The world learned about PRISM thanks to a series of slides leaked by Edward Snowden. Among those slides was one where, you can see the companies that participate in the program but also the data they offer the NSA, if the agency asks. Microsoft, Google, Yahoo (complete with trademark exclamation point), Facebook, YouTube, Skype, AOL, Apple. All of the logos smushed into the header of the slide. And all of the companies to be avoided if you don’t want any chance that the NSA can surveil what you’re doing.

Again: We are not saying that you should not use Facebook. What we are saying is that if you are desperate to prevent the NSA from knowing what you’re doing, you shouldn’t use Facebook. And there’s nothing you can do to make using Facebook better—no encryption, no anything can make Facebook safe from the NSA. (We’ll discuss this more a little later on.)

(There is some hope: Montana recently passed a bill that requires the governent to btain a probable cause warrant before spying on you through your cell phone or laptop. As Alexander Abad-Santos writes, “if you don’t want the government to spy on you, move to Montana.” Montana might be the safest state from cyber-spying in the nation, as it is the first to pass a comprehensive anti-spying bill, doing so even before the Edward Snowden saga broke out.)

 There is a good way to hide the content of your email messages. A tool called PGP (short for “Pretty Good Privacy”), created by a man named Philip Zimmerman, offers a way to encrypt (encode) email messages between two parties using what’s know as peer-to-peer encryption. That’s an important property. It means that person A encoded the message and only person B is able to decode it. So as the envelope moves around the web, you can be sure it stays sealed until it gets where it’s going. (How PGP actually works isn’t important for our purposes. In short: It involves doing a math problem involving two very, very large numbers.)

How do you get PGP? PGP as a brand is now owned by Symantec, so you can give them your money and they will set you up. But there are also open source implementations of the technology. (If you’re deeply knowledgeable about technology, you can establish your own PGP system—but if you can do this, we doubt you need a tutorial.) One such product is known as GPG (Gnu Privacy Guard), which comes in bothMac and Windows versions. This is not simple to implement, mind you, but the documentation is pretty thorough.


Continue reading →