Common Sense About Sensitive E-mail
By Reid Goldsborough
Certain things about the Internet are common sense. If you want to communicate something sensitive, instead of posting it to a public online discussion forum, send a private message through e-mail to your recipient alone. If you want to avoid potential problems down the road with sensitive information communicated through e-mail, delete the message after reading it or ask your recipient to do so.
In both of the above cases, common sense is completely wrong. E-mail is as private as a postcard. Though it happens relatively rarely, e-mail can be intercepted and read by others en route.
E-mail encryption programs prevent this from happening by ensuring that only your intended recipients can read your messages and it’s you who has sent them. For some time now the standard has been Pretty Good Privacy, a program from PGP Corp. <www.pgp.com> that provides excellent privacy for sensitive e-mail.
The pay version automatically encrypts e-mail and instant messages and lets you send “self-decrypting” messages to those who don’t have the program. The free version, available for personal, non-commercial use, lets you manually encrypt and decrypt messages. You can try the pay version for free for 30 days.
E-mail also endures. As with files on your hard drive, when you delete an e-mail message, it’s never really gone. It can be retrieved, among other ways, from tape backups months or even years later. Sometimes, a court will actually require this when the e-mail relates to a criminal matter or a civil lawsuit.
