What NAI is telling people

[John Young]

Phillip Zakas wrote:

>none of the rep's claims are true.  note that AOL-Hong Kong would be in
>violation if this were true.  the rep is probably confusing laws regarding
>export of encryption/munitions.  also note that it's nearly impossible to
>detect encrypted email anyway as the methods (obfuscation, steg., etc.)
>available outnumber detection techniques available to isps.

You may be right, but it would be most informative to learn if the major
ISPs, telcomms, routers and so forth have been assigned a covert task
to sift for encryption using tools supplied by TLAs. NSA, for one, has
the ability to spot encrypted communications -- most if not all of them.

Recall that crypto data is the singular type of data that NSA is permitted
under law to acquire and retain indefinitely for future study no matter the 
source, even if the sources are otherwise proscribed communications of 
US persons. This is set forth in USSID18, the NSA guideline for electronic 
interception:

  http://cryptome.org/nsa-ussid18.htm

As security wizards have long noted, if you use encrypted communications
anywhere in the world you will be intercepted, stored and studied. That the 
global ISPs may be lending a hand with this should be no surprise, for that 
would be continuing the long history of commercial communications 
companies providing covert help to those who regulate them -- despite 
promises to customers of confidentiality (and the banks as well).

The legal departments of ISPs are the principal means by which covert
cooperation is arranged, oft-times without written orders, again as in
the history of communications and banking.

To be sure, your lovers may not know of your betrayals but your masters
always will -- that's why the intelligence oversight committees were
set up in the 1970s, to assure that your privacy is forever violable,
as with banking oversight of your booty.