In the modern era, citizens of many countries enjoy a fundamental right known as the “secrecy of correspondence”, which guarantees that communication between two individuals is kept private with a few notable exceptions. First, the government affording the right may revoke it if probable cause exists, and issue a warrant allowing law enforcement to intercept the communication (e.g. wiretapping a phone). Second, the government may covertly collect information on citizens of other countries provided the goal is self-defense and the other nation has no idea, or no objections. As technology races ahead of our constitutional law, those notable exceptions have been warped to the detriment of the internet user.
Consider, in the first instance, the United States Congress has vested the power of mass electronic espionage to several of our intelligence organizations. Working with many of the companies in the business of digital communications (Google, Apple, Facebook, etc.), the National Security Administration and the Federal Bureau of Investigations have circumvented restrictions by retrieving the communication logs from third parties rather than from the individuals themselves. Thus, while it is illegal for the government to hack your computer and retrieve emails, it is perfectly legal for them to ask Google for their copy of the data. This begs the question, why doesn’t the company I trust with my digital letters honor my right to privacy?
In the second instance, the picture gets a little more conspiracy-like and reaches an international scope. As more of the documents pilfered by Edward Snowden get sifted and processed by journalists the world over, it becomes increasingly apparent how close we really are to a global, Orwellian state. In a parallel to the ‘G-7’ and ‘G-20’ layers of membership over the relative size of global economies, there exists such groups known as ‘Five Eyes’ (USA, GBR, AUS, CAN, and NZL), ‘Nine Eyes’ (+ DNK, NOR, FRA, NLD), and ‘Fourteen Eyes’ (+ DEU, SWE, ESP, ITL, BEL). These groups all tap into the backbones of the internet running through their nations ostensibly to spy on other nations in self-defense. However, Snowden leaked documents imply that they are all sharing their information, giving them a comprehensive and redundant access to the internet traffic. The consensus in the intelligence community is that this collaboration has paid too many dividends to members to be dismantled now that it is public knowledge.
This revelation has started a grassroots movement to reinvent many of the services we enjoy on the internet outside the sphere of influence of the many prying eyes. Many are trying to introduce improved security into existing email accounts with varying degrees of complexity and success. One remarkable attempt is ProtonMail, a mail service now in its beta phase created by some of the scientists working at CERN. The service is incorporated and hosted in Switzerland, and they declare “Only a court order from the Cantonal Court of Geneva or the Swiss Federal Supreme Court can compel us to release the extremely limited user information we have.” With features such as end-to-end encryption between ProtonMail users, secure message hosting when mailing non-ProtonMail users, and timed-deletion of messages, this service really aims to provide the “secrecy of correspondence” which many nations are subverting. Reserve your preferred email address while the project is still young!
The desire for end-to-end encryption in instant messaging services has led to several new methods of chatting online in private. In no particular order: The first is known as off-the-record (OTR) communication protocols, which can be added to several existing programs to add security. The software was written to create the level of secrecy which is necessary for investigative journalism and whistleblowing; messages are encrypted and anonymous, which means that even if someone compromises your computer, there is still no record of who said what. The second is the ‘Tor Instant Messaging Bundle’ brought to you by the Tor project. Everyone running their program contributes to a network of relays which messages get passed around before exiting the network, making the original sender effectively anonymous. The software unpacks on any machine ready to relay encrypted instant messages across the network, hiding the sender identity and message contents from third parties. The last is an honorable mention of the progenitor of modern messaging services—the internet relay chat (IRC). This software allows users to turn their computers into chatrooms for guests. Using with proxies, VPN clients, or software addons, it is possible to create a massive, online forum behind closed doors, and with the vintage interface of the 1990s. IRC clients come in standalone form (mIRC) or as browser addons (chatZilla).
Secure video communication is both the most difficult and the most valued form of private communications. Until recently, Skype was the primary provider of encrypted contact. However, their acquisition by Microsoft and evolving and mysterious privacy policies have led many to question how secure their service remains. Enter ‘jitsi‘, a program which promises encryption by default, high quality video and audio communication, integrated OTR chat, compatibility with existing instant messaging protocols (e.g. AIM, Facebook, Google Talk, etc.) and even presentation-sharing capabilities and desktop sharing for possible enterprise use. Users don’t even need to create an account and jitsi is cross-platform for all operating systems. The service appears to be a comprehensive option for communicating over the internet with near-total privacy.
A little digging will yield plenty of options for protecting yourself in this wild west of a world wide web. The ones listed here are just a selection, but I would encourage all internet users to seek out the options which best fits their needs.