Phillip Zakas wrote:
none of the rep's claims are true. note that AOL-Hong Kong would be in violation if this were true. the rep is probably confusing laws regarding export of encryption/munitions. also note that it's nearly impossible to detect encrypted email anyway as the methods (obfuscation, steg., etc.) available outnumber detection techniques available to isps.
You may be right, but it would be most informative to learn if the major ISPs, telcomms, routers and so forth have been assigned a covert task to sift for encryption using tools supplied by TLAs. NSA, for one, has the ability to spot encrypted communications -- most if not all of them. Recall that crypto data is the singular type of data that NSA is permitted under law to acquire and retain indefinitely for future study no matter the source, even if the sources are otherwise proscribed communications of US persons. This is set forth in USSID18, the NSA guideline for electronic interception: http://cryptome.org/nsa-ussid18.htm As security wizards have long noted, if you use encrypted communications anywhere in the world you will be intercepted, stored and studied. That the global ISPs may be lending a hand with this should be no surprise, for that would be continuing the long history of commercial communications companies providing covert help to those who regulate them -- despite promises to customers of confidentiality (and the banks as well). The legal departments of ISPs are the principal means by which covert cooperation is arranged, oft-times without written orders, again as in the history of communications and banking. To be sure, your lovers may not know of your betrayals but your masters always will -- that's why the intelligence oversight committees were set up in the 1970s, to assure that your privacy is forever violable, as with banking oversight of your booty.