I’ve been fighting for my right to privacy for quite a while now, ever since 9/11 and the bad legislation that quickly came out as part of the aftermath, which enabled and legalized broad digital surveillance. I base my sense of personal privacy on the Constitution’s Fourth Amendment, which states:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
My life has for decades extended into the digital domain, through e-mail and remove logins to other systems, and has since at least the mid 1980s when a lot of this was beginning to take shape. There is no hard demarcation between my physical home and its properties and the digital domain. For example I now get many of my bills delivered to my on-line mail account. It makes it far easier to find them, especially if I need to return an item or get it serviced. I can simply look it up on my phone and show it to the store staff. And yet, because of the Patriot Act and National Security Letters (NSL) any and all of my online life and digital “papers” can be made available to the demanding government party. Along with the NSL comes a defacto gag order that prohibits the on-line service from every telling me such a demand was made.
And that doesn’t begin to cover how my information is spied upon by the NSA and GCHQ, looking for whatever they deem important. Swept up in this world-wide dragnet is everything I send across the web. Assurances by the spooks who run those places that essentially if I have nothing to fear then nothing will happen is no assurance at all. And so, to have some sort of sense of privacy in some channels and corners on the web, to protect my Fourth Amendment rights, I’ve taken to doing the following:
- Where-ever possible I enable encryption on my data at rest. This includes, but isn’t limited to, emails and other personal electronic documents. The devices I own and that have encryption enabled include my iPhone, MacBook Pro, and all my iPads.
- I use an encrypted email service that isn’t hosted in the US for my data in transit. This service uses end-to-end encryption for the emails (meaning emails from/to me and to/from those that also use this service). Emails that are temporarily at rest on the service’s servers are encrypted. They don’t have the key. The only part of the service that isn’t encrypted is the metadata used to route the encrypted emails.
- I use an encrypted chat tool for end-to-end encryption, again for my data in transit. Again, the metadata used to set up the connection isn’t encrypted.
I’ve limited encryption, so far, to those few critical areas of my digital life I feel need this level of protection from prying eyes. And just to make sure you, the reader, understand, this won’t always stop the determined spook. Given enough computation horsepower at the NSA, for example, I’m sure they could brute-force a decryption attack if they felt it was needed. My use of encryption in this case isn’t so much to stop, as to slow down the inevitable. And of course if they did crack my encryption I’d never know. Sad times we live in…
It’s a pity I have go to this much trouble, but that’s the nature of the world we live in. The digital surveillance state has been building up slowly since the late 1970s, eroding our basic freedoms all in the name of safety. We’ve now reached a point where there’s little (if any) difference between domestic and foreign security services. Everybody want’s to spy on you. And with the election of Trump as president, domestic spying will only get worse. This carefully crafted surveillance system, built up over decades, is not in the hands of a man whose heinousness knows no bounds, especially if he wants to know, on a whim, what you might or might not know.