Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Ask Slashdot: What Country Has the Best Email Privacy Laws?

samzenpus posted more than 3 years ago | from the spanning-the-globe dept.

Privacy 236

An anonymous reader writes "Given all that is going on with the ability of the government to go through my email if it is on a third-party server, I was wondering: what countries have the best privacy laws and what are some good hosts to use? I would rather pay a token fee to have secure private email than have members of the government able to read it as soon as it's 180 days old if I keep it at my email provider."

cancel ×

236 comments

Sorry! There are no comments related to the filter you selected.

Mine! I can read anyone's email (0, Funny)

Anonymous Coward | more than 3 years ago | (#35774986)

My country has the best laws.... I can read anyone's email and not get prosecuted.
if that's not the definition of "the best", I don't know what is.

RETARDED (-1)

Frosty Piss (770223) | more than 3 years ago | (#35775172)

The question is RETARDED and indicates a COMPLETE lack of knowledge on the part of the "asker" about how email works.

Hereâ(TM)s THE FACTS: Unencrypted email is unsecure EVERY-FUCKING-WHERE.

Re:RETARDED (0)

Anonymous Coward | more than 3 years ago | (#35775202)

I'm not sure "retarded" is a necessary epithet. The question is easily interpreted as legally private, as opposed to "secure". And this is a good question. For instance, in many European countries, there is a right to privacy, as opposed to the United States, where no such enshrined right exists.

Re:RETARDED (-1)

Anonymous Coward | more than 3 years ago | (#35775268)

Dude, don't be so fucking RETARDED.

Re:RETARDED (-1)

Anonymous Coward | more than 3 years ago | (#35775464)

My first wife was 'tarded. She's a pilot now.

Re:RETARDED (2)

SwedishPenguin (1035756) | more than 3 years ago | (#35775344)

Except the data retention directive requires providers to store email for at least 6 months.. (minimum in directive, actual period can be longer in individual countries)

Re:RETARDED (3, Insightful)

Jurily (900488) | more than 3 years ago | (#35775764)

legally private, as opposed to "secure"

I'm not sure this term has any meaning when applied to information that is instantly, cheaply and undetectably duplicated, especially if this duplication is the whole fucking point. How many servers did that mail pass through while it got to the recipient?

What we really need is to define encryption as a basic human right.

Re:RETARDED (1)

zill (1690130) | more than 3 years ago | (#35775842)

What we really need is to define encryption as a basic human right.

I wholeheartedly concur.

Unfortunately this won't happen anytime soon due to all the import [wikipedia.org] and export [wikipedia.org] restrictions.

Re:RETARDED (1)

countertrolling (1585477) | more than 3 years ago | (#35775230)

The 'asker' is probably a troll/flame script. Doesn't sound human to me.

FYI: for the believers, from 2007 [privacyinternational.org]

Re:RETARDED (0)

Anonymous Coward | more than 3 years ago | (#35775262)

How exactly does this work in the real world? A cop has a grudge against you and he gets to read all of your old email on a whim?

Are you even notified?

Not Your Own Country (and not a high-spam country) (1)

billstewart (78916) | more than 3 years ago | (#35775880)

The governments most likely to be interested in you are your own government and any you might be trying to overthrow. So don't go there. And use your own mail server to store your mail on, not your mailbox provider's.

Pick some country other than your own, not the US, not a notorious spam or cybercrime haven. (The latter's obvious, just because you don't want your mail discarded automatically by your recipients.) The countries that have good privacy laws mostly have police agencies trying to pass data retention laws, so it's not much of a win. Preferably pick somewhere that your language isn't the primary local language.

Privacy laws (-1, Offtopic)

countertrolling (1585477) | more than 3 years ago | (#35774996)

There are few things more humorous than to see all of you bicker over the color of unicorn poop.

But just in case, the definitive answer is gold glitter.

Either way, please.. try to accept the truth...

Re:Privacy laws (1)

Locke2005 (849178) | more than 3 years ago | (#35775142)

When I told my daughter that glitter comes from unicorn poop, I thought I was being original and making that up. (I try to keep her as misinformed as possible.) Now you come along and point out this is not an original idea! By the way, she insists the color of the glitter matches the color of the unicorn, so only gold unicorns would poop gold glitter.

Re:Privacy laws (0)

Anonymous Coward | more than 3 years ago | (#35775276)

I am intrigued by your daughters ideas and would like to subscribe to her newsletter.

Oh, and I can -uh- "babysit" any time. Please.

Re:Privacy laws (1)

debilo (612116) | more than 3 years ago | (#35775376)

I am intrigued by your daughters ideas and would like to subscribe to her newsletter.

I assume constant monitoring of her outbox may be required.

Re:Privacy laws (2, Insightful)

countertrolling (1585477) | more than 3 years ago | (#35775184)

(Score:-1)

This is what I get for pointing out that our 'anonymous' submitter here is a company troll grasping for page hits.

So one more time for posterity, privacy on the internet, and any expectation thereof is pure mental masturbation.

This site is being compromised by too many sockpuppets and zombies. It used to be fun when was a small group of friends, but not any more. Maybe it's best to just stay away from the front page.

Re:Privacy laws (2)

Ethanol-fueled (1125189) | more than 3 years ago | (#35775544)

This site is being compromised by too many sockpuppets and zombies.

Agreed. Besides all of the obvious ones, I've noticed some generic-commenting ones. Check a story fairly early after posting, and you'll see a post, then the one right below it will read the exactly same points, even written in the same paragraph format, except that the words are subtly changed and rearranged.

If somebody is using HBGary's persona management software, it's still way too obvious to anybody with half a brain. They'd be better-off paying a unique Indian (utilizing a spell and grammar checker) for each persona -- Indians are cheaper than shoats.

Most secure country: (2)

ngc5194 (847747) | more than 3 years ago | (#35775004)

My-own-email-server-istan.

Re:Most secure country: (1)

countertrolling (1585477) | more than 3 years ago | (#35775032)

All communications must go through the country of ISPistan. There it is processed, and all data is sold to the highest bidder.

Re:Most secure country: (1)

hedwards (940851) | more than 3 years ago | (#35775388)

That was my thought. The only important thing is that stored emails tend to hang around longer, meaning that there's more time to decide whether or not to trap the information. Not to mention a better guarantee that you'll encounter the email you're after.

privacy laws won't fix a broken privacy model (5, Insightful)

Junior J. Junior III (192702) | more than 3 years ago | (#35775024)

Email is inherently insecure, since it is transmitted in clear text and stored in multiple hops between destination and recipient, where its contents may be intercepted, altered, copied, stored, etc.. If you're relying on the law to keep your email private, you've already lost. Use digital signatures for authenticity and integrity, and strong encryption for confidentiality. At that point, you really don't need the law's help to keep your emails private.

Re:privacy laws won't fix a broken privacy model (3, Informative)

Junior J. Junior III (192702) | more than 3 years ago | (#35775038)

I mean, do you even know what countries your emails might route through between sending and arriving at their destination? If you're going to go to a server in a different country to gain the benefit of their better privacy laws, you're likely going to need to transfer data over networks that geographically reside in other countries too. And your end points probably are still somewhere within your own country. What are the laws like there?

Re:privacy laws won't fix a broken privacy model (2)

obarthelemy (160321) | more than 3 years ago | (#35775250)

you do still need laws to litigate if an angry ex, an employer ... find a way (keyloggers...) to get your keys.

Re:privacy laws won't fix a broken privacy model (3, Insightful)

klapaucjusz (1167407) | more than 3 years ago | (#35775310)

Email is inherently insecure, since it is transmitted in clear text

Most mail nowadays is transmitted over SSL [wikipedia.org] . Yes, that's still vulnerable to MITM-ing, but it's no longer a simple matter of passive snooping.

If you're relying on the law to keep your email private, you've already lost.

Please. Strong privacy laws won't prevent ISPs from occasionally snooping on their users, granted. With no privacy laws, howver, expect your ISP to routinely spy on you, and sell the data to advertising companies.

-- jch

Re:privacy laws won't fix a broken privacy model (1)

hedwards (940851) | more than 3 years ago | (#35775398)

Unless I'm missing something, which I don't think I am, that only applies between you and your mail server, between mail servers there is no such guarantee.

Re:privacy laws won't fix a broken privacy model (5, Informative)

klapaucjusz (1167407) | more than 3 years ago | (#35775470)

STARTTLS is used between mail servers if:
  • both the sender and the receiver support the STARTTLS extension; and
  • the receiver has been configured with a certificate (even a self-signed one).

All modern mail servers support STARTTLS, and most ISPs have configured a certificate in their MX. To see if yours has, do the following:

$ host -t mx google.com
google.com mail is handled by 50 alt4.aspmx.l.google.com.
google.com mail is handled by 30 alt2.aspmx.l.google.com.
google.com mail is handled by 40 alt3.aspmx.l.google.com.
google.com mail is handled by 10 aspmx.l.google.com.
google.com mail is handled by 20 alt1.aspmx.l.google.com.
$ telnet aspmx.l.google.com smtp
Trying...
Connected to aspmx.l.google.com.
Escape character is '^]'.
220 mx.google.com ESMTP
EHLO localhost
250-mx.google.com at your service
250-SIZE 35882577
250-8BITMIME
250-STARTTLS
250 ENHANCEDSTATUSCODES
QUIT /blockquote

Re:privacy laws won't fix a broken privacy model (2, Interesting)

Anonymous Coward | more than 3 years ago | (#35775884)

Since requiring TLS on my laptop to server connection I have found it is very common for hotel and airport ISP's to hijack the connection and route mail through their own servers. How did I find out? They don't support TLS so the connection fails. Then if you use runtbird to start thunderbird you can find the evidence. In future I will be using runtbird anyway to check if they are hijacking the connection and supporting TLS.

Example below from a Delta lounge in ATL:

0[192c140]: SMTP Connecting to: mail.mycompany.com
0[192c140]: SMTP entering state: 0
0[192c140]: SMTP Response: 220 mail.tmail.com ESMTP Xxx, xx Mar 2011 14:43:21 -0400
0[192c140]: SMTP entering state: 14
0[192c140]: SMTP Send: EHLO [10.241.1.242]
0[192c140]: SMTP entering state: 0
0[192c140]: SMTP Response: 250-mail.tmail.com Hello 242.1.241.10.in-addr.arpa [10.241.1.242], pleased to meet you
0[192c140]: SMTP entering state: 0
0[192c140]: SMTP Response: 250-ENHANCEDSTATUSCODES
0[192c140]: SMTP entering state: 0
0[192c140]: SMTP Response: 250-PIPELINING
0[192c140]: SMTP entering state: 0
0[192c140]: SMTP Response: 250 8BITMIME
0[192c140]: SMTP entering state: 4
0[192c140]: SMTP entering state: 21
0[192c140]: SMTP Send: QUIT
0[192c140]: SMTP entering state: 0
0[192c140]: SMTP entering state: 0
0[192c140]: SMTP Response: 221 2.0.0 mail.tmail.com Closing connection
0[192c140]: SMTP entering state: 11
0[192c140]: SMTP entering state: 12

Yes, you're missing something (1)

billstewart (78916) | more than 3 years ago | (#35775898)

Most SMTP servers will use encryption for mail transfer these days, not just for mail submission and mail reading. klapaucjusz's [slashdot.org] reply to your article has more details on how.

Re:privacy laws won't fix a broken privacy model (1)

countertrolling (1585477) | more than 3 years ago | (#35775384)

"Strong" encryption will do nothing against a hardware keylogger.

Yeah.. do you think you really know what your machine is sending? Think you can sniff out the logger's encryption?

This question is as ludicrous as asking which god is most powerful.. It's Zeus, isn't it? Kinda funny that Greece [privacyinternational.org] was the 'best'.

Zeus, Jupiter, Terminus (1)

handy_vandal (606174) | more than 3 years ago | (#35775530)

"This question is as ludicrous as asking which god is most powerful.. It's Zeus, isn't it?"

Not necessarily. I don't know about Zeus, but there may be a parallel with Jupiter (the Roman Zeus, "Jupiter" = "Zeus Pater").

Jupiter was the supreme Roman god in most things, and he was rightly respected for hurling lightning bolts, but there was one greater than he:

Terminus, the divine personification of boundaries and boundary-stones, to which even Jupiter was subordinate. (The Romans were very, very big on property law.)

Re:privacy laws won't fix a broken privacy model (0)

Anonymous Coward | more than 3 years ago | (#35775386)

>Use digital signatures for authenticity and integrity, and strong encryption for confidentiality.

When none of your 50 or so acquaintances and friends and coworkers know what PGP/GnuPG is, and even worse are too fucking lazy or stupid to use it, then what?

Re:privacy laws won't fix a broken privacy model (1)

Americano (920576) | more than 3 years ago | (#35775670)

Just a wild guess, but I presume that if that's the case, you end up making angry posts to slashdot about how all of your friends and coworkers are too stupid to use software which is complicated to install and complicated to use?

If this [gnupg.org] is the way people are going to get the ability to encrypt/sign emails, then yeah, they're not going to use it.

If this [gnupg.org] is the list of features "customers" are expected to make sense of, then yeah, they're not going to use it.

GPG is great software, but it's not exactly trivial to set up properly & use, and it doesn't appear as if the developers make much of an effort to make it easy to set up properly and use.

Re:privacy laws won't fix a broken privacy model (1)

icebraining (1313345) | more than 3 years ago | (#35775964)

What bothers me is that not even CS teachers use it. I mean, they can program in OCaml, but they can't configure their mail client to send encrypted emails with if the recipient has a key?

Re:privacy laws won't fix a broken privacy model (1)

Assoupis (758320) | more than 3 years ago | (#35775508)

The model is flawed, but there are ways of having some privacy ; for example, hosting your own email on your own server, using encrypted partitions and encrypted swap over https, imaps, and if needed, pop3s, and giving emails addresses to friends and people you wanna have communication with. Having a drill press near the harddrive for when cops show up is optionnal. Basically the dead letter model will still work. I assumed this is why so many businesses have domain name email hosted on a single server.

Re:privacy laws won't fix a broken privacy model (1)

Airborne-ng (1391105) | more than 3 years ago | (#35775516)

Exactly right, anyone that has dealt with SMTP and looked into header information realizes the many hops involved through relays just to get a message from one place to another...however instantaneous is may seem at times. To require each relay point to agree on a shared key...or better yet have PKI involved for encrypted data transfer is just ridiculous for overhead. my $.02

Re:other means of storage (2)

symbolic (11752) | more than 3 years ago | (#35775792)

There are third party services (like messagelabs offered by Symantec) that provide email scanning and archival. This puts an interesting kink into the model, because now the path includes more than just other email hosts. These services can have their own retention and privacy policies, and you, as merely one endpoint in a communication process, may have no idea that such a third party is being used.

Re:privacy laws won't fix a broken privacy model (0)

Anonymous Coward | more than 3 years ago | (#35775820)

Some countries make it illegal to encrypt your e-mail.

Re:privacy laws won't fix a broken privacy model (1)

syousef (465911) | more than 3 years ago | (#35775906)

Email is inherently insecure, since it is transmitted in clear text and stored in multiple hops between destination and recipient, where its contents may be intercepted, altered, copied, stored, etc.. If you're relying on the law to keep your email private, you've already lost. Use digital signatures for authenticity and integrity, and strong encryption for confidentiality. At that point, you really don't need the law's help to keep your emails private.

How the fuck does this get modded insightful?

Using PGP or whatever else is not going to help you if the law requires that you give up your keys or rot in prison for the rest of your life.

If the opening poster was interested in technical ways to keep his email private I'm sure he would have asked. This is slashdot, so it's entirely possible he's already got the encryption and signature angle covered. This was not a techy question, and a techy answer is not appropriate!

India? (-1, Offtopic)

happyfan (2038142) | more than 3 years ago | (#35775028)

Any spam there is 10 years in prison offence [c2.com]

Re:India? (0)

Anonymous Coward | more than 3 years ago | (#35775052)

Haven't clicked the link but I'm positive it's Goatse.

Re:India? (0)

Anonymous Coward | more than 3 years ago | (#35775064)

I clicked and its worse than a Goatse! (Or may be I got conditioned to Goatse after these years)

Re:India? (0)

Anonymous Coward | more than 3 years ago | (#35775112)

All the accounts above 203XXXX are spam/troll/sockpuppet accounts. Slashdot registration has been compromised... We need better filtering to tune them out.

Re:India? (1)

Aldenissin (976329) | more than 3 years ago | (#35775140)

Not Goatse, but still disgusting and off topic... I am just trying to figure out why someone takes time out of their day to repeatedly spam Goatse to Slashdot. Is this a bet or something? Either way, perhaps you should consider that while virtually no one is "normal", you should get checked out for your obsessive compulsive tendencies...

Re:India? (0)

Anonymous Coward | more than 3 years ago | (#35775260)

I tried to post warnings about the goaste loving jerk yesterday but was modded into oblivion as a karma whore. Go figure. I couldn't post often enough as AC to keep up with his many accounts.

capthca: imprison

Re:India? (1)

TaoPhoenix (980487) | more than 3 years ago | (#35775412)

You're right, this is the most coordinated troll campaign in a long time. Multiple accounts, multiple pages. Perversely, I have been keeping notes, and this was in fact a page that did have Goatse on it previously.

My new theory is that someone is making money off this, either trying to degrade Slashdot or maybe even just server clicks.

http://c2.com/cgi/wiki?OldTest [c2.com] (used to have Goatse on it)
But hotlinked image from
http://bit.ly/fKm8jx?.jpg [bit.ly]
redirecting to
http://www.hai2u.com/HotBlowjob.jpg [hai2u.com]

Re:India? (1)

WrongSizeGlass (838941) | more than 3 years ago | (#35775600)

They're also using:
http://freeblogspot.org/journalism/2011/04/03/post/
http://tinyurl.com/42kdzgp (uses a data:text/html;base64 eventually redirect ending up at goatse.ru)
http://tinyurl.com/5szfvml (uses a data:text/html;base64 eventually redirect ending up at goatse.ru)

Re:India? (1)

DurendalMac (736637) | more than 3 years ago | (#35775264)

Dammit, by the time I clicked it was gone. Now I want to know what horrid image was up there.

Re:India? (1)

ngc5294 (2038148) | more than 3 years ago | (#35775368)

Thanks - fixed, just click now...

Re:horrid (1)

TaoPhoenix (980487) | more than 3 years ago | (#35775438)

See my post above. NSFW!

Which country? (-1)

Anonymous Coward | more than 3 years ago | (#35775034)

Learn English for fuck's sake.

Re:Which country? (0)

Anonymous Coward | more than 3 years ago | (#35775238)

> Learn English for fuck's sake.

I don't know who fuck is, but why should I learn English for his sake?

Re:Which country? (1)

hedwards (940851) | more than 3 years ago | (#35775406)

Because, he'll get you laid.

Re:Which country? (1)

Runaway1956 (1322357) | more than 3 years ago | (#35775578)

That troglodyte crawled up a chicken's ass and waited for days, and still couldn't get laid.

Does it matter? (2)

steevven1 (1045978) | more than 3 years ago | (#35775040)

Even if you host your own email server or use a server in a country with great privacy laws, every email you send or receive is stored on two servers, each with your name (email address) attached to it. Unless everyone you email has the same security policy as you, your messages are little more secure than they would be if you used any other email server.

Re:Does it matter? (1)

ThatsMyNick (2004126) | more than 3 years ago | (#35775104)

Yeah, it would be easier and more effective to use PKI and make sure you never lose your private key.

Re:Does it matter? (1)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#35775164)

Be sure to avoid living in Britain, in that case.

Re:Does it matter? (1)

Noughmad (1044096) | more than 3 years ago | (#35775416)

No, you can still live there, just make sure you NEVER lose your private key.

Storing email? (3, Insightful)

krelvin (771644) | more than 3 years ago | (#35775082)

If this is really worried about this...Why are you storing any email on a 3rd party server? As new email arrives, save it to your local computer, removing it from the inbox. No email is then left to become 180 days old. Nothing to worry about. Actually that is not true since you most likely will be worrying about something else then too, but...

Re:Storing email? (1)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#35775188)

This would appear to be operating on the optimistic assumption that hitting "delete" has any effect other than making the message invisible. If you are lucky, cheapness and/or laziness on the part of the operator will mean that they purge and/or just lose everything they can get away with as fast as possible. If, on the other hand, they are doing some sort of data mining for commercial purposes, or complying with some sort of retention request, game over, man.

What Country Has the Best Snail-Mail Privacy Laws? (4, Insightful)

lobiusmoop (305328) | more than 3 years ago | (#35775092)

Given I can't be bothered to take the most basic steps to gain a little privacy for my letters, like using envelopes, writing everything on postcards that let everybody in the postal industry in contact with my mail read it, what are the best couriers for me to send my letters with?

Honestly, I think some articles are just deliberate trolls for the computer-security folks on Slashdot.

Re:What Country Has the Best Snail-Mail Privacy La (2)

sandytaru (1158959) | more than 3 years ago | (#35775152)

Redact everything yourself. Problem solved. Stick it to those government snoops!

Re:What Country Has the Best Snail-Mail Privacy La (1)

Anonymous Coward | more than 3 years ago | (#35775304)

I think some people here have fair knowledge of computers and the internet but don't know about all the details either. They want to learn more, they try to ask questions, and the experts here have two options:
1) Be nice, teach them how it works and let them improve their knowledge
2) Be arrogant, push them down for asking 'stupid questions' and keep them in ignorance.

I have good enough understanding of computers so that I can understand most of the articles here and find them interesting. I'm also concerned about e-mail privacy. I often here "encrypt your mail", "use POP3", "download the mails from hotmail/gmail/yahoo to your computer"... The problem is, I have no idea how to encrypt mail, what POP3 is or how to download my e-mails. I'm also not sure doing this would cover every weakness in my privacy protection - for instance I recently heard that deleting e-mails on gmail only makes them invisible and does not remove them from their servers.
It would be helpful if someone wrote and posted here a serious tutorial on how to protect your privacy. Unfortunately, most advice I could find on the web is incomplete (thus useless) and most of the time the 'experts' would rather complain about the ignorance of the persons who are wise enough to ask questions.

tl;dr : it's not obvious to everyone that e-mail is like sending letters not enclosed in an envelope. Teach people or STFU.

Re:What Country Has the Best Snail-Mail Privacy La (1)

icebraining (1313345) | more than 3 years ago | (#35776000)

I often here "encrypt your mail", "use POP3", "download the mails from hotmail/gmail/yahoo to your computer"... The problem is, I have no idea how to encrypt mail, what POP3 is or how to download my e-mails.

Search Google for "how can I encrypt my email"; first two results are step by step guides on how to encrypt your email, either with Thunderbird or Gmail.

Re:What Country Has the Best Snail-Mail Privacy La (1)

oliverthered (187439) | more than 3 years ago | (#35775780)

The ones that don't require you to put a return address on the post card, let you send to an anonymous PO BOX number and don't require all post cards to be signed for and the postal office to retain copies of the sender, receiver and signatory and hand them over to people left right and center.

I use BASE64 encoding to transmit all my AES encrypted numbers via number stations.

really, some people just haven't been here long enough to know that number stations even exist or that you can base64 encode AES and stick it on a post-card.

Have you ever had to sign for mail or return a letter?

Best email security laws? (1)

Locke2005 (849178) | more than 3 years ago | (#35775116)

That's easy: Sealand [sealandgov.org] !

Re:Best email security laws? (3, Interesting)

houstonbofh (602064) | more than 3 years ago | (#35775514)

Havenco closed in 2008. No sealand hosting now.

Any Country in which cryptography is legal will do (0)

Anonymous Coward | more than 3 years ago | (#35775122)

Use procmail and gnupg to encrypt each unencrypted message you receive. Or, even simpler, use pop3 to receive your mails, i.e. do not keep the mails on the server.

I would not solely rely on any privacy laws. Anticipatory obedience on the ISP side might kick in as soon as anyone asks for your mails, with or without any legitimacy..

nowhere really (2)

t2t10 (1909766) | more than 3 years ago | (#35775226)

Many European nations nominally have better privacy laws, but they have lots of exceptions for national security, police enforcement, and privacy law enforcement, as well as other loopholes.

But you're likely also no better off storing it on your local disk; for your government or your ISP, accessing data on your disk is likely no more complicated than pushing a button.

If you want your E-mail to be private, encrypt it, whether it's on a local disk or a server, and even then, there's a good chance others can intercept the key and read it anyway.

Re:nowhere really (1)

farnsworth (558449) | more than 3 years ago | (#35775664)

If you want your E-mail to be private, encrypt it [...], and even then, there's a good chance others can intercept the key and read it anyway.

Would you care to expand on that? I was under the impression that both smime and key-pair encryption are pretty solid.

Re:nowhere really (0)

Anonymous Coward | more than 3 years ago | (#35775682)

"Nominally"? Come on, law will always gain access to your communications, after all, there have been laws set up to ensure those in "authority" can gain access to it since the 80s, or they can assume worst case.

But in the real world of business, the EU has extremely touch data privacy laws. If you fall foul of these, you can lose your business. I was working on one pan-Euro project for a very large global company (US based), Belgium made one tiny error is customer data handling, there was no leak, no stolen data, the data didn't escape, but as a result, the entire country had to be removed from the project for 18 months. Had the data been in the wild I could understand serious bottom-kicking, but something that amounted to "oops, good call, thanks, fixed" was hit with the worst penalty. Had the project been a core part of the business within the country, the company would have shut up shop.

I'm sure China is even worse ;-)

Re:nowhere really (1)

oliverthered (187439) | more than 3 years ago | (#35775786)

IP addresses (say via VPN) and email addresses could do to be secret too.

Re:nowhere really (1)

angel'o'sphere (80593) | more than 3 years ago | (#35775822)

Many European nations nominally have better privacy laws, but they have lots of exceptions for national security, police enforcement, and privacy law enforcement, as well as other loopholes.

Which loopholes do you mean?
A search warrant issued by a judge according to evidence presented by the prosecutor is not a loop hole in my eyes. I'm not aware about other "loop holes".
angel'o'sphere

"...what countries have the best privacy laws..." (3, Interesting)

John Hasler (414242) | more than 3 years ago | (#35775306)

Because we all know that all govenments can be trusted to respect such laws when their own interests are at stake.

If you have secrets that you must protect against goverments why are leaving them (unencrypted, evidently) on third party servers? And why are you discussing that fact on a public forum?

What about the people you communicate with? (2)

timothyf (615594) | more than 3 years ago | (#35775308)

Are you sure you're always communicating with people that live in countries with privacy laws that are just as secure? Unless you're really good about keeping your contacts secure as well, all it means is that they have to issue more subpoenas.

data rendition (1)

Tumbleweed (3706) | more than 3 years ago | (#35775926)

Are you sure you're always communicating with people that live in countries with privacy laws that are just as secure? Unless you're really good about keeping your contacts secure as well, all it means is that they have to issue more subpoenas.

This brings up a point - I wouldn't be at all surprised if data isn't routinely sent out of the country for analysis and decryption to countries who have no laws against such things.

click the GPG checkbox, and pick the right country (0)

Anonymous Coward | more than 3 years ago | (#35775316)

In some countries, the UK say, you must turn over encryption keys if asked.

But many countries you don't have to. The most secure is to GPG your mails.

Without encryption, there is no privacy AT ALL in email. They are sent as cleartext.

Just answer the question (0)

Anonymous Coward | more than 3 years ago | (#35775332)

Why does everyone try to solve some problem instead of just answering the anonymous reader's question?
What countries have the best privacy laws?

Re:Just answer the question (1)

houstonbofh (602064) | more than 3 years ago | (#35775526)

No doubt... I to am interested in this. Yes, I know it is no substitute for good encrypting, and I know how START/TLS works and so on. But being able to avoid a data mining fishing expedition should be easy low hanging fruit.

Email Privacy? (1)

EricX2 (670266) | more than 3 years ago | (#35775346)

If the government sends a letter to your email host and say 'give me access to this guys email' and the email host says yes, no laws were broken. At that point you are asking what email providers have the best privacy agreements that may say no to government requests.

Also, where does 180 days come from? Do you not have access to a pop3 client? Is there a law I'm unaware of that says it forwards to the government email system after 180 days of idle time on the server? I am so confused!

Re:Email Privacy? (0)

Anonymous Coward | more than 3 years ago | (#35775698)

The 180 days is part of the Electronic Communications Privacy Act. It's not automatic forward to the government, it's that the government can request your emails from the ISP and if they are asking for emails more than 180 days old there is far less red tape for them to go through to get your data.

This is a false question! (1)

bogaboga (793279) | more than 3 years ago | (#35775430)

Ask Slashdot: What Country Has the Best Email Privacy Laws?

And here's why I say this:

It depends on who's metrics we'll use to determine what is 'best'. So that's the question.

Seriously, use a North Korean based mail host (1)

Swave An deBwoner (907414) | more than 3 years ago | (#35775432)

I am pretty sure that the North Korean government does not provide the US government access to email stored on their servers.

Re:Seriously, use a North Korean based mail host (1)

ibsteve2u (1184603) | more than 3 years ago | (#35775480)

lolll...guess I should have expanded all of the comments. Your idea is essentially the same as mine, giving yours the marks for originality.

I suspect you're thinking of it wrong (0)

Anonymous Coward | more than 3 years ago | (#35775468)

Laws change. Laws are written on paper, and don't determine how anybody really acts.

I recommend looking for whatever government you can either ignore or resist the most effectively.

The Netherlands, at least against SPAM (0)

Anonymous Coward | more than 3 years ago | (#35775472)

In the Netherlands we have a quite good anti-spam policy (see spamklacht.nl, in Dutch).

Although, I wonder for the rest... they might be able to ask hosting providers to read mail.

But hey: why don't you host your own mail? Or just use PGP.

Might be a good start-up idea for the PRC (1)

ibsteve2u (1184603) | more than 3 years ago | (#35775476)

You know the People's Republicans of China are going to read your email, but would they share with any other government? Doubtful.

Depends (1)

Oceanplexian (807998) | more than 3 years ago | (#35775510)

Whatever country you're living room is, where you would obviously be keeping your mail server in a rack running under truecrypt.

If you don't want to bother than that, then, your privacy just isn't important. As soon as you put your personal information on someone else's hardware you lose control of that information.

Insane Replies (0)

Anonymous Coward | more than 3 years ago | (#35775546)

Asking a simple question, which country has the best legal protection from privacy. What this means is what countries have laws restricting invasions of e-mail privacy. A lot of countries have mandatory ISP e-mail retention and are required to produce those e-mails to public authorities without a warrant. What the hell, Slashdot? Can't you answer a simple question? I honestly thought Slashdot had become better then this.

I'm not a legal expert in this field, so I can't answer it myself, but it's still a legitimate question. Okay, a few comments about how e-mail needs to be encrypted would make sense, but outright insults, slander, and the throwing of feces?, all of which calling the poster a Troll for asking a simple, legitimate question.

Considering how many countries are getting worse and worse for e-mail privacy laws, this is certainly a valid question that affects everyone's lives here, (how many geeks can really live without e-mail, huh?)?

The Answer is... (1)

DanielRavenNest (107550) | more than 3 years ago | (#35775548)

Don't put anything you want to keep private on a third party server. If you must use email, find one with encryption. Microsoft Outlook has had it since at least version 2003, and there are lots of other programs available.

Host it yourself (1)

Animal Farm Pig (1600047) | more than 3 years ago | (#35775606)

Why not just host it yourself using the open source mail server and transport of your choice?

Talking about an old US privacy act (0)

Anonymous Coward | more than 3 years ago | (#35775666)

In a 3 day old article, http://rss.slashdot.org/~r/Slashdot/slashdot/~3/parDc6QiCaw/Obama-Administration-Wants-Your-Old-Email discusses how any email older than 6 months is considered discarded and can be "trivially subpoenaed". I think this question is in response to this article.

Strike one. (1)

westlake (615356) | more than 3 years ago | (#35775700)

I was wondering: what countries have the best privacy laws and what are some good hosts to use?

You are a foreign national routing allegedly innocent e-mails through an unfamiliar host 1,200-12,000 miles distant. Do you really think that won't attract unwanted attention on both sides of the border?

For email apply the same laws as for paper mails (3, Interesting)

angel'o'sphere (80593) | more than 3 years ago | (#35775758)

... at least in germany and most european countries.

If you want to read them you need a search warrant.

angel'o'sphere

use gpg (1)

McTickles (1812316) | more than 3 years ago | (#35775812)

or something like that

I wonder if I misunderstood... (0)

Anonymous Coward | more than 3 years ago | (#35775862)

When I wad the question, I assumed the following:
1. The originator already encrypts his email (to the extent possible - you cannot force senders to encrypt the email they send you).
2. The originator lives in a country that can legally force him to give up his encryption keys.

Obviously, I'm having a charitable day.

Given those assumptions, keeping one's email on a server in another country MIGHT be a legal workaround.

IMMI - International Modern Media Initiative. (3, Informative)

mordur (1321893) | more than 3 years ago | (#35775864)

I don't know which country has the best protection for users of online services now, but Iceland most certainly will be a contender when the IMMI legislation has been passed as per the Parliamentary Resolution passed on June 16. last year. Check it out: http://immi.is/ [immi.is]

China! (0)

Anonymous Coward | more than 3 years ago | (#35775944)

Our wise and benevolent government ensures that we are happy and safe by protecting us from bad emails.

Enforcement? (1)

kuzb (724081) | more than 3 years ago | (#35775958)

Best laws are one thing, but I'm more interested in best enforcement.

I am a lawyer - you don't want email xing a border (0)

Anonymous Coward | more than 3 years ago | (#35775966)

IAAL. From what I know, you don't want your email crossing a national border. At least here in the USA, that gives the authorities tremendously more authority to scan it.

Your ideal setup for moderate security is going with a provider here in the USA with a good TOS. Be careful, the TOS often says that they will give your email over to the govt without a warrant or subpoena. That vitiates your reasonable expectation of privacy. SOME provides will actually renegotiate the TOS.

For high security, you have to host it in a box in your house.

The above is not legal advice.

Time to learn the hard truth ... (0)

tgd (2822) | more than 3 years ago | (#35775984)

Sorry to say it, guy, but no one gives a shit about you.

If you're doing something they'd actually care about, odds are you're smart enough to use PGP for your illegal dealings.

And if not, you're just not that special. No one cares what your e-mails say. Get over yourself.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>