agencies are trying to control the uncontrollable. The truth is, criminals do not need off-the-shelf encryption products. They have well, other ways!

How can business on the web survive and flourish without privacy? Can professionals communicate over the Internet if they know that their competition or the government can follow their deliberations? If I am a tax adviser or accountant or lawyer communicating with my clients, would my client willingly accept that others may be listening in?

In two words: No way. And encryption is the antidote to this vulnerability.

It seems to me that there may be some covert (and unpublicized) pressure on our larger players. Netscape browsers, in certain circumstances, will transmit the last 88 bits of a 128-bit encryption directly to the NSA, thus reducing its effectiveness to 40 bits and allowing the NSA to crack that encryption with routine ease.

And consider the puzzling addition of a unique identifier in the Pentium III. And Microsoft stamping a unique identifier onto Word documents in Win98. Are these all coincidental or are some agencies doing a bit of arm-twisting?

The problem is that some quite innocent people are bearing the brunt of these agencies. In short, TRYCHO Corporation has charged Midi Haven with conspiracy to defraud by displaying midi files on the Internet which are the sole property of TRYCHO. TRYCHO sued Midi Haven for $6.6 million in damages, and the FBI has set up a surveillance team to investigate the site’s owner.

Seems like an open and shut case. But the story is not so simple. It appears from the article that Midi Haven quite innocently hosted these files, which in any event should not be subject to copyright. But as a result of this case, the FBI announced its intent to begin monitoring all emails sent over the Internet for possible violation of US law.

I am in no position to make a judgement here whether Midi Haven is in breach of copyright law or not. But the process is truly horrifying: Midi Haven was neither informed nor warned. It apparently had no way of knowing that these files were considered the copyright of TRYCHO.

And the FBI seem to be taking this case as an invitation to snoop wholesale on email. Wouldn’t there be outrage if the FBI announced an intent to monitor all snail mail?

So encryption indeed offers a secure future for email. A PGP plug-in will give you 128-bit encryption, so that no one can read your mail. Free 1on1mail offers still more protection at 448-bit encryption, and also provides guaranteed delivery, tracking and anonymity as well.

Do you have any alternative?