Data Privacy Issues

Conceivably one could take up residence 'off the grid' and achieve a high level of data privacy. Unfortunately most of us have deep-seated needs for human interaction and email. Concomitant with human contact and online activities are data privacy conundrums. Email is at risk, online transactions are at risk, and even withdrawing cash from the ATM down the street becomes problematic. Herein we look closely why personal email is at risk and how it might be protected.

Long ago a wise person suggested that all email should be composed under the assumption that the text will eventually appear on the front page of the New York Times. We hunch over our keyboards in perceived seclusion, tapping out what we want to believe are private messages. Unfortunately, we don't realize the circuitous path that our composition will take before reaching its' final destination. Clicking Send is an exercise in blind trust. Your bundle of words starts out from your ISP (Internet Service Provider) server and ends up on a computer owned by the ISP of your recipient. In between? In between we have no clue. Rarely is there a direct path between the two servers. Your confidential information may traverse 10 or more different servers in between. Each server receives a copy and relays it to a computer closer to the ultimate destination. The Internet is designed this way. Hopefully all intermediate copies are deleted shortly after being relayed. Your data is hardly private along the way. Sending the same message to the same recipient tomorrow will probably result in a completely different path. Are all the servers managed by high-minded computer experts with no interest in your personal data? Probably not. Certainly the majority IT personnel couldn't care less about your dinner plans this weekend, but it only takes one unscrupulous snooper to latch onto your private data.

Is there any way to increase data privacy when sending and receiving email? One option is to encrypt your messages using a public/private key combination. The public portion of the key is readily available to the entire digital world. The private key lives on your computer and is known only to you. Anyone wishing to send you an encrypted message simply uses the public key to obfuscate the text. Once received, you use the private component of the key to decode the information. As the message hops from server to server, anyone attempting to browse it will be presented with gibberish.

Computers are not 100% secure unless they are completely offline, but a public/private key strategy can greatly increase data privacy levels. You will need the co-operation of your correspondents; anyone who sends you a message will need your public key and along with appropriate software to encrypt their words.

Keep your data a little safer by implementing a public/private key strategy. Ask your ISP (better yet, ask a trustworthy middle-school hacker) about email encryption options. Once installed, the privacy infrastructure is mostly painless to use. Many emailers include their public key as part of their email signature. Doing this provides a method for others to reply to them in a relatively secure manner. Data privacy is increased at very little cost.

Plug-ins are software programs that enhance the capabilities of other pre-existing programs. Many plug-ins are available for adding public/private key capabilities to popular email programs. Check out this list of plug-ins for useful encryption tools. Be prepared for a little resistance; each person who desires to send you an encrypted message will also need to install a plug-in that's specific to their email program. Fortunately you don't need to 'cut over' to a totally encrypted world in one fell swoop. You will still be able to receive clear text (unencrypted) messaged along with encrypted messages.

Look for free plug-ins that are compatible with your email client. Popular email clients are Outlook, Outlook Express, Thunderbird, and Opera. Plug-ins can be identified for all of these common clients. If you use a web-based email program provided by your ISP or your employer, ask them what security options they might provide.

Be aware of the insecure nature of eMail. Look into adding public/private key encryption to your email program to increase mail security.

Some images may be courtesy of http://www.freedigitalphotos.net/