What’s the biggest threat to our civil liberties?
Is it a Congress hell-bent on closing all loopholes left to US citizens grasping for privacy?
That’s a threat, but not the biggest one.
Is it the rise of a presidential candidate who has pledged to dismantle fundamental legal protections, the foundation of America’s freedoms, since independence?
Good guess, but still not there – besides, previous occupants of the White House systematically destroyed those protections already.
No, the biggest threat to your civil liberties today is decisions by judges and unelected bureaucrats. The effect is far reaching and often not clear until months or years after they decision has been made.
One example is the decision last month by federal judge Henry Morgan, Jr. In a case involving a man accused of downloading child pornography, Morgan ruled that Americans have no “expectation of privacy” in their internet protocol address (IP address), a unique identifier for a computer, smart phone, or other electronic device connected to the internet.
You lose your privacy even if, as the suspect did in this situation, you employ defensive measures to avoid revealing your IP address, such as using a virtual private network (VPN).
Now, obviously this is by no means a defense of child pornographers, an obscene minority. Any thinking person can see that. The danger is, Morgan’s decision has a deeper impact for all our liberty.
According to his analysis, while the FBI had a warrant to conduct a search of the suspect’s computer, they didn’t really need it. Why not? Morgan reasoned since hackers can break into computers, police can too.
In other words, you have no expectation of privacy against a warrantless government search, you also have no expectation of security if you take measures to avoid one.
Based on that reasoning, because people get shot all the time in America, police can shoot anyone they want? You see the disconnect?
What about your home? About a decade ago, burglars broke into mine and stole a color television, stereo, and personal computer (fortunately secured with software encrypting the entire hard drive). Morgan’s decision indicates that since homes get burglarized, police can break into anyone’s home to search for evidence, without a warrant.
It gets worse. As absurd as Judge Morgan’s ruling is, the Supreme Court has approved an obscure change in Rule 41 of the Federal Rules of Criminal Procedure that would enshrine the hacking he approved – albeit with a warrant – into law. At the FBI’s request, the Court ruled in May that federal judges may issue nationwide “hacking warrants” if criminal suspects have made any efforts to hide their location.
Of course, that’s exactly what a VPN is designed to do.
In other words, if you don’t use a VPN, it’s open season for hackers on your PC or smartphone. And if you do use a VPN, it’s open season for the FBI.
The new rules go into effect December 1 – unless Congress blocks them. While the vast majority of our congressional members are spending most of their time campaigning for November reelection, a handful of them have promised to block the changes to Rule 41.
So, it is possible that Congress will act to block these rules. But I wouldn’t count on it. As always, if you want privacy or security, you must rely on you. Your only choice is to protect yourself.
As is often the case, some of the best solutions are outside the politically charged atmosphere of the US.
First, subscribe to a robust VPN to encrypt the data stream on your smartphone and your PC. The one that the FBI has apparently compromised is named “Tor,” originally developed by the US Navy. Some friends of mine who know much more about encryption than I do tell me it’s not Tor itself that has been compromised, but rather users’ implementation of it. Personally, I think this distinction is irrelevant for anyone other than encryption techno-groupies.
Instead of Tor, the VPN we use at The Nestmann Group is called “Cryptohippie.” The company’s only US presence is to authenticate connections to Cryptohippie servers in other countries. None of Cryptohippie’s servers are in the US. While I have no way of knowing if Cryptohippie is more or less secure than Tor, it is much less well known and thus likely to be a less attractive target for hackers (including government sanctioned ones) than Tor.
Second, use an email program that facilitates transmission of encrypted messages. My personal choice is Thunderbird, along with a free plug-in called Enigmail. Once you exchange encryption keys with the people you correspond with, Enigmail automatically encrypts and decrypts your messages. What’s more, the messages are permanently encrypted on the server on which they reside. Even if a hacker manages to penetrate the server itself, the content of the messages remains secure.
Third, if you use webmail services, ditch US providers such as Gmail, Yahoo, etc. Use a non-US service that is serious about security and encryption. We use a company called Century Media, which has its servers in Switzerland, for this purpose, but there are many other choices.
A good time to begin securing your electronic life would be today. The US government certainly isn’t going to do it for you.