Other Resources The Political Joe » government email / security Rss Feed  
Moderators: k9car363, alicefoeller Reply
2016-07-07 1:01 PM

Master
5557
50005002525
, California
Subject: government email / security

So I had a question that sort of branches off from the Hillary thread, but deserves a discussion of its own.

In the USA, how do we - as a republic - both secure our government email communications AND preserve them for recordkeeping / FOIA requests / historical archiving?

I'm a tech guy so this crosses my mind a lot.  Don't worry, this isn't a question about the tech, but rather it's about how we handle government oversight.

 

In the civilian world, on the simple side, most of us email back and forth and things sit on a Microsoft or Yahoo or Google server.  Maybe your ISP's server.  In any case it is all plain text and anyone in the system can read it.  If the FBI subpoenas one of those companies, they just hand it all over.  If someone hacks it, they can read everything.

If you want to secure your email, you can set up a public/private key and encrypt.  In a nutshell, only you and the recipient can read the contents of that email.  Done properly, it is pretty robust and safe.

 

Now look at the government context.  Let's take someone like the Secretary of State.  Lots of email correspondence with lots of different government officials.  A lot of those have multiple recipients.  My gut feeling is the government servers should have a similar setup.  Everyone gets their own key.  All the public keys go on a government server.  Anyone official correspondence gets encrypted.  Only the intended recipients can read it.  And you can verify that the person who sent it is, indeed, who you think it is.  That's the "easy" part.

So now, someone like the FBI wants to legally read a bunch of email which they were not involved with.  This means we need a master key to decrypt it.

Who owns that key?Who secures it from foreign actors?
How do we avoid abuse?

Separation of powers is a major design feature of the Constitution.  Is a master key too much power concentrated in one place?

I'm not a government official at that level, so I honestly don't know what kind of system they have in place.  This is really the NSA's wheelhouse, but they are focused on *foreign* surveillance.  So I'm asking how you would approach this.



2016-07-07 2:07 PM
in reply to: spudone

User image

Champion
10154
500050001002525
Alabama
Subject: RE: government email / security

I think government email should all be on government servers and archived at the server level.  I was surprised to hear today that members of congress have private email accounts. I think this should change.  All work that a congressmen does should be subject to FOIA rules.  I was also surprised at the ignorance a couple of the congressmen displayed today concerning email and handling of classified information. 

The biggest challenge facing the country is preserving these electronic records but at the same time protecting our nations secrets as well as corporate intellectual property.  Cyber security is the fastest growing technical field in the country right now. 

2016-07-07 2:41 PM
in reply to: spudone

User image

Deep in the Heart of Texas
Subject: RE: government email / security

It's a really good question.  IMHO, if it is classified it should only be shared with encryption like you described.  In this day and age it seems to complicated not to send information electronically, but sometimes convenience is outweighed by security.  I don't believe anyone should have a master key.  If the executive branch believes it needs to see an encrypted email, they should get a court order.  Once again, checks and balances can be inconvenient but that is the price of the republic.

2016-07-07 2:58 PM
in reply to: 0

User image

Champion
10154
500050001002525
Alabama
Subject: RE: government email / security

Originally posted by Hook'em

It's a really good question.  IMHO, if it is classified it should only be shared with encryption like you described.  In this day and age it seems to complicated not to send information electronically, but sometimes convenience is outweighed by security.  I don't believe anyone should have a master key.  If the executive branch believes it needs to see an encrypted email, they should get a court order.  Once again, checks and balances can be inconvenient but that is the price of the republic.

 

nevermind



Edited by Rogillio 2016-07-07 2:59 PM
2016-07-07 3:23 PM
in reply to: 0

Master
5557
50005002525
, California
Subject: RE: government email / security

Originally posted by Hook'em

It's a really good question.  IMHO, if it is classified it should only be shared with encryption like you described.  In this day and age it seems to complicated not to send information electronically, but sometimes convenience is outweighed by security.  I don't believe anyone should have a master key.  If the executive branch believes it needs to see an encrypted email, they should get a court order.  Once again, checks and balances can be inconvenient but that is the price of the republic.

Right, but I mean, *after* they get a court order, there has to be some way to decrypt it.  Who owns that special key?  The Supreme Court maybe?

I think probably a majority of our government people are non-technical and don't think about this stuff.  To me, the #1 priority should be securing communications against foreign intrusion.  Preventing abuse by our own officials is #2.  But those things sometimes conflict :/

 

Edit: and to Rogillio, I agree about archiving it and keeping it on government servers.  If you're a government official, you need to adjust, and be vigilant about using work email for work only, and personal email for non-work.  I think there can and should be random bi-partisan audits to check for compliance.



Edited by spudone 2016-07-07 3:27 PM
New Thread
Other Resources The Political Joe » government email / security Rss Feed  
RELATED POSTS

Better system of government?

Started by Hook'em
Views: 551 Posts: 3

2015-05-05 2:14 PM jmk-brooklyn

1WTC "impenetrable security" breached by 16yo

Started by switch
Views: 886 Posts: 10

2014-03-27 5:23 PM Kido

Obamacare Security

Started by velocomp
Views: 791 Posts: 3

2014-01-23 11:24 AM jeffnboise

Government waste

Started by JoshR
Views: 1045 Posts: 9

2014-01-15 4:12 PM chirunner134

Your state government

Started by JoshR
Views: 1878 Posts: 20

2013-09-18 8:36 AM TriMyBest
RELATED ARTICLES
date : May 30, 2005
author : Ontherun
comments : 0
Taking care of your equipment is very important, especially on a limited budget. The following are a few reminders of how to get your equipment to last as long as possible.
 
date : September 19, 2004
author : malvey
comments : 0
The next time you see one of your kids or grandkids, look deep into their eyes and know that they would give anything to have you around for five, ten fifteen, or even twenty more years.