Meanwhile, when it comes to encrypting actual content like email messages, chats, videos and photos, there are generally two ways to go: There are services for encrypting information sent between people, like Silent Circle and RedPhone, and there are applications for creating secure connections between people and across networks. For instance, there are open source services like OpenVPN, which is designed to establish an encrypted virtual private network (VPN) between computers.
There is HTTPS Everywhere, a plug-in extension for Firefox and Chrome browsers that is designed to automatically employ the Hypertext Transfer Protocol Secure (HTTPS) program for websites that offer it. HTTPS is designed to build on top of standard SSL/TLS cryptographic protocols to protect against eavesdropping of data by third parties, and to help ensure that the website being accessed is legitimate and not operated by a bogus group.
But on a practical level, people need to consider that if the company cannot read their files, that can limit the features and convenience afforded by the service. It's a little hard to filter out spam, for instance, if the email client can't see your emails, said EFF's Schoen. Researchers at the Massachusetts Institute of Technology are trying to solve this problem with "homomorphic encryption," which would let Web servers process data without decrypting it.
This smorgasbord of encryption services is what makes things tricky. "There are very specific things we mean when we talk about privacy," said Eben Moglen, a professor of law at Columbia University and chairman of the Software Freedom Law Center. Surveillance of communication endpoints is the "anonymity" type of privacy, but when people start talking about the actual contents of messages or files, that falls under a different category called "secrecy."
"A message is secret if its contents are known only to the sender and the recipient," he said. But as far as whether the government is listening in on those messages -- encrypted or not -- and how much it is listening, and which governments are listening, the answer could be yes, no or maybe, Moglen said.
One of the biggest questions right now is how powerful the government's code-breaking tools are, and the extent to which they are capable of cracking the algorithms, and at what speed, that power modern encryption programs.
"The U.S. government doesn't tell us how many codes it can break," Moglen quipped.