A recent Wired article reports that Phil Zimmerman now has a beta version of a program that will encrypt Internet-based VoIP phone calls, thus thwarting the NSA’s ability to carry out the U.S. government’s extra-judicial eavesdropping campaign. Zimmerman, in case you’re not familiar with the name, is the man who gave us PGP back in 1991; various free and commercial versions are available around the world, and if used properly (e.g., with well-designed encryption keys), it’s a highly effective way to prevent interception or spoofing of email messages.

But does anyone really care? News reports about the NSA eavesdropping campaign tend to evoke feelings of paranoia among even the most innocent citizen (”Good grief, I was just telling my cousin a joke about terrorists? Are they going to arrest me?”), but it’s not clear to me that most people are willing to spend even a modest amount of time and energy to protect themselves against such intrusions. Of course, it hasn’t been easy to do so with phone calls, until Zimmerman’s recent announcement; but the same issue applies to e-mail messages, which are frequently intercepted by governmental, private-sector, and criminal organizations. And if we don’t bother protecting our e-mail — which is incredibly easy to do, with tools like PGP — why should we believe that anyone will bother protecting their phone conversations? And if we don’t care enough to bother protecting these forms of communication, why are we making such a fuss about about privacy? Are we really that lazy?

Perhaps you think I’m exaggerating about this. Perhaps so … but I’ve had PGP installed on my computers since the early 1990s, and during that period, nobody has ever asked me to send or receive an encrypted e-mail message. Well, that’s not quite true: during the period when many of us computer geeks were worrying about the government’s ability to cope with the Y2K problem, a highly paranoid Canadian colleague insisted on sending me a couple of PGP-encrypted messages about rumors that the Canadian government was going to declare martial law on New Year’s Eve in 1999. But aside from that — nada.

To put this in perspective, let me point out that I don’t have a security clearance, and I’m not doing any work with military or government agencies. I’m also not planning to rob any banks, smuggle any drugs, or carry out any terrorist attacks. So that eliminates a lot of the obvious reasons for carrying on encrypted e-mail conversations. On the other hand, I do work with clients all over the world whose product-development plans, marketing strategies, and litigation-related activities are highly confidential. And in almost every one of these client projects, I’m required to sign non-disclosure statements, protective orders, and other documents describing the restrictions on disclosing such senstive information. And yet nobody has ever asked me to encrypt our email interactions.

Interestingly, the lawyers for whom I work appear to be the least interested in encryption; but that’s because even if my email messages are encrypted, they may still (under some circumstances) be legally “discoverable” — which simply means that I may be required by a court or a judge to reveal the contents of the message during the course of a legal proceeding. The lawyers’ solution is pretty simple: don’t send any email messages at all, and don’t leave voice-mail either (because that’s digitized, archived, and also legally discoverable). It appears that George Bush, Homeland Security chief Michael Chertoff, and various other government officials have a similar strategy: if you don’t leave any email “trail” at all, there’s no need to worry about encryption.

Thus, while I applaud Phil Zimmerman’s work in this area, and while I’m intrigued by the technology that he’s introducing for encrypted VoIP phone calls, I don’t think it will matter very much — except, of course, to terrorists, drug smugglers, bank robbers, and military personnel.