Vapourstream sounds like they're just doing what ZixMail did in 1999.
What rank would you give the discovery process in civil lawsuits? If it's not #1, surely it's near the top. All cases of it put the email into the hands of someone hostile. It's an easy attack to mount, though by no means a cheap one. It's a common attack, which has put much damaging email into the press. Vapourstream offers a measure of lawyer-proofing.
Posted by Fred Wamsley at October 18, 2006 10:38 AMDiscovery is a big issue. Yes, this is an attempt to limit discovery, and on the face of it, it might have some effect. But it fails to address several consequences.
1. the usage people put on email -- most people want to keep their emails around for longer simply because they might have to refer to them again. A large proportion of users keep all their chat for ever, belieing the very term!
2. if you encourage your partner to use this system, you are already signalling something suspicious ... so it won't be much use for business negotiations, and ordinary users don't like to pay for security of this or any other nature.
3. if it is really important, the temptation is there for your partner to take screen shots ... So in the event of discovery, you may actually be setting yourself up for trouble down the track.
Certainly the need is there. However I think a more likely direction is to use contract provisions between consenting parties to *not* use discovery on certain conversations. E.g., signal in advance that this is OTR in writing in the message. That won't stop criminal investigations, but that's a different area again.
Posted by Iang at October 18, 2006 11:41 AM