[Discuss] Data including email, stored in the cloud, may be available to law enforcement without search warrant

[Rich Braun]

markw at mohawksoft.com pointed out:
> Assuming your ISP allows encryption to a server on your premises. Most
> email servers are outside of your premises and thus in the custody of a
> "provider."

And--don't forget that an ISP which blocks incoming or outgoing port 25 forces
the issue.  The best I've been able to do with my consumer-grade $50/month
service is to set up separate inbound/outbound email services, which
themselves are independent of the ISP.  Encryption protects data through the
ISP to or from a remote vendor's servers (where it's sitting decrypted on a
hard drive long enough to relay).  So even though I run my own server on my
own premises, where a search warrant would be required to get at it, one or
both mail providers is likely within subpoena range.  (Come to think of it, my
outbound messages actually go through a couple different providers.)

I've been targeted in a John Doe case in which a mere law firm (not a law
enforcement agency) served a subpoena against a major email provider.  The
rules are pretty hazy and your data definitely is not safe from prying eyes.

The best I could do is force anyone after my email to have to go through
multiple companies in multiple jurisdictions.  Since the correspondence is
boring not just to the FBI but to everyone else, I think it's pretty safe. ;-)

-rich