What About Deep Packet Inspection?
There is a technical problem to be solved for securing the content of private individual or business communications for stuff the government doesn't care about, but which you don't want competitors to have access to. There are some solutions for that. How adequate they are is debatable. Governments have been known to spy on foreign companies to help out competing companies based in their own country. Let's leave that aside.
Let us stipulate that you are a whistle-blower that a government does not like and wants to suppress. Once you are targeted, any intermediary, or you yourself, can be pressured into turning over any encryption keys. So you want to avoid attracting attention in the first place.
Assume for the sake of argument that someone did set up a secure e-mail server beyond the reach of a given government. The thing still has to be connected to the Internet. It still has to have an IP address and so does any other endpoint communicating with it.
So, you try to use some intermediary to obscure that you are communicating with it. As has been reported recently, even TOR is not secure, because you cannot trust the endpoints. But for the sake of argument, less us further assume that both the e-mail service and the intermediary you use are not themselves honey pots set up by the NSA or whoever. What is to stop them (you know, THEM) from coercing all ISPs and backbone providers into letting them monitor the packets going through every single router, in particular the ones at the edge of the Internet? And performing deep-packet inspection to try to match up packets going in one place and out another? It seems like it is just a matter of money and processing power and storage capacity. With some custom made hardware (such as FPGA) (which they probably already have...) it might not be far-fetched.
So, it seems to me that as long as you use the Internet for some kind of end-to-end communications, it will be impossible to use technical means to prevent the authorities from obtaining meta data.
If you don't care that they know you are communicating, then you may be able to sufficiently encrypt the transmission. But the men in black can always sneak into your abode and bug the place. Or put a trojan on your computer.
All of these suggestions from readers for out-foxing the authorities are pretty much an exercise in futility and a fool's game.
What we need is legislation which makes it flat illegal for the government to do this stuff.
But then, when the next act of terrorism occurs, are you going to demand that the authorities do something to prevent it from happening in the future? Or when you find out about some child-paedo ring, abusing children and sharing the pictures of their crimes via some secure server? Or some international drug cartel, which murders people by the hundreds and corrupts whole governments organizing their business the same way?
With the massive precautionary data collection, the authorities are taking the easy way out, to be sure, and it is being abused. So can be just back up the Patriot Act and its ilk a bit and go back to the days of having real judges issue real warrants?