Email and Security

Reading over my shoulder?

People who do a lot of email (I don’t do a lot, not by corporate standards, but I’m not exactly an online recluse), are increasingly concerned by the lack of privacy in this area of communication.

Some of us are keen to see the modes of communication used on the Internet become commonplace for all (hence the title of this blog, in case you just landed up here and are still wondering), and now it is necessary to study how best to handle questions of privacy, when setting up email services on wide area intranets.

Intranets are more or less the same thing as local area networks, but the term refers more to the services running on the network, rather than to its physical infrastructure. The terrific advantage of such services is that they can be set up in a manner that avoids centralised control. In fact, they need not have a centralised structure to begin with.

So what can one do with a decentralised network? The sky’s the limit, almost, and new applications and services emerge almost every day.

Here’s a brief little list: email (well, of course, that’s what this note is about), telephony, teleconferencing, videoconferencing, document sharing (documents can be text, graphic, animated, aural or video too, not to mention permutations and combinations of each of them together) and many more. Within each list item there are subdivisions in terms of user experience, for example one popular objective of videoconferencing is telemedicine.

Running such applications over an intranet is substantially different from running it over the Internet. The most significant difference is that the data traffic does not go outside the network. If the network is made up of small local networks, the traffic still remains local. This is very important, because there is no international link needed. That really cuts down on the cost of being connected, and even more substantially on the cost of exchanging data (each application involves nothing more than data exchange, at a fundamental level).

What it amounts to is communication that can be intensely meaningful, that compares in many ways with the quality of interpersonal face-to-face communication, but has the ineffable quality of remote communication that brings together people from different communities and walks of life. Seems a bit too wonderful to believe, and indeed much of this is merely science fiction, until people of goodwill and knowledge get together to make such networks come alive in all parts of our world.

The hysteria around the Internet and the very high commercial values endemic to it, tends to downplay this vital new possibility. When something is new, the first flush of interest in it is very intensely commercial, but after a while it becomes commonplace. Later, it starts evoking new possibilities that create their own commercial excitement.

Thus with telegraphy, which evolved into telephony, which evolved into the Internet. Now we have many examples of powerful intranets serving communities around the world, where communication to remote external networks, via the Internet, is secondary.

To most people, email is closely linked to the Internet, and perhaps within that, to the highly visual Web. From a technological viewpoint, however, it can work just as well, just as usefully, on local networks.

These day, governments, even democratic governments, find it very convenient to adopt intrusions into personal privacy as a matter of state policy. They lean heavily on commercial service providers to snoop on customers, an then it becomes quite interesting to see how such intrusions are avoided, as a matter of commercial policy.

A recent article by Erik Larkin in PCWorld examines the three top email service providers in the world. The purpose is to find out policies that best safeguard the personal privacy of users, who must surrender some personal rights to the provider, but do so in the hope that this will not be used against them.

The article weighs the different policies adopted by Google, Yahoo and Microsoft (Hotmail), and concludes that each has its strengths and weaknesses. Google asks customers the least amount of personal information in exchange for providing a free service, but also extends users the maximum opportunity (60 days) to reconsider email deletions. Storing such information opens the company to possible revelation of such content to nationally or internationally authorised snooping, however.

As we evangelise the spread of grassroots community movements, especially in developing countries, it is important to be aware of the possibilities of future corrosive and intrusive policies by nation-states, that can serve to weaken the personal rights of community members. It is possible, and perhaps necessary, to adopt suitable precautions right from the beginning, at the stage of network planning and subsequent service planning and deployment.


Leave a comment

Filed under Accessibility, Blogroll, Community, connectivity, Democracy, development, Email, governance, Internet, Intranet, Media, Privacy, Security, social processes, technology

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s