Yesterday I permanently deleted 15 years of email.

It wasn't because I didn't have enough hard disk space to store it. It's because I decided, after 15 years, that the benefits of keeping all this email did not outweigh the risks. Although I have never had my email subpoenaed, I have had many legal interactions due to my involvement with May First/People Link, some of which were about finding the real identities of May First/People Link members. I'd rather not risk compromising anyone or needlessly exposing my networks. Now I have an Inbox, Sent Box, Trash Box and Detected Spam Box. The Inbox I empty manually and the other boxes are automatically purged on a scheduled basis.

In this age of surveillance it's sad to see data evaluated based on risk of exposure.

First you need to make sure that the server does not keep copies, logs, IPs, etc... and the only way for this is to run your own server(s).

Second you need to make sure the mail is not intercepted in the network. using internet that's a utopia, and probably not all the people you need to interchange mail uses alternative networks...

Finally, these kind of measures (like shred files, yes, is not enough with deletion), are futile if you're targeted and government level hackers control your router, routing, DNS and SSL, with add-on tools like hardware level trojans or even the possibility to "see" your screen or "listen" your mic, change web sites content on a targeted way, etc

Anyway, you can do only what is in your hand, this is in your hand, and as you say, reduces the exposure to things like undesired data loose on subpoenas.

Comment by Anonymous Thu 30 Apr 2015 11:01:29 AM EDT

I 100% agree that it's sad we have to live in an age where you have to make those kind of considerations. But good for you that you are thinking about stuff like that!

Is there any reason you did not choose to employ deniable encryption?

Greetings from Europe

Comment by Anonymous Thu 30 Apr 2015 04:34:08 PM EDT

All my email is hosted by May First/People Link, which owns all hardware, so we definitely have the part covered.

And, I'm less concerned with forensics being run on my laptop than I am with being asked to comply with a subpoena. I'd like to say: No, I don't have that data, it's been deleted.

I think deniable encryption is the best way to communicate moving forward, but doesn't help with my 15 year archive of email!

Comment by jamie [id.mayfirst.org] Thu 30 Apr 2015 06:03:05 PM EDT