1. Set up a Hotmail account.
2. Set up a second email account with a non-U.S. provider. (eg. Rediffmail.com)
3. Send messages between the two accounts which might be interesting to the NSA.
4. In each message, include a unique URL to a Web server that you have access to its server logs. This URL should only be known by you and not linked to from any other Web page. The text of the message should encourage an NSA monitor to visit the URL.
5. If the server log file ever shows this URL being accessed, then you know that you are being snooped on. The IP address of the access can also provide clues about who is doing the snooping.
The trick is to make the link enticing enough for someone or something to want to click on it. As part of a large-scale research project, I would suggest sending out a few hundred thousand messages using various tricks to find one that might work.
Reader comment: Philipp says: "I think to make this experiment really fool-proof, one would need to set up a button on the page which is linked to from the email. The button needs to be called 'Enter' or similar, and only when it is pressed is there suspicious government activity -- because with just a simple 'GET' URL, an automated spider started by the email program (for whatever reasons, e.g. to add pages to the index or look for a virus) might fetch it. A 'POST' button however is not pressed by crawlers."
Mark Frauenfelder is the founder of Boing Boing and the editor-in-chief of MAKE and Cool Tools. Twitter: @frauenfelder. His new book is Maker Dad: Lunch Box Guitars, Antigravity Jars, and 22 Other Incredibly Cool Father-Daughter DIY Projects