|
|
|
|
|
|
by Dylan16807
4729 days ago
|
|
|
I think if you want to get the analogy right you need to have in-transit encryption, so employees can only see the destination of the data, but once it's stored away it should be decryptable. A key part of using the lockbox analogy to explore your rights is by having it still be physically penetrable, but never expected to be penetrated. Let's look at Dropbox for a moment. If the system is working correctly the employees never have access to the contents of your files. The data flows past the employees in a TLS tunnel that only lets the destination server decrypt it. Employees are kept from accessing the contents via a mechanism similar in effectiveness to locks. Should this data be protected? I think it should. Now let's move on to Email. Most of the time, with modern server configurations, it works in a very similar way. The messages are encrypted in transit, stored in plain text, and employees are kept out. Ignoring that obsolete rule about email 'abandonment' after a certain number of days, I see no reason email shouldn't need a warrant. It comes down in part to how the data is stored in the first place. Why do you say that my email is 'unprotected'? Are there not locks on it, barriers keeping away employees in the typical case? What makes it less secure than a box with a lock that can be broken with a hammer? |
|
|