I asked this question over on Hacker News, as well as Quora, but I thought I’d also ask it here…
The UK plans to intercept all electronic communication. They currently don’t plan to snoop on content, but as noted elsewhere connection data is just as invasive.
To me this is both a civil liberties and business risk problem. I view my list of business contacts as confidential information and I don’t trust the government not to leave this information on a train somewhere.
Legal solutions are one thing, but the snoops keep raising their heads, so my feeling is that we need to actually find a way to make this sort of thing technically impossible.
Content encryption is already largely solved, although for email we still need a critical mass of people using PGP or similar.
VPNs just seems to push the problem to another jurisdiction, and if this is an agenda all governments will one day pursue, this will become decreasingly useful.
What can an individual do to protect content and connection data? Onion routing for mail servers? Do technical solutions rely on everyone doing it and so are unlikely to get much traction?
So what are your thoughts? What can we build?