Mixed feelings about Whitehouse use of outside email accounts.

I have been following a number of stories like this,Congress Follows Email Trail - WSJ.com, about the Whitehouse use of RNC controlled email accounts to discuss the firings of federal prosecutors. The law appears quite clear. Official Whitehouse email is a document that must be retained. Discussions of firing federal prosecutors sounds official to me. Therefore the Whitehouse was wrong to use outside email addresses to keep the discussions secret. I am not comfortable with the law in the first place. Email and other electronic communication media like chat and IM are often used more like casual conversation than formal memos. Few would argue that the President's every word should be recorded at all times. It would make discussion and debate next to impossible. In the process of thinking through an issue one may consider many potentially unpopular ideas, if only for the purpose of argument. Free and unconstrained give and take generally leads to be best understanding and decisions. Free and unconstrained debate can not take place with the world looking over your shoulder and scrutinizing every word.

If we accept that email and chat are used like conversation to hash out ideas, then it is very damaging to the process to place heavy recording and monitoring requirements on it. At the same time, having no oversight substantially reduces accountability. It might even facilitate corruption.

This really shows in a microcosm the greater question of general communications privacy vs. law enforcement access. It is a hard balancing act because there is very little middle ground. Basically you are either monitored or not. Having monitoring of a random half of the messages is going to make everyone unhappy.

April 2, 2007 - Fortify Software Documents Pervasive and Critical Vulnerability in Web 2.0

April 2, 2007 - Fortify Software Documents Pervasive and Critical Vulnerability in Web 2.0 It looks like, in addition to the privacy risks of voluntarily revealing information through Web 2.0 sites, weaknesses in the most common frameworks will enable malicious attackers to gather even non-public data from these sites.

Web 2.0 generally refers to web sites that are either web applications or are based on community content. In either case they involve the users uploading substantial amounts of possible sensitive personal information to the sites. I predict that a great deal of damage may result from this in the long run.

Report: IRS bungles may imperil data

As a followup to my discussion of risks of online tax filing, here is an article on security weaknesses at the IRS. Report: IRS bungles may imperil dataIt does not appear that this is particularly connected to online filing, but rather an overall laxness in their security.

Filing your taxes online?

The Motley Fool has a nice blog post on issues involved in electronic filing of tax returns. There are a couple of important points to be made here. First of all...

  • The IRS has all your information and it will be in digital format (accessible by computer);
  • You are exposed to some points of vulnerability when filing electronically, rather than on paper;
  • The information on your PC is vulnerable to theft (whether you send it electronically or just use tax software);
  • Your information is vulnerable on the Internet-accessible servers to which you upload your data; but
  • On the flip side of the coin, paper returns are subject to loss, theft and mishandling as well, both in transit and within the IRS.

It is somewhat similar to using a credit card. You can risk online theft when conducting an e-commerce transaction, or real-world theft when handing over your card to a minimum wage worker over a store counter. Risks exist both ways.

At this time I think the jury is out on which is safer, but, for the record, I file electronically.