What’s the biggest threat to your civil liberties?
Is it Congress crushing every loophole you grasp at for privacy?
That’s a nightmare, but there are bigger.
Is it the rise of presidential candidates who pledge to dismantle fundamental legal protections?
Good guess, but still not there – besides, previous occupants of the White House destroyed those already.
The biggest threat to your civil liberties are judicial decisions and the actions of unelected bureaucrats. Often, the deep effect of these is unclear for months or even years.
One example is a recent decision by federal judge Henry Morgan, Jr. Morgan ruled that Americans have no “expectation of privacy” in their internet protocol address (IP address), a unique identifier for a computer, smart phone, or other electronic device connected to the Internet.
You lose your privacy even if, as the suspect did in this situation, you employ defensive measures to avoid revealing your IP address, such as using a virtual private network (VPN).
According to Morgan’s analysis, while the FBI had a warrant to conduct a search of the suspect’s computer, they didn’t really need it. Why not? Morgan reasoned since hackers can break into computers, police can too.
The effect on all our liberty will be devastating.
In other words, you have no expectation of privacy against a warrantless government search, you also have no expectation of security if you take measures to avoid one.
Based on that reasoning, because people get shot all the time in America, police can shoot anyone they want?
What about your home? About a decade ago, burglars broke into mine and stole my television, stereo, and personal computer (fortunately secured with software encrypting the entire hard drive). Morgan’s decision indicates that since homes get burglarized, police can break into anyone’s home to search for evidence, without a warrant.
It gets worse. As absurd as Judge Morgan’s ruling is, the Supreme Court has approved an obscure change in Rule 41 of the Federal Rules of Criminal Procedure that would enshrine the hacking he approved – albeit with a warrant – into law. At the FBI’s request, the Court ruled in May federal judges may issue nationwide “hacking warrants” if criminal suspects have made any efforts to hide their location.
Related Reading: If You Use Tor Browser, The FBI Just Labeled You a Criminal
Of course, that’s exactly what a VPN is designed to do.
In other words, if you don’t use a VPN, it’s open season for hackers on your PC or smartphone. And if you do use a VPN, it’s open season for the FBI.
The new rules go into effect December 1 – unless Congress blocks them. While the vast majority of our congressional members are spending most of their time campaigning for November re-election, a handful of them have promised to block the changes to Rule 41.
Will Congress block these rules? I wouldn’t count on it. As always, if you want privacy or security, you must rely on you. Your only choice is to protect yourself. But how?
As is often the case, some of the best solutions are outside the politically charged atmosphere of the US.
First, subscribe to a robust VPN to encrypt the data stream on your smartphone and your PC. The one the FBI has apparently compromised is named “Tor,” originally developed by the US Navy. Some friends of mine who know much more about encryption than I do tell me it’s not Tor itself that has been compromised, but rather users’ implementation of it. Personally, I think this distinction is irrelevant for anyone other than encryption techno-groupies.
Instead of Tor, the VPN we use at The Nestmann Group is called “Cryptohippie.” The company’s only US presence is to authenticate connections to Cryptohippie servers in other countries. None of Cryptohippie’s servers are in the US. While I have no way of knowing if Cryptohippie is more or less secure than Tor, it is much less well known and thus likely to be a less attractive target for hackers (including government sanctioned ones) than Tor.
Second, use an email program that facilitates transmission of encrypted messages. My personal choice is Thunderbird, along with a free plug-in called Enigmail. Once you exchange encryption keys with the people you correspond with, Enigmail automatically encrypts and decrypts your messages. What’s more, the messages are permanently encrypted on the server on which they reside. Even if a hacker manages to penetrate the server itself, the content of the messages remains secure.
Third, if you use webmail services, ditch US providers such as Gmail, Yahoo, etc. Use a non-US service that is serious about security and encryption. We use a company called Century Media, which has its servers in Switzerland, for this purpose, but there are many other choices.
A good time to begin securing your electronic life would be today. The US government certainly isn’t going to do it for you.