A SNIU and Email Privacy
I just thought of an interesting application of p2p networks that could be used to create greater email privacy. I decided to quickly publish it here to create prior art for the idea so that no one could legitimately patent it. 
It’s motivated by the fact that email that is in storage receives a lower level of protection from government surveillance than does email while it is actively in transit. This means the fewer places your email is stored, the more private it is. In the ideal system, the email would only be stored in the sender’s and in the recipient’s systems and nowhere else. This is such a system.
The idea is that users, Alice and Bob, would download a p2p application and run it on their internet-connected computers (along with thousands of others). The p2p application would interface with their email programs of choice to handle delivery and receipt of all their email. When Alice sends an email to Bob, Alice would actually send only an email notification to Bob (not the full text of the email) and Bob would have to type in his personal password to retrieve the text of the email.
The p2p application in the meantime would have broken the text of the email up into a bunch of tiny little parts. Parts so small that, if read in isolation, they would provide almost no useful information about the jist of the message. As a simplified example, suppose 500 people are running the application. Then the email might be broken into 100 pieces and the pieces sent randomly to these 500 users (with little tags allowing for reassembly by someone with all the parts, namely Bob). Lots of duplicates would be sent to account for the fact that someone who received part of the email might go offline when Bob asked for that particular part.
This way, the full email is never stored all in one place except on Alice’s computer and on Bob’s computer. Everyone in-between only has tiny little meaningless pieces.
Of course, one problem I can think of is: what if someone could spoof being Bob, call her Eve, and could ask the network to collect up all the pieces of the message from Alice? Presumably the notification Alice sends Bob could be designed to only interface with Bob’s password and so even if Eve has a copy of the notification or if she fakes one, she would also need Bob’s password for the network to try to collect all the pieces of Alice’s email. (There are obvious ways this is similar to and ways it could incorporate private/public key encryption schemes.)
Besides being an idea for protecting privacy, it’s also a substantial non-infringing use (SNIU) of peer-to-peer (p2p) networks. Let’s not squash these networks before people more skilled than I think of more of the cool ways to use them for good.
Update (5 mins later): It also occurs to me that if Eve places herself at Bob’s ISP and captures everything going to Bob’s IP address, then she might be able to collect all the individual pieces of the email from Alice. So, the pieces should probably themselves be scrambled by an encryption algorithm that would make it really hard to put them all together, even if you had them all. Nonetheless, I think we’ve stilled achieved the goal of there being fewer stored copies of the email, which was the point. Additionally, to the extent that Eve has to use an active wiretap to intercept the pieces, the law provides Alice and Bob with greater protection from such active interception. (Dumb distinction, I know. I didn’t write our email privacy laws.) (Yet.)
This work, unless otherwise expressly stated, is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.