In Part 2, we discussed Dealing with tracking software . Today, we’ll talk about Protecting your email information with security tools because email is yet another one of the ways your information is being acquired.
We’re going to look at this issue in two dimensions today. To begin with, when emailing to unknown parties: posting to newsgroups, mailing lists, chat rooms and other public spaces on the Net; or publishing a Web page that mentions your email address, it is best to do this from a separate pseudonymous or simply alternate address that can be easily acquired at no charge from email service providers such as Yahoo Mail or Hotmail. And, do not use any part of your name in the “throw away” email address. Addresses that are posted (even as part of message headers) in public spaces can be easily discovered by spammers (online junk mailers) and added to their list of targets. If this address is spammed enough to become annoying, you can simply delete it, and create a new one. Reserve your main or preferred email address for use with small, members-only lists and with known, trusted individuals.
On a separate note, most people think of the content of their email messages when they hear or read about email traffic being monitored or intercepted. Few, however, realize that the metadata content – the record of who you are communicating with and how often – is equally as important to some. Of course, we’ve recently learned that government agencies have been logging metadata on email communications for quite some time – and, in recent years, that data has included information on American citizens. In addition, the government has been acquiring contact lists from around the world to the tune of some 250 million people a year.
Interestingly, as a result of the spying tactics that are all too possible in the digital age, several small companies emerged that provided encrypted email services as a possible defense, but have since shut down when asked to provide their encryption keys. Additionally, while they were able to encrypt email message content, the use of email protocols such as SMTP, POP3 and IMAP left the metadata exposed. In the end, they felt the risks to their client base were too great – and may have yielded a false sense of security. New services are emerging which will encrypt both content and the metadata, but they will require the sender and the receiver to be using the same service, and will not be particularly useful until (and if) they become ubiquitous.
While typical email protocols do not permit protecting metadata content, there are steps you can take to secure the content of messages you send. First, if you are using webmail, be sure that you are using the common internet security protocols, SSL and TLS. You’ll know that you are if the browser’s address starts with https – and you should see a small padlock. On the other hand, if you are using a desktop email client, make sure you are connected via SSL/TLS over IMAP or POP3. If you are not, your email messages are being sent in clear text that can be easily read by others. Finally, the big three email services Gmail, Yahoo and Outlook, offer a security feature known as two-factor authentication. Be sure to activate that feature in your system.
In Part 4, we’ll talk about Defending against cyber stalking.
Protecting your personal information in an on-line world is a never ending and time consuming, but very necessary process for individual and family safety – especially today.