Apparently, even the (former) head of the CIA can fall victim to a security breach. General David Petraeus recently handed in his resignation as the leader of the US’s Central Intelligence Agency when his extra-marital affair surfaced through an investigation led by the CIA’s own sister agency, the Federal Bureau of Investigation. What’s interesting is that the FBI didn’t use exotic technology or Hollywood-esque espionage to gain access to Petraeus’ “anonymous” email account – in the end, it boiled down to a simple, lawful, court-order through the Electronic Communications Privacy Act. Once the FBI had covert access, they were easily able to track the account usage and trace it to the General himself.
What this means for you:
What undid Petraeus – aside from lack of integrity and fidelity – wasn’t his extremely clever usage of Gmail. Once again, the subterfuge was ruined by a person – in this case, by his own mistress, Paula Broadwell, who sent threatening emails to Petraeus family friend, Jill Kelley who then got the FBI on the case. In the course of any criminal investigation, the ECPA grants the government authority to access any electronic communication without a warrant if it’s under 180 days old, and if it’s older than 180 days, then all that is needed is a court order. Even if you think you’ve set up an anonymous email account, all email travels through the internet by virtue of metadata attached to the digital envelope that is impossible to hide. Think of it as a digital postmark. And because all data must come from somewhere and go somewhere, IP addresses (and logs) make it possible to pinpoint those locations with ruthless precision. The next time you send an email that you need to be completely confidential, think carefully about the implications of it appearing on the front page of every news website in the world. Obviously, the government doesn’t have the time (or the justification) to watch everyone in America, but they certainly have the means, and will to use it, even if it undermines one of their own sacred cows.
Image courtesy of renjith krishnan / FreeDigitalPhotos.net
[…] Petraeus-Gate and Fallacy of Email Privacy (2012) – TLDR: your email is not private. Seven years later, surprise surprise – still not private. […]