Readers, you may or may not know that I like to tinker with the software that runs Letters Blogatory. When I started the blog, I used a service called wordpress.com, which hosted the blog for me. Later, I rented space on a “shared server,” a server that I and many others shared and that was administered by the hosting company. And for the past two years, I’ve rented a virtual server. What’s that, I hear you ask? Somewhere there’s a physical computer on a rack running software that allows it to create “virtual machines,” which seem to the user to be independent servers, and which each user administers for himself. So I’ve gone from doing none of the back-end administration of my website to doing all of it in the space of three years.
In the process, I’ve learned a lot about how servers work. (Bonus: when I do e-discovery in my day job, my requests are now a lot more pointed and specific!) And I became interested in how servers do or don’t provide for the security of communications between you and Letters Blogatory. I mean two things by “security.” First, I mean privacy: when you send me a note on my contact page, can anyone else read it? Can anyone tell what you’re doing on Letters Blogatory—what posts you’re reading or what searches you’re performing? Does anyone else have access to the analytics data I, like most website owners, collect about your visit? Second, I mean authentication. When you’re on my contact page and you hit “submit,” can you be sure that your note is going to me rather than to someone malicious who has tried to impersonate Letters Blogatory? When you read a post, are you sure no one has maliciously altered it? And of course I also became interested between the security of my own communication with the server: how could I keep a malicious person from intercepting my password and hacking the blog? How could I be sure that my posts remained private until I was ready to publish them?
When I started, the truth is I didn’t know anything about these issues. But of course, they’ve been in the news a lot over the past few years, hence my interest.
Now, you may say that Letters Blogatory is just a blog, not a banking site or a health care site, and so it’s a waste of time and effort to worry about such things. But I think the news of the past few years teaches us that this attitude is wrong. We know now that we live in an era of mass electronic surveillance. The surveillance may be legal and it may not. But no one likes the thought that our own communications are subject to surveillance, even if we understand that we aren’t the targets. And there are simple, legal things we can do to shield ourselves from bulk collection of internet data. If everyone did these things, then mass surveillance would be a lot more difficult.
I’m proposing that law bloggers take a leadership role by setting a good example for websites everywhere. We lawyers have a special interest in matters of the privacy of individual data. And though no doubt our legal and political views are all over the map, presumably even people who think that the mass surveillance of the internet we now know exists is legal and appropriate don’t think that it’s wrong to take simple, legal steps to shield themselves and their correspondents from snooping.1
In particular, I propose that law blogs should take the following two steps:
- Use first-party analytics software. Everyone likes to know how many readers they have, what articles they are reading, and so forth. Most people have used services such as Google Analytics or Statcounter for that purpose. With that kind of service, a third party, e.g., Google, collects data about your readers and shares it with you. But Google owns the data and can use it to track your readers. Today, it’s possible to get really good information about your readers without sharing it with third parties like Google. I use software called Piwik for that purpose. Since the software runs on my own server, no one except me, not even the people who created Piwik, have access to my analytics data. This is an easy step every website owner can take to protect readers’ privacy.
- Use HTTPS all the time. Both the government and malicious hackers can read information sent via the internet if it is not encrypted. Fortunately, it’s fairly easy to configure a simple website to require encryption all the time. No one is saying that law bloggers have heavy-duty secrets that require encryption. But think about how we treat the mail. We all put our letters in envelopes even if they contain no secrets. We may think that the government should be able to open mail with a warrant based on probable cause, or even without a warrant in particular cases. But we don’t think that the government should just routinely read everyone’s letters, or that we ought to make it easier for the government to do so by writing all our letters on postcards. It’s pretty easy to put all internet traffic in an envelope. In addition to providing encryption, HTTPS also provides some assurance that when a reader reaches your website, it’s really your website, not some meddling interloper’s. This is because a certificate authority certifies that the key used to encrypt your data really belongs to you. Bonus: if you use HTTPS all the time to encrypt your data in transit, you’re not just protecting your readers’ privacy; you’re protecting your own password and site administration from hackers. There are online services such as SSL Labs that let you check to make sure you’ve implemented HTTPS correctly. There are a bunch of problems with HTTPS that can be addressed at least in part by various other technologies and protocols. I’m not going to go into that here. But it seems to me that adoption of HTTPS all the time is a solid first step for law blogs to take.
You may be saying that this all seems difficult and time-consuming. I promise you: if I can do it, you can do it. I’m a lawyer, not a tech person! To do these things on your own, though, you will need to be running your own server rather than using a service like wordpress.com. If you’re committed to letting someone else administer your server for you, you can at least suggest adopting good privacy practices to the administrator.
- Maybe some people do take that view—check out my dialogue with friend of Letters Blogatory Alejandro Manevich for some thoughts, though I note that the situation Alex was addressing—technology that puts data beyond the reach of a subpoena—is not the same as what I am proposing. The steps I am suggesting do provide some protection against mass surveillance but do not make it impossible for a website owner to refuse to comply with a subpoena, since the website owner still has access to his or her data in unencrypted form.