Hang on, how is it a defense to say that? Can a startup, or any other organisation, also say that? "Oh sorry, we don't have a search facility, so we cant act on your warrant"?
I'm sorry, but how can any court accept that as a defense?
A defense against FOI requests is that it would cost too much to collect the data - the logic being that companies/governments shouldn't be legally obliged to spend significant money just because someone put in an awkward request.
Of course, in this case, I still think they should reallocate some of the their budget and upgrade the email system :/
FOIA requests over a certain threshold require the requester to pay fees, so certainly the "cost" of a FOIA request can be passed along.
I'm skeptical about the problems the NSA has with searching emails, since they could probably just install some of their own tools on their email servers to index and collate. I have a feeling its more of a political lack of will rather than technological. These folks want scrutiny into everyone else, not themselves.
FWICT they haven't been taken to court over it, yet, anyway. It was a FOIA request. The requestor should probably take it to court to push the issue, but it's likely a big cost to do so.
IBM (Lotus) Notes with encrypt on receipt set (and without transaction logging enabled, which works at the routing rather than the storage level) would do it. There is no central repository as such, each user has their own mail database, and each of those databases can be RSA-encrypted. Reading the messages requires the user's private key, which an admin can get by requesting from the user or recovering the ID from the vault and using the password recovery utility (a Shamir-type back door) or brute-forcing the password. Without transaction logging, there is no global index to search other than a domain search (which requires plaintext). Even without encryption, it may be necessary to know which users to look at, since they may live in different Notes domains within the org, and the messages of interest may be in archive databases.
I wouldnt be surprised if it were true. If it is, it's probably intentional. Primitive technology gives them plausible rejection of broad FOIA requests of exactly the kind requested.
I don't think it passes the smell test. One thing they will be extremely concerned about is employees who are leaking information to the outside. I don't believe for a second that their in-house email, especially messages to outside recipients, is not deeply screened for sensitive information and indexed for later investigation of possible leaks.
I'm sure they keep anyone who reponds to FOIA requests as far away from the real good tech as possible. There's probably a little boolean flag on each record that says "OK to send in response to FOIA requests" that hardly ever gets checked... but if it ever does it gets transferred to the FOIA response system. So you're probably dealing with crumbs of the real information to begin with.
I was hoping that the link would say that they can't read PGP encrypted messages or something along those lines. Alas, we can't be too sure about that either.
In what way would you actually get rid of all these "intelligence" agencies? I don't think it's possible. I think they've successfully achieved a kind of military coup where they are always funded, always exerting control over a country and can't be removed in any way.
What funds the NSA and the entire Military-Industrial Complex? If we changed the underlying financial structure that supports it, the upper dependencies would have to change or cease to exist also.
It's taken four or five generations to build this beast. It will take generations to change it again. But in the meantime, I hope a small percentage of people will take measures to defend themselves from the coup.
I'm sorry, but how can any court accept that as a defense?