Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Data including email, stored in the cloud, may be available to law enforcement without search warrant



markw at mohawksoft.com pointed out:
> Assuming your ISP allows encryption to a server on your premises. Most
> email servers are outside of your premises and thus in the custody of a
> "provider."

And--don't forget that an ISP which blocks incoming or outgoing port 25 forces
the issue.  The best I've been able to do with my consumer-grade $50/month
service is to set up separate inbound/outbound email services, which
themselves are independent of the ISP.  Encryption protects data through the
ISP to or from a remote vendor's servers (where it's sitting decrypted on a
hard drive long enough to relay).  So even though I run my own server on my
own premises, where a search warrant would be required to get at it, one or
both mail providers is likely within subpoena range.  (Come to think of it, my
outbound messages actually go through a couple different providers.)

I've been targeted in a John Doe case in which a mere law firm (not a law
enforcement agency) served a subpoena against a major email provider.  The
rules are pretty hazy and your data definitely is not safe from prying eyes.

The best I could do is force anyone after my email to have to go through
multiple companies in multiple jurisdictions.  Since the correspondence is
boring not just to the FBI but to everyone else, I think it's pretty safe. ;-)

-rich





BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org