Unencrypted e-mail is not secure. Did you know that when you send an e-mail it passed over a series of servers on the internet before arriving at its final destination? Without encryption, any one of those servers can read your e-mail.
Two of our attorneys currently have the capability to receive PGP/GPG signed e-mails from the public internet.
If your information isn’t life or death or a matter of national security, you can consider trusting these links to our public keys:
If your information is a matter of life or death, national security, high monetary value, or you’re just paranoid (like us), please send us an unencrypted e-mail first (or call us) requesting information on how we can verify each other’s public keys via another medium that is out of band. A determined attacker could attempt to hack our webserver (where no client information is stored, by the way) and modify the links above to redirect to a site that looks like our keys on the MIT keyserver, but returns different keys to which the attacker holds. In such a case, the attacker would be able to decrypt an intercepted message, but we could not decrypt it! Of course, we also realize that such an attacker would likely erase this cautionary part of the page, unless he knew that we would know that he would erase it, and thereby left it here so that it would appear that the “canary” was still alive.
For more information on using PGP/GPG to encrypt your e-mails, you may want to check out some of these links: