The Tyranny of E-mail (14 page)

All communication technologies alter manners and create (and reflect) new standards as more and more people use them. Recall how the rise of the U.S. mail caused a rash of anxiety over the state of the letter—and the need to hew to proper forms of it— or how the typewriter was viewed early on as a brutish machine. In the beginning, it was considered inappropriate to send a typewritten letter for anything other than business. Before long, however, that standard had changed radically. E-mail has caused its own ripples in many spheres, from language to parenting, but it has been most fascinating when it comes to the issue of privacy.

The number of users and the ease of forwarding messages unleashed something that had previously been tamed. It is an obvious breach of etiquette to hand a letter over to anyone but
its recipient; tampering with the U.S. mail is also a felony. But e-mail is constantly, continuously, recklessly forwarded. It’s so easy. How many times have you received a forwarded message— sent so you have one piece of information—only to find below it an entire, supposedly private conversation thread left intact? And now yours to peruse, should you so desire.

That’s the benign explanation: carelessness. But every day we encounter situations where e-mail’s viral nature is clearly being exploited for payback, revenge, comeuppance. In 2006, a lawyer at a Canadian firm who felt he was being harassed for being “a snappy dresser and too friendly and too gay” didn’t approach human resources but e-mailed five hundred people company-wide, writing in depth about his problems with one individual while informing his army of recipients he was “an expert yogi” and that he “trained with enlightened masters in meditation and I know a plethora of great techniques for clearing emotional poisons.” The attorney knew exactly what he was doing. “I thought I’d shoot it down the associate gossip channels, just for kicks,” he wrote in one message, asking the recipient to forward his diatribe. “I thought I’d mirror the model of gossip at my firm. So please indulge me in passing it along.”

I didn’t have to dig to turn up this e-mail. It’s posted on the Internet, where you can find all sorts of supposedly private e-mails, such as the one
New York Times
op-ed editor David Shipley sent to the McCain campaign saying a piece McCain had written could not be accepted as currently submitted. For a time, all the deposed e-mails that had been sent at the Enron Corporation could be viewed on a Web site, where personal e-mails about affairs and events at home were mashed up with the e-mails that showed that employees knew what was going on at the energy giant. In 2004,
Wall Street Journal
Mideast reporter Farnaz Fassihi sent an e-mail to her friends about the
deteriorating security situation in Iraq, which at the time was being played down by the Bush administration—how impossible it made her job as a reporter, let alone her existence as a human being. It quickly became a global chain e-mail. “I wrote it as a private e-mail to my friends as I often do about once a month,” she wrote in another e-mail to the journalism blogger Jim Romenesko, “writing them about my impressions of Iraq, my personal opinons
[sic]
and my life here. and then it got forwarded around as you can see in a very unexpected way.”

The gap between what one person and another considers private means that almost any message can be forwarded— which can lead to devastating personal experiences. In England in 2000, a woman sent an off-color joke about oral sex to some friends and received a reply from her boyfriend, which led to a humorous but intimate exchange about her performance in a sex act. The boyfriend then forwarded the compliment—and its queue—to six of his mates with a note: “Now THAT’s a nice compliment from a lass, isn’t it?” It was immediately forwarded to several other men, who looked up her picture on the Internet, started a campaign to find her and give her a medal, and on it went. Eventually, after the message had made its way around the world, it came back to the woman, who wrote all of the peepers— that’s how she viewed them—a stinging scold:

I Can’t believe this!!!

First of all, I don’t know any of you!! What do you care about my social life? Don’t you sad bastards have anything better to do with your time?

Shouldn’t you all be working. I’m going to make it a point to send this email to [email protected] just so that people can see what you do with your time!

To you Girls: You’ve all swallowed at one time or another, so don’t judge me!

To the Guys: All you’re going to get is a fantasy, so go do what you’re good at… tossers!

Yum!

—Claire

Speed—and the ease with which e-mail can be sent accidentally, thanks to the auto fill-in-address function, to a large group—is part of the problem. In 2006, Lycos reported that every second, forty-two e-mails were misdirected. Sixty percent of these blunders involved an e-mail being sent to the wrong address, and a third of them were “steamy.” Always it’s information considered private pulled out of context. One executive once sent details of his salary to the entire company by accident and pulled the fire alarm in panic. A schoolgirl in Devon once wound up getting top-secret e-mails on a Pentagon round-robin list when a navy commander accidentally added her address. A professional spammer—who used to put “Asshole” into the address function of a test message—coded a message incorrectly, so that a couple million e-mails went out addressed “Dear Asshole.”

It’s hard not to laugh about such gaffes. In some cases, e-mail seems to out bad behavior and bring it to justice—or at least give it a good smack. Neil Patterson, the CEO of Cerner Corporation, a Kansas City–based health care information technology firm, sent a blistering e-mail to his managers when he felt that their work ethic had slacked. “The parking lot is sparsely used at 8 A.M.; likewise at 5 P.M.,” he wrote. “As managers—you either do not know what your EMPLOYEES are doing; or YOU do not CARE…. In either case, you have a problem and you will fix it or I will replace you.” The message was quickly forwarded
around and wound up on Yahoo!’s message board system. The news hit Wall Street, where people assumed the company was in trouble, and its stock price plummeted 29 percent.

Politicians have proven reliably good at making e-mail blunders. On September 11, 2001, as the World Trade Center towers were collapsing, British transport secretary Stephen Byers’s adviser Jo Moore e-mailed colleagues suggesting it would be a good time to bury bad news—everyone’s attention would understandably be elsewhere. When the e-mail was forwarded around, it came out that she had made a similar suggestion on the day of Princess Margaret’s funeral. After British prime minister Gordon Brown returned from a visit to China, a junior treasury clerical officer, Robbie Browse, sent an e-mail to friends that included racist comments about Chinese eyes. He accidentally also sent the message to eighty-six members of the press, one of whom replied, “Will we all be invited to your leaving party?”

Had such a blunder happened in a conversation, the story would be passed around, but chances are it would be changed and eventually lose momentum. In an e-mail environment, though, such a faux pas is just one click away, and an exact record of what was typed is created. The ease of duplicating it and sending it along means that an online humiliation can be experienced by vast numbers of people. The laugh track is just waiting for us. But that’s not the biggest danger created by e-mail. The biggest problem has been there from the very beginning.

As the number of Internet users slowly increased in the 1970s and ’80s, the new network became too good a target not to be
toyed with by hackers—they were the twentieth-century version of the highway robbers who plagued the early mail. But there was a category difference: if mail was robbed in Philadelphia, it didn’t affect a pouch going to the Ohio Territory. With the Internet, however, the connectedness was both its strength and its weakness; plant a strong enough virus anywhere in the system, and it had the potential to take the whole network down.

The rise of the Internet saw the rise of a new kind of crime, the ramifications of which would only grow as more and more systems, such as telephone switchboards, were computerized and hooked into the Web. Between 1978 and 1983, there were at least thirty attacks on computer facilities in Europe, with some of them being literally blown up. Tampering with computers was a powerful avenue for revenge for disgruntled ex-employees, especially since so many companies were so vulnerable. Two former programmers for Collins Food International were caught planting a logic bomb—a piece of code secreted in software that sets off a malicious function when certain conditions are met— in the computers that controlled the payroll and inventories of four hundred Kentucky Fried Chicken and Sizzler Steak House franchises. If it hadn’t been found in time, the bomb would have erased all the records, as well as any traces of the bomb that was planted. By August 1983, $300 million a year was being lost in the United States due to the fraud and viruses perpetuated by computer criminals.

And it was easy. One description in a
New York Times
article from the period conveys the aura of mystery and criminal intrigue that surrounded the early Internet: “Penetration into the misty realm of computer networks can be easily and legally achieved by anyone with a home computer and the proper modem, a device selling for $100 or so that converts a computer’s
digital pulses into electromagnetic waves that can be transmitted over a phone line. One simply dials the seven-digit local telephone number of a data network and starts roaming the electronic ether.” There were no firewalls, and in some places a hacker could try as many passwords as he liked. “It’s like leaving the keys in the ignition of an unlocked car,” said Martin Hellman, the Stanford professor credited with inventing public key cryptology.

Given that military installations and research universities were among the first institutions to become networked, there were serious security risks at the heart of the Internet from the beginning. In spite of $100 million spent to prevent it from happening, ARPANET was broken into numerous times, and in the early 1980s a motivated hacker broke through the security system of the Lawrence Livermore National Laboratory in Berkeley, California, where nuclear warheads and other weapons are designed, while another used Telenet to dip into the Los Alamos National Laboratory in New Mexico, where the hydrogen bomb and other nuclear variants were hatched. The fear of such events quickly entered the mainstream culture. In the 1983 film
War Games
, Matthew Broderick plays a young computer hacker who discovers a back door into systems just like this and winds up playing an escalating war simulation with a supercomputer at a top-secret air force installation. Due to these security breaches, ARPANET split into two networks—MILNET, for the U.S. military and Defense Department, and DARPAnet, which remained in public use for universities.

These breaches did more than just split up a few existing networks and motivate security concerns, however; they challenged the utopian dreams of the Internet. It’s important to remember that, however essential Baran’s apocalyptic fail-safe was, the basic thrust of the early network was an idea of sharing and
collectivity. The Internet was a true tabula rasa, since, unlike the American territory, it hadn’t been stolen from anyone: it had been created out of thin air. And companies followed suit with the communal spirit. “At the beginning, companies make it easy to get on and assume people are going to be nice,” said the vice president for development and engineering of BBN Communications Corporation, a company that helped pioneer the development of data networks. “That lasts for a while and then you have to add access control. You can’t just leave all the doors open.”

No attack caused people to question this attitude more than the Morris worm of 1988, the first computer worm released onto the Internet. The architect of the worm was Robert Tappan Morris, a twenty-two-year-old graduate student at Cornell University. According to Morris, he created the program simply to gauge the size of the Internet. And he did so by exploiting a hole in the Unix operating system’s “sendmail” program. The worm disguised itself as a user and sent itself out over e-mail, where, upon receipt, it would be duplicated and sent out again to a whole new address book, and upon receipt there it would duplicate again, leapfrogging off yet more address books. It was ingenious and incredibly destructive: it clogged thousands of machines and nearly shut down the entire Internet. That Morris was the son of a National Security Agency computer security analyst added a special irony to the case.

The nation’s response was swift and alarmed. By the mid- to late 1980s, America’s data networks were accessible by almost 9 million desktop computers. How many more Robert Morris types were lurking out there?
The New York Times
ran
eleven
stories on the story in the three days after it broke, including an op-ed by a Cornell graduate student who announced that the Internet’s age of innocence had officially come to an end.
“Many of us know how to abuse the system, read others’ files and steal secrets, but old-fashioned etiquette stops us,” argued Peter Wayner. “The rest of us are caught in a similar bind. Do we encourage trust and freedom in experimentation or do we install complex safeguards? At America’s universities, computer scientists surely must realize we can’t keep leading an Eden-like simple life in the heart of the computer age.”

As he himself suggested at the time, Morris did the developing Internet an expensive favor: he exposed its security weakness and planted a large reminder that what we send over the Internet is not private and that the very machine and interface through which we access information is vulnerable, too. Someone—or something—can reach down into our virtual desktop and rifle through our things, our thoughts, our financial data. We are connected, but the size of the connection is far too big to rely upon basic human trust and existing laws to protect us from malfeasance. Our new communication tool of e-mail was a boon—who could say no to receiving messages from friends and loved ones around the world?— but it was viral, and that was perfectly suited to another group who wanted something from us: advertisers.