Untrustworthy Internet providers

• Previous message (by thread): 30 Gmail Invites
• Next message (by thread): Ivan and outages
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 11 Sep 2004, Robert Bonomi wrote:
> > I agree.  The privacy implications are *really* scary.  (And they're
> > sufficiently worse for non-subscribers that I've contemplated blocking
> > gmail-bound messages from my (personal) systems.)
>
> While we're on  _that_ subject, what about Postini, or Brightmail, or -any-
> other big provider (e.g. SBC/Yahoo) that handles mail for multiple 'client'
> domains?
>
> Every one of those folks also reads and analyzes everybody's incoming mail,
> including correlating it with mail sent to other destination on their systems.
> AND correlating source (IP address and/or email address) with content.

The folks with the tinfoil hats are going to need extra shielding.

If you believe your provider is untrustworthy, mail storage is a small
part of your problems.  An untrustworthy provider doesn't need to run the
mail server to watch the traffic to and from it.  Encryption helps a
little, but that's true even if you used a provider's mail server.
Encryption is difficult for most people to do well.  If you put a personal
server in a co-lo, remember the co-lo provider potentially has physical
access to your equipment on their premises.

On the other hand, if your trust your provider enough to believe it will
conform to the law and contractural arrangements, you may make a rational
choice to rely on the service provider to maintain a mail server instead
of trying to maintain one yourself.  Some people hide their money in
a mattress in their house, other people keep valuables in a safe deposit
box at a bank.

US law may still be developing in the area of stored electronic
information in comparison to physical storage. US Supreme Court
Justice Marshall said in Couch (1973) "Placing [records] in a safe deposit
box is different from letting them remain for many years with an
accountant."  In the electronic world how different is storing a file
on a floppy disc in a physical safe deposit box of a bank for more
than 180 days different than storing the same file online in an
"electronic vault" of a Internet service provider for more than 180 days?

• Previous message (by thread): 30 Gmail Invites
• Next message (by thread): Ivan and outages
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]