The Privacy and Security Matters Blog continues to celebrate National Cybersecurity Awareness Month this October.
The Internet has become a primary medium for everyday communication, but individuals rarely consider the potential data security problems. Sending an e-mail or instant message is like dropping a postcard in the mail. Many people handle a postcard as it travels to its final destination, and a message can be seen, copied, and misused. E-mails have the same risks, unless they are encrypted.
While the lack of security for Internet communication has always been an issue, encryption tools have not been widely used. Many people do not understand how to use available encryption systems to wrap their e-mail in a digital envelope. Others believe they would be too difficult to implement. Recently, however, there has been an upsurge of interest in cryptography for e-mail, and other Internet communication, as many governments, including Western governments, have been stepping up their surveillance of the Internet.
The creators of cryptography tools have been making them easier to use. For example, “Crypto.cat,” a web service, allows secure instant messaging, which it tries to make as easy to use as any other internet messaging software. It does, however, note that the software is still experimental, and not reliably secure for those “attempting to circumvent government surveillance in authoritarian regimes.”
One effort to educate the public about encryption for Internet communications was sparked by the Australian Senate passing the Cybercrime Legislation Amendment Bill 2011, which allows the Australian government to require Internet Service Providers to store and disclose their subscribers’ communications.
The CryptoParty is a group of people setting up informal meetings and inviting others to learn about how cryptography works and how to use it. . The interest in communication security has also been developing in the United States, where the Cyber Intelligence Sharing and Protection Act (“CISPA”) was recently debated. According to that bill’s critics (which include the American Library Association and the ACLU), CISPA would effectively allow the government to engage in warrantless wiretapping of Americans’ Internet communications.