Steven Bellovin wrote:
Note this from the NY Times article:
The Megaupload case is unusual, said Orin S. Kerr, a law professor
at George Washington University, in that federal prosecutors obtained
the private e-mails of Megaupload�s operators in an effort to show they
were operating in bad faith.
"The government hopes to use their private words against them," Mr. Kerr
said. "This should scare the owners and operators of similar sites."
(I base my rant on the assumption megaupload had outsourced their email
to one of those "enterprise level" offerings, such as gmail or yahoo).
If this isn't a convincing argument for using your own physical email
servers (with encrypted filesystems and limited log keeping and what
have you) and against outsourcing your email, then I don't know.
I understand they can seize your servers and get your email that way if
you were not smart enough to delete it and/or use encrypted filesystems.
However it's much much harder to use email against you in preparation of
a case when you run your own servers. Because they can't just quietly
ask your email provider to hand over the data and forbid them to talk
about it...
Besides, running an email server is almost a trivial exercise for any
marginally competent IT person. If you can set up a system such as
megaupload you for sure can run your own, secure, email servers.
If not ask someone competent enough to do it for you.
Greetings,
Jeroen
--
Earthquake Magnitude: 4.8
Date: Tuesday, January 31, 2012 07:26:11 UTC
Location: Fiji region
Latitude: -21.9943; Longitude: -179.4848
Depth: 596.00 km