Reject Electronics, Return to Pen and Paper?
The constitution of some countries in the West includes the privacy of correspondence. Idk how many countries and how that privacy is interpreted in any particular cases.
IMO it should be argued, in Europe, that this covers electronic correspondence too, and thus ChatControl and its ilk are unconstitutional.
In the days of old people would cover both sides of a letter with writing and then tri-fold it before putting it in an envelope. this makes it much harder to read it through the envelope (by holding it up to a light).
It’s not practical but it’s easy to target a few interesting individuals.
Also it’s inconvenient to encrypt and decrypt physical mail.
Xmpp and Matrix are right over there, dude.
Physical mail generally isn’t under surveillance past occasional package inspection (e.g. an X-ray of a suspicious package), and the rare targeted government surveillance operation on an individual or group, at least for the contents of mail.
The U.S Postal Inspection Service has a number of data sources they do collect from, though. If you make a USPS account, for example, then they can get info like your credit card number and IP address. If your package has a tracking number assigned, they can tell where exactly your mail is in transit. And if your address and the sender’s address is on your mail, then they will of course know who sent you which piece of mail when. Pretty standard stuff.
In terms of actually inspecting what’s inside people’s mail, that’s very difficult, because mail isn’t standardized. Some envelopes will have one small sheet of paper. Some will have a larger folded one. That might be folded into 2 pieces or 4. It might be 3 sheets of paper. Maybe it has a smaller paper card inside as well. You get the idea.
Whereas internet traffic is based on actual standards, and so if they want to know the contents of the data in an HTTP request, for example, they know exactly which parts of the packets to look at, every single time.
It would make surveillance more difficult, for sure, because individually opening, scanning, and putting back any possible variant of mail in envelopes is very time consuming and difficult, but it would do absolutely nothing to stop targeted surveillance of given individuals, and would also make individual associations more apparent.
To give another example, the government doesn’t know which people are communicating with which other people if you use Signal, because not even Signal knows, so not even a court order could allow them to find out. If you were sending mail between all those people, the government now has a list of every single time you sent a letter, and to whom.
Using that same example, with Signal, the contents of your message is encrypted. With mail, it’s in plaintext. Anybody could read that. If they intercept the data from your Signal chats, they get encrypted nonsense. If they intercept your mail, they get your entire conversation.
The smart decision is to use tools that preserve privacy and anonymity, making surveillance near impossible, rather than a system like mail, which just makes surveillance annoying and time-consuming.
pictures are taken by sorting machines of every piece of mail that goes through usps. that data is retained by the usps for a period of time, and is open to ‘law enforcement’ on request; and who knows what really happens to that data when the usps doesn’t want to hold it any longer.
The photos taken by the sorting machines are of the outside of the envelope, and are necessary in order to perform OCR of the destination address and to verify postage. There is no general mechanism to photograph the contents of mailpieces, and given how enormous the operations of the postal service is, casting a wide surveillance net to capture the contents of mailpieces is simply impractical before someone eventually spilled the beans.
That said, what you describe is a method of investigation known as mail cover, where the useful info from the outside of a recipient’s mail can be useful. For example, getting lots of mail from a huge number domestic addresses in plain envelopes, the sort that victims of remittance fraud would have on hand, could be a sign that the recipient is laundering fraudulent money. Alternatively, sometimes the envelope used by the sender is so thin that the outside photo accidentally reveals the contents. This is no different than holding up an envelope to the sunlight and looking through it. Obvious data is obvious to observe.
In electronic surveillance (a la NSA), looking at just the outside of an envelope is akin to recording only the metadata of an encrypted messaging app. No, you can’t read the messages, but seeing that someone received a 20 MB message could indicate a video, whereas 2 KB might just be one message in a rapid convo.
What if you start sending encrypted letters and don’t write your name on it anywhere? Though that would definitely be annoying for the recipient.
Yes but you should write that by hand on clean paper
Depends on the recipient.
And you could always encrypt a message against your recipient’s public key, print it out, and then mail it from a random drop box. You could even include a public key in the message so the recipient can send you back letters, and include an address in the letter they could reach you at.
It’d only really work if enough people were sending such letters to enough recipients though, or the act of encrypting your messages in such a manner would itself be a data point.
Also, you could print the messages on thermal paper, so they fade over time.
Does it? OCR is still pretty bad, it’s definitely going to be more annoying than plaintext. It might be worth it, but that doesn’t really make it that much less of a pain in the ass to deal with. You might need to use symbols that aren’t alphanumeric (along the lines of QR codes) to make the conversion to plaintext more reliable. I don’t think we have something like that right now.
You’re probably right, but steganography with FEC should be enough to do the job; any predictive text errors would be caught with the checksumming.
After all, Phil Zimmerman got the entirety of the PGP source code from the US to Germany as a book. OCR combined with predictive text reconstruction has come a LONG way since then. The big problem today with OCR is that it often corrects errors that were present in the original document.
USPS has something called a “Mail Imaging program”, where they photograph the outside of every piece of mail that goes through their system. They use it to process the mail, but law enforcement does request copies of all stored images related to people and addresses they’re investigating.
They also have the “Mail Covers program”, where law enforcement will proactively request USPS to monitor and forward information on all mail to and, as far as possible, from a given person or address. That information is limited to the outside of the envelope but, if they see something they deem suspicious, they can get a warrant to open the mail. I’ll also note that privacy guardrails on the program are notoriously lax: something like 20% of covers were approved without the necessary paperwork, and 15% weren’t adequately justified.
If you’re wondering what the big deal with getting data from the outside of the envelope is, you might be interested in “Finding Paul Revere”.
-
physical mail has gotten way more expensive, now 78 cents for a regular letter and $5 for a small package. So it adds up. I probably send a dozen emails a day while sending out maybe 3 envelopes per month, usually stuff like bill payments or business docs, rather than personal letters.
-
they collect all the metadata now, i.e. photographs of the front and back of the envelope. I try not to write return addresses on envelopes but sometimes it’s necessary and sometimes I forgot to omit it. They do get delivered without the return address, though I don’t have enough samples to say the reliability is any different.
I do wonder whether the mailbox you drop the letter in somehow gets recorded in the metadata. Obviously the originating post office is recorded, but if there are a dozen mailboxes in the neighborhood and some USPS worker empties them out once a day, idk if there’s any effort to separate the letters by what mailbox they came from, or if they all just get dumped into a large bin.
There was supposedly a snail mail remailer network operating in Poland in the 1950s or so. If you were in Minsk and wanted to correspond with your friend in Pinsk without the KGB knowing, you’d instead send your letter to someone in Poland who would then forward it in a different envelope to Pinsk. I believe some samizdat manuscripts also circulated that way.
-
If USPS can take an image (which sometimes shows contents) of every envelope, then it’s not a prohibitive leap for governments to take that a step further & x-ray them, process that image through character recognition, etc.
Cryptography is a better solution.
It is (under targeted surveillance) and it isn’t (practical at scale). My wife works at a post office and they do occasionally comply with law enforcement’s lawful requests to monitor or search the contents of a person’s mail, but it’s quite rare. It’s manual work that takes time and effort per-package, risks detection, and typically requires a warrant. It’s just not cost effective compared to automated electronic methods unless you’ve really fucked up and they’re already onto you.
would governments be able to surveil everyone? (Is it practial?)
The GDR has done it.
There were no computers at that time. All mail was physical. They did not surveil really everyone, but many targeted people, and presumably all letters from/to the West.
Today with strong computers and AI to scan through all texts, even hand writing, it would be feasable to do even more than that.
GDR is one tiny country.
Imagine every Chinese or every Indian started writing physical mail.
In a large country, the percentage of mail that crosses their border is much lower than in a small country.
GDR is one tiny country so their surveillance apparatus was smaller too. China is big so they can have a bigger apparatus.
I mean, GDR is one tiny country but that goes for both sides of the equation. China would be able to surveil mail with the full resources of the Chinese government.
At 3 billion people, I imagine paper companies would be jumping for joy.
But yeah, that sounds like it’d be a bastard to surveil.
If i want to eend mail to the US from europe i can only buy stamps that link my identity ( payment info) to the piece of mail send. All other countries is no problem just to buy unidentifiable stamps
Wait what
Yeah I’m in Ireland and I can, and do, pay for stamps with cash.
It would work until it didn’t.
Just depends how long it takes them to realize it’s happening.
My understanding is that there is an expectation of privacy in the USA in the contents of a sealed envelope. I don’t believe that the government can legally open one without a warrant. According to the case Ex Parte Jackson they can’t. However…
You have to trust that they wouldn’t break that law or someone else wouldn’t open it. Depends on your threat model. And as others have said, the government would know who you are communicating with, just not what you’re saying.
The cost of doing that for physical mail - in dollars, effort, time, and logistics - would be prohibitively high.
If you’re just a rando, yeah you’re not going to have much to worry about. They also can’t track everyone. But it is certainly possible for high value targets.
It would certainly make their job harder. We could go back to invisible ink and writing by hand.
