At 10:22 AM 10/11/97 -0700, Tim May wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I predict that nearly every company which enforces the PGP 5.5 corporate snoopware will in fact routinely convert every incoming and outgoing message to plaintext for searching by keywords, topics, etc.
This would be analogous to every phone call, incoming and outgoing, being recorded. Except that instead of having security people _listen_ to each recording, the messages can be glanced at quickly, marked for further review, compiled into dossiers, or searched for the keywords of interest to the security people.
(Please note that I am not saying such phone call or e-mail monitoring is illegal, or should be illegal. A property owner is free to define his own policies for how he uses his own property. This includes company phones, company computers, and even the time of employees while they are on his premises. The issues are not the legality or ethicality of such recordings and monitorings, but the dangers. And whether people such as ourselves should help build or deploy such surveillance capabilitities. Or work for companies with such surveillance policies.)
I further predict that this will actually _increase_ the amount of e-mail surveillance being done. Whereas today it is of course easy for companies to surveil unencrypted employee mail, I doubt that most of them do. But the adoption of snoopware like PGP 5.5 will raise the consciousness of company security people. "Hmmhh, maybe we ought to buy some of those e-mail keyword analyzers and combine them with our new purchase of PGP 5.5? If our employees are encrypting, we'd better keep tabs on them."
By building in such easily-enforceable snooping capabilities, and by building in such things as the ability to reject even _incoming_ e-mail which has failed to encrypt to the corporate key (as I understand the product), this greatly moves us toward a surveillance era.
Is this what "Pretty Good Privacy" really stands for?
I seem to remember that it was just this sort of feature set that Phil Zimmerman was grousing about when ViaCrypt came out with their "Business Version". It was used as one of the reasons for his takeover of ViaCrypt. I guess it shows you just how much influence he has on PGP inc now... "We have always supported the needs of law enforcement. We have always been at war with terrorists and law breakers." - Winston Zimmerman --- | "That'll make it hot for them!" - Guy Grand | |"The moral PGP Diffie taught Zimmermann unites all| Disclaimer: | | mankind free in one-key-steganography-privacy!" | Ignore the man | |`finger -l alano@teleport.com` for PGP 2.6.2 key | behind the keyboard.| | http://www.ctrl-alt-del.com/~alan/ |alan@ctrl-alt-del.com|