The Privacy of Email 133
An Anonymous Coward writes "A U.S. appeals court in Ohio has ruled that e-mail messages stored on Internet servers are protected by the Constitution as are telephone conversations and that a federal law permitting warrantless secret searches of e-mail violates the Fourth Amendment.
'The Stored Communications Act is very important,' former federal prosecutor and counter-terrorism specialist Andrew McCarthy told United Press International. But the future of the law now hangs in the balance."
dupe (Score:1, Redundant)
Also looks like a dupe of this story http://yro.slashdot.org/article.pl?sid=07/06/18/1
future of the law now hangs in the balance (Score:5, Insightful)
http://www.eff.org/legal/cases/att/ [eff.org]
the cost of freedom (Score:4, Insightful)
I thought this balanced out to "States Secret", or better put, "You get privacy until we decide you don't need it"
"Those who give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety."
The cost of freedom is the risk you take that someone will use that freedom to harm you. The payback is that you and your family live your lives free.
Re:the cost of freedom (Score:5, Insightful)
Re:the cost of freedom (Score:5, Insightful)
We're operating under the specious principle that if we restrict freedoms in the name of preventing terrorism, we will be safer. Not even a LITTLE. All this does is cause inconvenience and infringe on the civil rights that our founding fathers found so essential to the existence of our country. I took a vacation last week that took me out of the USA, and even I, not being a trained "terrorist", figured out about a dozen ways that I could have gotten a weapon/explosive on the plane. It's not helping at all. Suicide bombers are happy to be martyrs for a cause they believe in; shouldn't we be ready to do the same if we REALLY want to fight fire with fire?
Oh, wait, dying for your country is only for the poor. What was I thinking?
MOD PARENT UP, other people.
Re:the cost of freedom (Score:5, Interesting)
In my travels, this tool has -never- been detected by the metal detectors. I've run this experiment about 6 times now, through SFO, LAX, DFW and O'hare.
The laptops that flood onto planes have plenty of nooks and crannies in which blades could be secreted. A blade fits in the crevice between my battery and the wall of the case. Since this is vertical when it goes through the Xray, I have no doubt that it would pass.
The much vaunted liquid explosives that are causing us to fear sippy cups are a non-starter. Google the reaction, it starts with instructions on the order of "collect 5 gallons of ice. Mix reagents carefully, and stir for 45 minutes. " I think I can determine a more robust security procedure than forbidding water bottles.
When do we take our country back from the idiots?
Re: (Score:3, Insightful)
When people like you run for political offices.
I am sure you won't. I won't either. Why? Because we would hate the job.
Be that as it may, simply voting and funding the ACLU won't cut it. So long as the lawmakers are people who represent the interests of the wealthy aristocracy rather than the general public, this sort of idiocy will continue.
Re: (Score:2, Insightful)
Re: (Score:1)
As Borat called it--erroneously and accurately--this is a War of Terror.
Re: (Score:1)
Re:the cost of freedom (Score:5, Insightful)
They make hard plastic and fiberglass knives now, too. Not sure what the metal detectors are supposed to do about them.
Sure, they're not as sturdy as metal knives -- I wouldn't want to use one as a pocketknife, because it would get dull -- but you can make a hell of a single- or few-use stiletto out of one.
The crap at the airports is just security theater. They go around confiscating people's pen-knives and soda cups, because for some strange reason people feel safer when their pen-knives and soda cups are confiscated. The real terrorists have lots of ways of getting instruments of mayhem through, if they want to.
If we wanted real airline security, we'd stop putting all our faith in expensive gadgets and employ more (and pay substantially more, so we can stop getting idiots) human beings, so that every single passenger gets an interview before they get on the plane. People are substantially better at detecting the intentions of other people than machines are, based on many more possible factors. The Israelis have had lots of luck with approaches like this, but the fact is in the West, we really don't want security, we want the appearance of, and feeling of, security.
Re: (Score:2)
Riiiiight. More intrusion and an extremely subjective analysis. That's the ticket. I have a better idea. - Change the "No Fly" list to an "Extra Attention" list. - Go back to a reasonable screening process. It should be capable of screening out the like
Re: (Score:2)
Re: (Score:2)
For that matter, someone could club you to death with their cane, or poke your eye out with their high heel. And what are they going to do about a boxer's fists -- cut off his hands??!
As you say, security theatre abounds, and makes us no safer. A few well-armed ordinary passengers,
Re: (Score:1)
If you believe you could devise a better plan... then detail it. I am sure all of /. will peer review your efforts. A working, 'open source' solution would also be useful the world over.
Keep in mind, your goal would be to stop terrorists from achieving a 'victory'.. however you define it. Airlines, ships, trains, cars, WMDs, etc...
Bothers me when people complain about a solution while never detailing a fully thought out a
Re: (Score:1)
On the question of airline security, I encourage you to both realize and research that reality the Kroll (it might be Blackwater by this time) does the background checks on the TSA personnel and four of the TSA personnel were recently convicted and jailed (at the Sea-Tac International Airport, Seattle-Tacoma, Washington, USA --- for pilferage of luggage). With this type of situation - security really does
Re: (Score:2)
Or perhaps it's not you doing this but somebody you work with that you dislike intensely.
Re:the cost of freedom (Score:5, Interesting)
"If tyranny and oppression come to this land, it will be in the guise of fighting a foreign enemy. Of all the enemies to public liberty, war is perhaps the most to be dreaded because it comprises and develops the germ of every other. War is the parent of armies; from these proceed debts and taxes; and armies, and debts, and taxes are the known instruments for bringing the many under the domination of the few. The loss of liberty at home is to be charged to the provisions against danger, real or imagined, from abroad."
This continuous fearmongering by our government is being used to subdue our people. This mindset of "If you dont submit to this injustice or that that the terrorists win" is ruining our country. Unfortunately, by and large, the citizens of our country are too uneducated or apathetic to see it and do something about it. This constant BS about "If you are doing nothing wrong, you have nothing to hide...", people/media/govt insinuates that because people value their freedom and privacy, there must be something wrong with them, or they are terrorist agents. Thats not the case. The founding fathers didnt place caveats on the Constitution, because it was this sort of thing they were trying to get away from when they left England.
The thing that makes me so sick about this is that I remember clearly Bush saying on 9/11 that we wont let these terrorists change our way of life. But that was a bald faced lie. Because he and the rest of the government set to work to do just that. That being the case, the terrorists have already won. They have fundamentally changed the American way of life, for the worst.
If we are to win the "War on Terror" the first step is to restore Freedom and the Constitution. Then we can deal with everything else.
Re: (Score:2)
Why do you hate Amer.. oh, wait. Nevermind.
The real litmus test will be in 2008, if/when the Democrats win the presidential election and martial law gets declared for the good of the country. (I seriously don't put it past this bunch of losers. Tinfoil hat? Maybe. Plausible? That's the problem, it is.) One only hopes that the military sees that for what it is, an uncon
Re: (Score:1)
if/when the Democrats win the presidential election and martial law gets declared for the good of the country. ...[snip]... Tinfoil hat? Maybe. Plausible? That's the problem, it is.
It's not plausible, but spouting insanity this way does tend to make it more likely that the Democrats will lose. It's a good part of what lost the last election for Kerry.
Re: (Score:2)
Re: (Score:2)
And I'm curious why you think a Democratic president would declare martial law.. every one of the problem we're talking about have been created by the current Repuglican administration.
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
Well, naturally
After all... in a post september 11th world.....
Re: (Score:2)
Foreign enemy? Not only was this law passed in 1986 when Americans couldn't care less about terrorism, this particular case was a fraud investigation of the Enzyte natural male enhancement "smiling Bob" people.
Also, you are using Madison's quote to try to prove its converse. President Madison certainly didn't believe that fighting a foreign enemy always leads to tyranny and oppression.
Not only that, the mer
Re: (Score:2)
but he was right, the terrorists didn't change his way of life or that of his cronies. Its just a matter of who, exactly he meant when he said "our" way of life.
Re: (Score:1)
~Patrick Henry
the cost of freedom - or maybe just the followup (Score:1)
I, for one, would rather there be a criminal investigation of 9/11/01 - than to die in the next one.
The trouble with the "Greatest Generation" (to use that draft-dodging newsy, what's-his-face's tired, lame description) was their inability to have a full-scale criminal investigation of President Kennedy's assassination - had that actually occurred - there probably would never have been a 9/11/01 to ever take place (and the Bush family wo
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
Power needs control, but who controls what is to be kept secret from "the people"?
Re: (Score:1)
Asinine (Score:2, Insightful)
Re:Asinine (Score:4, Insightful)
Re: (Score:3, Informative)
By your arguement, nobody should expect privacy when talking on the phone since they didn't take steps to encrypt their phonecalls
Your analogy doesn't fit. When I make a phone call, I'm expecting a point-to-point connection, with no intermediaries to intercept or look at my communication. When I send an e-mail, I know that it will be stored and transferred across many server, and that those servers may have logging software that will store a copy of my e-mail.
However, with packet-switched phone networ
Re: (Score:3, Insightful)
However, with packet-switched phone networks replacing traditional circuit switching, that distinction is becoming more blurred.
It seems to me the analogy is a valid one. Any switching means that there are multiple points where your unencrypted conversation can be intercepted. Even back to the early days of a telephone, where such interception was required via an operator in order to make a connection. You may have expectation of a point-to-point communication, but it's never actually that (obviously excluding the pioneering work).
You're special (Score:1)
Note the difference between ease of interception and expectation of non-interception. I can send you a letter in the mail, but all it takes is someone with a finger (maybe two) to open the letter, and we no longer have that privacy. However, we still regard snail-mail as having an expectation of privacy. Hell, you can even encrypt an email and someone can intercept it and br
No, they shouldn't (Score:1)
When I want to talk privately, I could grab an empty office - or more reliably, talk in code. As in "Any chance of being on the team tonight, love?"
Re:Asinine (Score:4, Insightful)
I'm sorry but that is utter nonsense. Maybe not to you, and maybe not to who ever modded your comment up. I don't expect anyone to read my email other than the recipient. That's an expectation. I don't see how anyone who doesn't open my email will be able to read it.
Correct me if I'm wrong, but its not a typical part of an email server to display the contents of all messages passing through it onto a monitor somewhere is it?
No, I'd say its absolutely nothing like sending an open postcard.
If you want privacy, take steps to encrypt it, not unlike putting a letter in a sealed envelope (as it pertains to the law, not ease of circumvention). This will be overturned, and with good reason.
Yeah I don't think this is reasonable either.. thats like saying if you don't want to be searched hide your stuff better. Utter nonsense.
Re: (Score:1)
It's exactly like sending a postcard in that anyone who picks it up (ie whose server forwards it) can read it. It's just text. Servers can and do routinely keep stuff around, whether in the cache, hard drive or ram. And you can bet that the NSA and related parts of the US government and related bodies own the internet via controlling parts of the backbone, in addition to the various satellites, tapped fibre optic cable and deals with t
Re:Asinine (Score:5, Insightful)
Re: (Score:2)
Re:Asinine (Score:4, Insightful)
It's exactly like sending a postcard in that anyone who picks it up (ie whose server forwards it) can read it Thats like saying any postal carrier can open your letter and read it (this too is true) but you don't expect it. They still have to open it unlike a postcard.
Re: (Score:1)
An email passing through someone else's router is not going to be seen by human eyes by accident. It will not "flash" across a monitor, it will not be opened and read with out specifically and purposefully being opened.
Huh? No? Random stuff bounces into the postmaster box all the time, stupid aolers press 'mark as spam' and bam, a copy of your message in _my_ mailbox, fire up ethereal (wireshark w/e) to diagnose some problem and weeeeeee a zillion email messages fly right by my screen. Mail spool's growing exponentially, lets do some greping and figure out who the culprit is.
So ya, people's private messages do, quite literaly, flash across a sysadmins monitor. I really don't want to see them either, but ya know, that's m
Re: (Score:3, Interesting)
Do your job professionally. Just because you have access to something, doesn't give you any righ
Re: (Score:2)
Exemptions (Score:2)
Re: (Score:2)
It's called a warrant [1]. Antiquated concept in this day and age, but it's worked fairly well for
Re: (Score:2)
[Yes] [No]
repeat 100 times.
It is like a postcard... (Score:5, Insightful)
When I send a postcard, I have good faith that nobody along the way (mail carrier, other postal worker, OCR systems) will read what I have written. However, if someone or something handling my postcard along its journey really wanted to read the contents, to do so would be relatively easy.
It's the same case with a plaintext e-mail. I have good faith that no system administrators or automated monitoring systems will read my plaintext e-mail along its journey, but if someone really wanted to read the contents, to do so would be relatively easy.
Preventing this requires encryption for e-mail, and for tangible mail either a sealed letter (not much of a roadblock for the determined), or by actually encrypting the text I write on the postcard.
So yeah, there are some similiarities in my mind.
Re: (Score:2)
Re: (Score:1)
IMO, the average person has the expectation of privacy with email, so that when Mrs. Wilson sends a love letter by email to her Hubby while he is away, she knows any perverts along the way won't be be reading it without risk/liability for doing so.
Whether this is law or not is another matter, but I believe it is a social norm, in any event. And Laws often follow f
Re: (Score:1)
Right. Otherwise, this could have unintended consequences for Carnivore and Eschelon. Plaintext e-mail has been determined consistently to not have any reasonable expectation of privacy attached to it, and why sh
Re: (Score:2)
The term "reasonable expectation" has nothing to do with how easy it is to read the email. It's about what sorts of actions/accesses are kosher.
A person whose admin password is "password," who never patches his system, who runs all kinds of unneeded services, and has no firewall still has a "reasonable expectation" that nobody will access his system with
Re:Asinine (Score:5, Insightful)
Re:Asinine (Score:5, Insightful)
Re: (Score:2)
Personally I'm of the opinion that if you're up to shady stuff that carries any sort of legal liability you shouldn't be leaving a record of it anywhere. But, with the way the law is written, y
yeah? (Score:2)
people are so stupid (Score:5, Insightful)
Letters in the mail? Sealed with glue. Glue. Wow. You must not have much expectation of privacy there, otherwise you would've used a more robust method of ensuring your privacy. Even your phone calls are unencryped, sent as electrical impulses over wires and cables. Is it okay to listen to and record cellphone conversations, because they are transmitted through the air? If not, why not? If people wanted security, they wouldn't have transmitted those radio waves all over the place. People are so stupid.
It's true that we have laws against most (or all) of this type of surveillance. But it's just to protect the stupid people. I think that anytime it's possible to intercept your message, everyone should be able to do so, no warrant or probable cause needed, and use it in any way they want. That's the only way people will stop being so stupid that they think they have an expectation of privacy.
Re: (Score:2, Funny)
Depends on how much I've had to drink . . .
Re: (Score:2)
Your post got modded Insightful but it should be modded Sad. What kind of society are we living in where you have to assume that everyone else is out to screw you and if you don't you're "stupid"
Re: (Score:3, Insightful)
Re: (Score:1)
Re: (Score:2)
That being said I agree that people should use encryption. It just makes sense. You however need to get off that high horse you're riding.
Re: (Score:1, Insightful)
Riiiiight, because everytime someone sends an email unencrypted, it's shown to the whole wild world.
No, actually, if you're neither the recipient nor the sender, you have to take special steps to get a look at the email even if it's in plaintext. Even the server administrator can't sit there and read all 20000000000 emails a day, no, the administrator has to take steps to get your email if he wants to look at
Re: (Score:2)
Funny? Yes. Kinda awkward (because, well, how should you check whether they read your mail except in such rather dumb ways
Re: (Score:2)
In all seriousness, don't suppose you have a link to back up the illegality of reading post cards, do you? I suspect you're right, but would just love to smack all the "but email is just a post card" schmucks with something concrete.
Re: (Score:2)
Though... knowing our postal service, I kinda doubt it. If you can't slap a stamp on it, they don't want to deal with it.
McCarthy? (Score:5, Funny)
Re: (Score:3, Funny)
Re: (Score:2)
'The Stored Communications Act is very important,' former federal prosecutor and counter-terrorism specialist Andrew McCarthy told United Press International. But the future of the law now hangs in the balance. [snip] Some observers warned that the ruling might hamper federal counter-terrorism efforts.
Oh no, they've amused some Slashdotters. That's about it, honestly, your average American doesn't know who Joe McCarthy was and has no notion of the reign of terror his inquisition brought about.
and here I was thinking that was an actual McCarthy quote until the quote came to the PatriotAct. but then, my only knowledge of McCarthy era us politics comes from the Dead Kennedys.
is this actually useful? (Score:4, Interesting)
Besides, if you are convicted, or suspected of crime, they can always obtain legal access to your mails, regardless, just as they could anything else you owned.
Perhaps I haven't had time to grow a sufficiently impressive tin foil hat, but I am given to think the whole idea is just plain silly.
You might as well pass laws that say you aren't allowed to follow the movement of a grain of silt in the Amazon.
Re: (Score:3, Insightful)
Re: (Score:1)
Re: (Score:1)
Re: (Score:1)
There are billions of emails flying about constantly. Anyone who beleives they can be effectivelly monitored has to be kidding themselves, so how useful is a law that says you can't do this?
You've got an awfully low opinion of information technology. Emails don't "fly about", they pass in an orderly, organized, somewhat predictable fashion through multiple servers. Along the way they are almost always written to at least medium-term storage (meaning something less volatile than RAM, although not necessarily archived for posterity) on each machine they pass through, and to longer-term (possibly much longer; see Gmail) storage in the final receiving mailbox. Even if none of the intermediate se
Re: (Score:2)
If your ISP has a good spam filter, they are performing non-trivial processing of every email bound for their mail servers. There is no insurmountable scaling problem for drift-net monitoring of e-mail, SMS, and other text message traffic.
Re: (Score:2)
Re: (Score:1)
Re: (Score:1)
'Nuff said.....
Woot (Score:5, Insightful)
Andrew McCarthy (Score:4, Funny)
prosecutors|police vs mere mortals (Score:5, Insightful)
Despite the torrent of "email isn't private, and only stupid people think it is" posts that will follow, if a monkey at the local ISP took sensitive customer emails (to each other, not to the company) that he had plucked from their servers and posted them to a blog or whatever, there would be an outcry, criminal investigation, lawsuit, and (fake) apologies. If the prosecutor's own dirty emails to his wife|mistress|whatever were publicized, the prosecutor would suddenly discover that a crime had been committed.
When it comes to private parties, either communication is private, or it isn't. If it isn't, then Joe Schmoe who works at AOL or the local ISP can read customers' emails at random and post the amusing bits to a public forum. Anything Joe Schmoe can't legally do, his brother Officer Jim needs a warrant to do. If Officer Jim doesn't need a warrant to do it, that means Joe the private citizen can do it with impunity.
What we're saying is, "you have an expectation of privacy in your private affairs, unless it's a police eyeball/eardrum, and in those cases you have no expectation of privacy because your action was public and they don't need a warrant." Bullshit. Anything the police don't need a warrant for is something every single private citizen should be able to do with impunity. Anything we don't want the public doing (privacy-wise) is something the police should need a warrant to do. Otherwise you're giving police and prosecutors the power to arbitrarily target anytone they want, without any oversight at all. This isn't complicated, people. I can understand why they would ask for it, but not why we would be so stupid as to give it to them.
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
:golf clap:
Well said. You just added a compelling new idea into my standard repertoire.
Re: (Score:2)
Re: (Score:2)
if a monkey at the local ISP took sensitive customer emails (to each other, not to the company) that he had plucked from their servers and posted them to a blog or whatever, there would be an outcry, criminal investigation, lawsuit, and (fake) apologies.
Would there? What is the crime? The guy would probably get canned for pissing off a bunch of customers, and the ISP would apologize, and maybe the ISP could sue him for some breach of his employment contract, but I don't think there are any criminal statutes that would apply, and I don't see any grounds for suing the ISP.
Keep in mind that the fourth amendment restrictions on unlawful search and seizure apply only to the government. If I search your house or tap your phones, you can have me prosecuted
May be hope yet. (Score:4, Funny)
I wonder if their (grand)kids play WoW?
How does this affect Ryan McFadyen? (Score:4, Interesting)
To refresh your memory, think back to the 2006 Duke University lacrosse case. Sophomore Ryan McFadyen, a member of the team and an attendee of the party, sent an email [wikipedia.org] that parodied a bit from the book American Psycho, which is (or at least was) required reading in one of Duke's English Lit classes. The police got their hands on the email and threatened to release it to the press if he didn't admit to witnessing the alledged rape. To his credit [lewrockwell.com], McFayden refused; he was subseqently villified by the press and suspended by the university.
It seems to me that this ruling means that McFadyen now has an excellent chance to pursueing a case against the prosecuter's office.
This is great and all... (Score:1)
Other concerns? (Score:1)
Wasn't this already shown (Score:1)
My journal extry 6/18 (Score:2)
At Volokh, [volokh.com] Professor Orin Kerr notes a 6th circuit decision (pdf) [uscourts.gov] about whether the 4th Amendment's expectation of privacy applied to Yahoo emails. Yes. Wired [wired.com] has more. EFF's [eff.org] friend of the court brief may have helped.
--
Meanwhile Dr. Kerr has more on the case, here. [volokh.com]
interesting timing (Score:1)
Re: (Score:1)
I am going to promote something (Score:2)
Re: (Score:2, Insightful)
Re: (Score:1)