The Privacy of Email

An Anonymous Coward writes "A U.S. appeals court in Ohio has ruled that e-mail messages stored on Internet servers are protected by the Constitution as are telephone conversations and that a federal law permitting warrantless secret searches of e-mail violates the Fourth Amendment. 'The Stored Communications Act is very important,' former federal prosecutor and counter-terrorism specialist Andrew McCarthy told United Press International. But the future of the law now hangs in the balance."

dupe

[Egdiroh]

first post.

Also looks like a dupe of this story http://yro.slashdot.org/article.pl?sid=07/06/18/19 48241 [slashdot.org]

future of the law now hangs in the balance

[bl8n8r]

I thought this balanced out to "States Secret", or better put, "You get privacy until we decide you don't need it"

http://www.eff.org/legal/cases/att/ [eff.org]

the cost of freedom

[SuperBanana]

I thought this balanced out to "States Secret", or better put, "You get privacy until we decide you don't need it"

"Those who give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety."

The cost of freedom is the risk you take that someone will use that freedom to harm you. The payback is that you and your family live your lives free.

Re:the cost of freedom

[lupis42]

And it's high time we remembered that. I for one would rather see, or even be killed in, another 9/11 than see us continue as we have. We Americans have become far too cowardly when it comes to defending our own freedoms lately, particularly against our own government.

Re:the cost of freedom

[BVis]

I was going to mod you up but I decided to comment instead. I wish more people got that. While I don't think that we're at the torches-and-pitchforks, ruby-ridge-bunker stage, I can see how people would get there from here.

We're operating under the specious principle that if we restrict freedoms in the name of preventing terrorism, we will be safer. Not even a LITTLE. All this does is cause inconvenience and infringe on the civil rights that our founding fathers found so essential to the existence of our country. I took a vacation last week that took me out of the USA, and even I, not being a trained "terrorist", figured out about a dozen ways that I could have gotten a weapon/explosive on the plane. It's not helping at all. Suicide bombers are happy to be martyrs for a cause they believe in; shouldn't we be ready to do the same if we REALLY want to fight fire with fire?

Oh, wait, dying for your country is only for the poor. What was I thinking?

MOD PARENT UP, other people.

Re:the cost of freedom

[Alpha830RulZ]

On the question of airline security, I encourage you all to perform the same little experiment I do. I will often leave a golf ball mark repair tool in my pocket while going through security. This is a piece of soft steel, about 3 inches long, 1/2 inch wide, and about 1/16 inch thick, with prongs on it. In other words, it has more metal in it than a box cutter.

In my travels, this tool has -never- been detected by the metal detectors. I've run this experiment about 6 times now, through SFO, LAX, DFW and O'hare.

The laptops that flood onto planes have plenty of nooks and crannies in which blades could be secreted. A blade fits in the crevice between my battery and the wall of the case. Since this is vertical when it goes through the Xray, I have no doubt that it would pass.

The much vaunted liquid explosives that are causing us to fear sippy cups are a non-starter. Google the reaction, it starts with instructions on the order of "collect 5 gallons of ice. Mix reagents carefully, and stir for 45 minutes. " I think I can determine a more robust security procedure than forbidding water bottles.

When do we take our country back from the idiots?

Re:

[Anonymous Coward]

When do we take our country back from the idiots?

When people like you run for political offices.

I am sure you won't. I won't either. Why? Because we would hate the job.

Be that as it may, simply voting and funding the ACLU won't cut it. So long as the lawmakers are people who represent the interests of the wealthy aristocracy rather than the general public, this sort of idiocy will continue.

Re:

[AaronBenage]

Why is this guy getting modded down? He is exactly right.

Re:

[Brad Eleven]

Close, but no cookie. When people like him run for political office, they'll be handily defeated by the fundraisers who dominate American politics. It costs big bucks to get elected, and along the way, it's de rigeur to include lurid and sensational content like you see in the Mainstream Media.

As Borat called it--erroneously and accurately--this is a War of Terror.

Re:

[boater rich]

I invite you to try this in the UK... if you like a firm frisking. Here in the UK the gate detectors are pinging on your watch strap... let alone golf tools. And just like the US, our border officials leave their sense of humour at home. Rich

Re:the cost of freedom

[Kadin2048]

I invite you to try this in the UK... if you like a firm frisking. Here in the UK the gate detectors are pinging on your watch strap... let alone golf tools. And just like the US, our border officials leave their sense of humour at home. Rich

They make hard plastic and fiberglass knives now, too. Not sure what the metal detectors are supposed to do about them.

Sure, they're not as sturdy as metal knives -- I wouldn't want to use one as a pocketknife, because it would get dull -- but you can make a hell of a single- or few-use stiletto out of one.

The crap at the airports is just security theater. They go around confiscating people's pen-knives and soda cups, because for some strange reason people feel safer when their pen-knives and soda cups are confiscated. The real terrorists have lots of ways of getting instruments of mayhem through, if they want to.

If we wanted real airline security, we'd stop putting all our faith in expensive gadgets and employ more (and pay substantially more, so we can stop getting idiots) human beings, so that every single passenger gets an interview before they get on the plane. People are substantially better at detecting the intentions of other people than machines are, based on many more possible factors. The Israelis have had lots of luck with approaches like this, but the fact is in the West, we really don't want security, we want the appearance of, and feeling of, security.

Re:

[Jeff Molby]

If we wanted real airline security, we'd stop putting all our faith in expensive gadgets and employ more (and pay substantially more, so we can stop getting idiots) human beings, so that every single passenger gets an interview before they get on the plane.

Riiiiight. More intrusion and an extremely subjective analysis. That's the ticket. I have a better idea. - Change the "No Fly" list to an "Extra Attention" list. - Go back to a reasonable screening process. It should be capable of screening out the like

Re:

[shellbeach]

They make hard plastic and fiberglass knives now, too. Not sure what the metal detectors are supposed to do about them.

That's all well and good, but where can I find the true terrorist's weapon of choice - the fibreglass nail-clipper?

Re:

[Reziac]

You can make a quite durable and sharp blade from a long piece of bone. You can make an effective stabbing weapon from a sharpened piece of wood. And you can make a nasty cutting weapon from wood with broken glass embedded in it.

For that matter, someone could club you to death with their cane, or poke your eye out with their high heel. And what are they going to do about a boxer's fists -- cut off his hands??!

As you say, security theatre abounds, and makes us no safer. A few well-armed ordinary passengers,

Re:

[stenn]

Complaining about the problem without suggesting a solution, is just whining.

If you believe you could devise a better plan... then detail it. I am sure all of /. will peer review your efforts. A working, 'open source' solution would also be useful the world over.

Keep in mind, your goal would be to stop terrorists from achieving a 'victory'.. however you define it. Airlines, ships, trains, cars, WMDs, etc...

Bothers me when people complain about a solution while never detailing a fully thought out a

Re:

[sgt_doom]

On the question of airline security, I encourage you all to perform the same little experiment I do.

On the question of airline security, I encourage you to both realize and research that reality the Kroll (it might be Blackwater by this time) does the background checks on the TSA personnel and four of the TSA personnel were recently convicted and jailed (at the Sea-Tac International Airport, Seattle-Tacoma, Washington, USA --- for pilferage of luggage). With this type of situation - security really does

Re:

[jeremyp]

I hope nobody on the security staff of SFO is reading this because otherwise the next time you use this trick there will probably be rubber gloves, a security guard with large hands and cavities involved.

Or perhaps it's not you doing this but somebody you work with that you dislike intensely.

Re:the cost of freedom

[jrister]

James Madison had it right 200 years ago:

"If tyranny and oppression come to this land, it will be in the guise of fighting a foreign enemy. Of all the enemies to public liberty, war is perhaps the most to be dreaded because it comprises and develops the germ of every other. War is the parent of armies; from these proceed debts and taxes; and armies, and debts, and taxes are the known instruments for bringing the many under the domination of the few. The loss of liberty at home is to be charged to the provisions against danger, real or imagined, from abroad."

This continuous fearmongering by our government is being used to subdue our people. This mindset of "If you dont submit to this injustice or that that the terrorists win" is ruining our country. Unfortunately, by and large, the citizens of our country are too uneducated or apathetic to see it and do something about it. This constant BS about "If you are doing nothing wrong, you have nothing to hide...", people/media/govt insinuates that because people value their freedom and privacy, there must be something wrong with them, or they are terrorist agents. Thats not the case. The founding fathers didnt place caveats on the Constitution, because it was this sort of thing they were trying to get away from when they left England.

The thing that makes me so sick about this is that I remember clearly Bush saying on 9/11 that we wont let these terrorists change our way of life. But that was a bald faced lie. Because he and the rest of the government set to work to do just that. That being the case, the terrorists have already won. They have fundamentally changed the American way of life, for the worst.

If we are to win the "War on Terror" the first step is to restore Freedom and the Constitution. Then we can deal with everything else.

Re:

[BVis]

If we are to win the "War on Terror" the first step is to restore Freedom and the Constitution. Then we can deal with everything else.

Why do you hate Amer.. oh, wait. Nevermind.

The real litmus test will be in 2008, if/when the Democrats win the presidential election and martial law gets declared for the good of the country. (I seriously don't put it past this bunch of losers. Tinfoil hat? Maybe. Plausible? That's the problem, it is.) One only hopes that the military sees that for what it is, an uncon

Re:

[Toonol]

if/when the Democrats win the presidential election and martial law gets declared for the good of the country. ...[snip]... Tinfoil hat? Maybe. Plausible? That's the problem, it is.

It's not plausible, but spouting insanity this way does tend to make it more likely that the Democrats will lose. It's a good part of what lost the last election for Kerry.

Re:

[BVis]

It's not plausible, but spouting insanity this way does tend to make it more likely that the Democrats will lose.

And it's different from the insanity we've seen for the last 7 years how, exactly? I'll take my chances.

Re:

[encoderer]

I don't think Echelon is in use any more. No, that's not a good thing. IIRC, the new system is far more powerful.

And I'm curious why you think a Democratic president would declare martial law.. every one of the problem we're talking about have been created by the current Repuglican administration.

Re:

[JazzLad]

Perhaps I misread the GP, I read it to be that the current administration would be the one declareing martial law, post-election, pre-handover. As you say, they are the ones who have created the vast majority of the current problems - what's one more?

Re:

[BVis]

And I'm curious why you think a Democratic president would declare martial law.. every one of the problem we're talking about have been created by the current Repuglican administration.

I think you misunderstood me. What I meant was, once it had been official that a Democrat had been elected, THEN the current lame duck administration would declare martial law "for the good of the country".

Re:

[encoderer]

Aahhh!

Well, naturally ;)

After all... in a post september 11th world.....

Re:

[kbielefe]

If tyranny and oppression come to this land, it will be in the guise of fighting a foreign enemy.

Foreign enemy? Not only was this law passed in 1986 when Americans couldn't care less about terrorism, this particular case was a fraud investigation of the Enzyte natural male enhancement "smiling Bob" people.

Also, you are using Madison's quote to try to prove its converse. President Madison certainly didn't believe that fighting a foreign enemy always leads to tyranny and oppression.

Not only that, the mer

Re:

[Altus]

Bush saying on 9/11 that we wont let these terrorists change our way of life.
but he was right, the terrorists didn't change his way of life or that of his cronies. Its just a matter of who, exactly he meant when he said "our" way of life.

Re:

[my $anity 0]

"Give me liberty or give me death!"
~Patrick Henry

the cost of freedom - or maybe just the followup

[sgt_doom]

I for one would rather see, or even be killed in, another 9/11...

I, for one, would rather there be a criminal investigation of 9/11/01 - than to die in the next one.

The trouble with the "Greatest Generation" (to use that draft-dodging newsy, what's-his-face's tired, lame description) was their inability to have a full-scale criminal investigation of President Kennedy's assassination - had that actually occurred - there probably would never have been a 9/11/01 to ever take place (and the Bush family wo

Re:

[lupis42]

I hope so.

Re:

[RealityProphet]

So, Iraqis should be ecstatic, right?

Re:

[Opportunist]

That actually opens up a very interesting question: Who says when the State Secret should better not be secrets because they are being used against the state (ya know, that "we, the people" part of it)?

Power needs control, but who controls what is to be kept secret from "the people"?

Re:

[WWGTom]

AT&T moved to dismiss the case, basically arguing that it should be immune from suit because "whatever we did, the government told us to."

The Nazi's did what they were told to do as well, look at what happens to the ones we still find roaming around.

Asinine

[bconway]

There is no more expectation of privacy in a plaintext email than there is in an open-face postcard. If you want privacy, take steps to encrypt it, not unlike putting a letter in a sealed envelope (as it pertains to the law, not ease of circumvention). This will be overturned, and with good reason.

Re:Asinine

[whisper_jeff]

By your arguement, nobody should expect privacy when talking on the phone since they didn't take steps to encrypt their phonecalls so wiretapping should be enirely acceptable. Or if your arguement only applicable to emails?...

Re:

[quanticle]

By your arguement, nobody should expect privacy when talking on the phone since they didn't take steps to encrypt their phonecalls

Your analogy doesn't fit. When I make a phone call, I'm expecting a point-to-point connection, with no intermediaries to intercept or look at my communication. When I send an e-mail, I know that it will be stored and transferred across many server, and that those servers may have logging software that will store a copy of my e-mail.

However, with packet-switched phone networ

Re:

[thePowerOfGrayskull]

However, with packet-switched phone networks replacing traditional circuit switching, that distinction is becoming more blurred.

It seems to me the analogy is a valid one. Any switching means that there are multiple points where your unencrypted conversation can be intercepted. Even back to the early days of a telephone, where such interception was required via an operator in order to make a connection. You may have expectation of a point-to-point communication, but it's never actually that (obviously excluding the pioneering work).

You're special

[ninjafirepants]

Most of the public doesn't know how an email goes from me to you. They don't get it, and it'd be hell to try to explain it to them.

Note the difference between ease of interception and expectation of non-interception. I can send you a letter in the mail, but all it takes is someone with a finger (maybe two) to open the letter, and we no longer have that privacy. However, we still regard snail-mail as having an expectation of privacy. Hell, you can even encrypt an email and someone can intercept it and br

No, they shouldn't

[Kittenman]

Get low-tech here. Phone calls aren't private - not because they can be wire-tapped, but because they can be overheard. From where I sit (in my cubicle) I can overhear two or three phone calls going on.

When I want to talk privately, I could grab an empty office - or more reliably, talk in code. As in "Any chance of being on the team tonight, love?"

Re:Asinine

[$1uck]

There is no more expectation of privacy in a plaintext email than there is in an open-face postcard.

I'm sorry but that is utter nonsense. Maybe not to you, and maybe not to who ever modded your comment up. I don't expect anyone to read my email other than the recipient. That's an expectation. I don't see how anyone who doesn't open my email will be able to read it.
Correct me if I'm wrong, but its not a typical part of an email server to display the contents of all messages passing through it onto a monitor somewhere is it?
No, I'd say its absolutely nothing like sending an open postcard.

If you want privacy, take steps to encrypt it, not unlike putting a letter in a sealed envelope (as it pertains to the law, not ease of circumvention). This will be overturned, and with good reason.

Yeah I don't think this is reasonable either.. thats like saying if you don't want to be searched hide your stuff better. Utter nonsense.

Re:

[Threni]

> No, I'd say its absolutely nothing like sending an open postcard.

It's exactly like sending a postcard in that anyone who picks it up (ie whose server forwards it) can read it. It's just text. Servers can and do routinely keep stuff around, whether in the cache, hard drive or ram. And you can bet that the NSA and related parts of the US government and related bodies own the internet via controlling parts of the backbone, in addition to the various satellites, tapped fibre optic cable and deals with t

Re:Asinine

[honkycat]

It's exactly like sending a postcard in that anyone who picks it up (ie whose server forwards it) can read it. It's just text. Servers can and do routinely keep stuff around, whether in the cache, hard drive or ram.

The court realized this and ruled that the ISP is a "mere custod[ian]" of the data. In other words, that data is yours and they only possess it to enable the system to work. The government cannot simply take an action because it is technically simple, it is (and should be) required to consider whether each action is ethical (and/or Constitutional). This is a fantastic ruling on that front.

And yes, if reading email is found to be illegal, then the law will simply be changed to make it legal.

Ok, I'll be waiting for that Constitutional amendment to go through. Unless this ruling is overturned (which is possible), that's what would be required.

Re:

[BKX]

And yes, if reading email is found to be illegal, then the law will simply be changed to make it legal.

Ok, I'll be waiting for that Constitutional amendment to go through. Unless this ruling is overturned (which is possible), that's what would be required.

Exactly. Although, I do expect that the Bush administration will simply continue to ignore the courts for it's own ends.

Re:Asinine

[$1uck]

No, you are simply wrong. A carrier (a human being) picking up a post card cannot help but to see the text. He may choose not to read it, but it is visible. An email passing through someone else's router is not going to be seen by human eyes by accident. It will not "flash" across a monitor, it will not be opened and read with out specifically and purposefully being opened.
It's exactly like sending a postcard in that anyone who picks it up (ie whose server forwards it) can read it Thats like saying any postal carrier can open your letter and read it (this too is true) but you don't expect it. They still have to open it unlike a postcard.

Re:

[Akatosh]

An email passing through someone else's router is not going to be seen by human eyes by accident. It will not "flash" across a monitor, it will not be opened and read with out specifically and purposefully being opened.

Huh? No? Random stuff bounces into the postmaster box all the time, stupid aolers press 'mark as spam' and bam, a copy of your message in _my_ mailbox, fire up ethereal (wireshark w/e) to diagnose some problem and weeeeeee a zillion email messages fly right by my screen. Mail spool's growing exponentially, lets do some greping and figure out who the culprit is.

So ya, people's private messages do, quite literaly, flash across a sysadmins monitor. I really don't want to see them either, but ya know, that's m

Re:

[honkycat]

A very very very small fraction of emails end up in a postmaster's box. That hardly invalidates the legal expectation of privacy. When an arrest is made on evidence found in a bounced email, post the story to slashdot... Grepping the mail spool? As the article points out, the courts specifically distinguished between sender/date (and possibly subject) meta-data and message content, so that's also irrelevant.

Do your job professionally. Just because you have access to something, doesn't give you any righ

Re:

[$1uck]

I don't see how either of your statements are relative. What the recipient does with received mail/email is not relevant. Of course the sender expects the person to whom the mail was addressed to open it. If the sender doesn't get the address correct they can't expect it to not be opened by the person it is addressed to. If it happened to "bounce" to an admin account, I don't see any reason thee admin would need to read it, but if the contents come up on the screen that is the fault system/software. So

Exemptions

[phorm]

Except if they're investigating mail issues, fixing user accounts, etc. Some of this can be done with permission, which actually checking into the user account should. I've had to login to clients' email accounts myself in order to verify whether a problem is on the server (misconfiguration), the client (misconfiguration, connection issues, etc), or the user (wrong password, etc). Of course, sometimes it's just a telnet to port 110/25 in order to receive/send a test email, so I never see actual messages, bu

Re:

[Kadin2048]

Actually, the postal model works quite well. While the gov't can't just decide to rifle through your mail, I believe there are procedures for postal services to inspected and/or open-to-inspect suspicious mail. The only problem with this in the e-world is that the volume of email in a minute amount of time might be much greater than snail-mail, which if there is a "permission" process could become a bottleneck.

It's called a warrant [1]. Antiquated concept in this day and age, but it's worked fairly well for

Re:

[flonker]

You are opening an email to check if your new spam filter is working properly. This requires a search warrant. Do you have a warrant?
[Yes] [No]

repeat 100 times.

It is like a postcard...

[Ericular]

In many ways, a plaintext e-mail is exactly like a postcard.

When I send a postcard, I have good faith that nobody along the way (mail carrier, other postal worker, OCR systems) will read what I have written. However, if someone or something handling my postcard along its journey really wanted to read the contents, to do so would be relatively easy.

It's the same case with a plaintext e-mail. I have good faith that no system administrators or automated monitoring systems will read my plaintext e-mail along its journey, but if someone really wanted to read the contents, to do so would be relatively easy.

Preventing this requires encryption for e-mail, and for tangible mail either a sealed letter (not much of a roadblock for the determined), or by actually encrypting the text I write on the postcard.

So yeah, there are some similiarities in my mind.

Re:

[timeOday]

if someone really wanted to read the contents, to do so would be relatively easy.

What does that have to do with anything? If I wanted to walk up from behind and hit somebody over the head with a brick there's nothing to stop me, so why should it be illegal?

Re:

[KarmaOverDogma]

I agree with you. IMO, the closest analogy to a postcard email would be one where the entire message of email content was in the title bar only.

IMO, the average person has the expectation of privacy with email, so that when Mrs. Wilson sends a love letter by email to her Hubby while he is away, she knows any perverts along the way won't be be reading it without risk/liability for doing so.

Whether this is law or not is another matter, but I believe it is a social norm, in any event. And Laws often follow f

Re:

[morgan_greywolf]

There is no more expectation of privacy in a plaintext email than there is in an open-face postcard. If you want privacy, take steps to encrypt it, not unlike putting a letter in a sealed envelope (as it pertains to the law, not ease of circumvention). This will be overturned, and with good reason.

Right. Otherwise, this could have unintended consequences for Carnivore and Eschelon. Plaintext e-mail has been determined consistently to not have any reasonable expectation of privacy attached to it, and why sh

Re:

[Lockejaw]

Plaintext e-mail has been determined consistently to not have any reasonable expectation of privacy attached to it, and why should it? Anyone can read it.

The term "reasonable expectation" has nothing to do with how easy it is to read the email. It's about what sorts of actions/accesses are kosher.
A person whose admin password is "password," who never patches his system, who runs all kinds of unneeded services, and has no firewall still has a "reasonable expectation" that nobody will access his system with

Re:Asinine

[daeg]

The ruling doesn't say that e-mail is off limits. All the court said was that there is nothing special about e-mail or phone calls. They are still grounds to be seized, but those wanting the information (FBI, prosecutors, etc) must go through due process to obtain them. If they get a warrant they can seize e-mail all they want.

Re:Asinine

[CastrTroy]

Thank you. This is the point nobody seems to be getting. Nobody is saying that emails can't be used as evidence, but that in order for them to be used, the cops must go through the proper procedures. If they don't use proper procedures to obtain the email, then it is inadmissible in court. Same goes for the telephone. Just as it is trivially easy for the cops to tap your phone, they are not allowed to do it unless they go through the proper procedures for obtaining a warrant. Saying that you should just encrypt your email if you want it to stay private is the same as saying you should build a 20 foot concrete wall around your house if you don't want them doing illegal searches of your property.

Re:

[dave562]

Thanks for pointing this out. The conversation seems to have gone off onto a tangent about whether or not emails are private. That discussion misses the point of the ruling. The ruling just says that the government has to follow due process and obtain a warrant if they want to USE YOUR EMAILS AGAINST YOU IN COURT.

Personally I'm of the opinion that if you're up to shady stuff that carries any sort of legal liability you shouldn't be leaving a record of it anywhere. But, with the way the law is written, y

yeah?

[weighn]

There is no more expectation of privacy in a plaintext email than there is in an open-face postcard. If you want privacy, take steps to encrypt it

you could always sign into gmail using ssl - gmail doesn't display your ip when sending, so only google has a co... oh, hang on...

people are so stupid

[misanthrope101]

Your speech isn't encrypted either, but if I bug your house it's considered a violation of your privacy. I don't even have to enter your house for that--the laser microphone [wikipedia.org] will let me listen/record from the sidewalk. Since your sound waves are traveling outside your home, you must not have an expectation of privacy.

Letters in the mail? Sealed with glue. Glue. Wow. You must not have much expectation of privacy there, otherwise you would've used a more robust method of ensuring your privacy. Even your phone calls are unencryped, sent as electrical impulses over wires and cables. Is it okay to listen to and record cellphone conversations, because they are transmitted through the air? If not, why not? If people wanted security, they wouldn't have transmitted those radio waves all over the place. People are so stupid.

It's true that we have laws against most (or all) of this type of surveillance. But it's just to protect the stupid people. I think that anytime it's possible to intercept your message, everyone should be able to do so, no warrant or probable cause needed, and use it in any way they want. That's the only way people will stop being so stupid that they think they have an expectation of privacy.

Re:

[Strawser]

Your speech isn't encrypted either,

Depends on how much I've had to drink . . .

Re:

[dave562]

But it's just to protect the stupid people. I think that anytime it's possible to intercept your message, everyone should be able to do so, no warrant or probable cause needed, and use it in any way they want. That's the only way people will stop being so stupid that they think they have an expectation of privacy.

Your post got modded Insightful but it should be modded Sad. What kind of society are we living in where you have to assume that everyone else is out to screw you and if you don't you're "stupid"

Re:

[misanthrope101]

Well, I was being ironic, but ultimately I think it's about veneration of power. People get fed up with red tape and complication and dream of just having the power to "get stuff done." Law enforcement/military ops superficially seem to be areas where stuff most urgently needs to get done, so seem to be prime candidates for cutting the red tape and administrative overhead, including oversight. It's not for nothing that people love action movies of burly men just mowing through the bad guys, namby-pamby d

Re:

[lupis42]

Maybe, but think about the difference between a postal working reading your postcard, versus faxing a copy to the FBI, or just his buddies, without your knowledge. It's about to what extent the government is allowed to say "You don't expect it to be completely private, therefore it's going into our database". IIRC the Google street view van is facing similar issues abroad. Just because it isn't entirely private, that doesn't make it entirely public.

Re:

[dreamchaser]

Actually your analogy is what is asinine. A plaintext email is inside an easy to open envelope, but opening that envelope if you're not the intended recipient should still be against the law just as it is with snail mail.

That being said I agree that people should use encryption. It just makes sense. You however need to get off that high horse you're riding.

Re:

[Anonymous Coward]

There is no more expectation of privacy in a plaintext email than there is in an open-face postcard

Riiiiight, because everytime someone sends an email unencrypted, it's shown to the whole wild world.

No, actually, if you're neither the recipient nor the sender, you have to take special steps to get a look at the email even if it's in plaintext. Even the server administrator can't sit there and read all 20000000000 emails a day, no, the administrator has to take steps to get your email if he wants to look at

Re:

[Opportunist]

Actually it's illegal here for the postal worker to read your postcards. You could write your next terror plan onto the postcard and should the police knock down your door because of it, the postal worker is going to jail, not you (unless there's actually a real plan behind it and they find evidence for that, but let's imagine you just wanted to test how nosey the postal service is...).

Funny? Yes. Kinda awkward (because, well, how should you check whether they read your mail except in such rather dumb ways

Re:

[honkycat]

Beyond illegal, it's just plain BORING. Can you imagine how sad your life would be if you spiced it up by reading other people's frickin post cards?? I mean, it's hard to imagine being that miserable unless you're a postal wor... oh wait.

In all seriousness, don't suppose you have a link to back up the illegality of reading post cards, do you? I suspect you're right, but would just love to smack all the "but email is just a post card" schmucks with something concrete.

Re:

[Opportunist]

I ain't from the US. Don't know if it's legal for the US postal worker to read postcards. I'll ask my friend (he works there) to lend me their "big book" (with all those dos and don'ts), though I hope it's available in electronic form.

Though... knowing our postal service, I kinda doubt it. If you can't slap a stamp on it, they don't want to deal with it.

McCarthy?

[Red Flayer]

This is about overturning aspects of the 1986 Stored Communications Act. FTA:

'The Stored Communications Act is very important,' former federal prosecutor and counter-terrorism specialist Andrew McCarthy told United Press International. But the future of the law now hangs in the balance.
[snip]
Some observers warned that the ruling might hamper federal counter-terrorism efforts.
[snip]
'The USA Patriot Act broke down the wall between intelligence and law enforcement. Criminal prosecutors can now share information with the intelligence side of the house,' [McCarthy] said.

But if the ruling stopped prosecutors from gathering information, it could not be passed along. 'If you can`t get it, you can`t share it,' he said.

Is it just me, or would it have been a little smarter for the government to use a mouthpiece with a name other than McCarthy when discussing tactics for terrorist witch-hunts?

Re:

[mulvane]

First thing I thought of when I read this is how we should drop 50 nuclear bombs...I don't know where, when and how, but damn it!!! 50 nuclear bombs need to be dropped somewhere!!

Re:

[weighn]

'The Stored Communications Act is very important,' former federal prosecutor and counter-terrorism specialist Andrew McCarthy told United Press International. But the future of the law now hangs in the balance. [snip] Some observers warned that the ruling might hamper federal counter-terrorism efforts.

Oh no, they've amused some Slashdotters. That's about it, honestly, your average American doesn't know who Joe McCarthy was and has no notion of the reign of terror his inquisition brought about.

and here I was thinking that was an actual McCarthy quote until the quote came to the PatriotAct. but then, my only knowledge of McCarthy era us politics comes from the Dead Kennedys.

is this actually useful?

[iHasaFlavour]

I have a few doubts. There are billions of emails flying about constantly. Anyone who beleives they can be effectivelly monitored has to be kidding themselves, so how useful is a law that says you can't do this?

Besides, if you are convicted, or suspected of crime, they can always obtain legal access to your mails, regardless, just as they could anything else you owned.

Perhaps I haven't had time to grow a sufficiently impressive tin foil hat, but I am given to think the whole idea is just plain silly.

You might as well pass laws that say you aren't allowed to follow the movement of a grain of silt in the Amazon.

Re:

[lupis42]

It's not a matter of tracking everything. Even if they only track "suspected dissidents," who will doubtless be selected by procedures as effective and precise as those that get people on to no fly lists, it's still a massive invasion of the privacy of the people who get tracked.

Re:

[lupis42]

So... if hundreds of thousands of concerned citizens started to uses sigs like "Obliterate the infidel" or "Assassinate the president"... what exactly would happen? I'm merely curious here, as to just how sophisticated these systems are.

Re:

[Daneboy]

I think you misunderstand. The law says that you CAN do this -- and the court has now struck down the law, saying that a warrant is needed before your email can be searched, just like any other kind of mail search or wiretap. This is a Good Thing, even if the original law was stupid to begin with.

Re:

[TheNicestGuy]

There are billions of emails flying about constantly. Anyone who beleives they can be effectivelly monitored has to be kidding themselves, so how useful is a law that says you can't do this?

You've got an awfully low opinion of information technology. Emails don't "fly about", they pass in an orderly, organized, somewhat predictable fashion through multiple servers. Along the way they are almost always written to at least medium-term storage (meaning something less volatile than RAM, although not necessarily archived for posterity) on each machine they pass through, and to longer-term (possibly much longer; see Gmail) storage in the final receiving mailbox. Even if none of the intermediate se

Re:

[Zigurd]

Don't get a false sense of security thinking that "billions" or even "trillions" of emails would make it difficult to keyword-scan them all.

If your ISP has a good spam filter, they are performing non-trivial processing of every email bound for their mail servers. There is no insurmountable scaling problem for drift-net monitoring of e-mail, SMS, and other text message traffic.

Re:

[element-o.p.]

Yes, there is indeed a deluge of e-mail flying across the net, but there are also a number of tools that can be used to reduce the amount of work needed to process all that data. For example, I remember reading about software a little while back that could be used to correlate seemingly unrelated pieces of information (sorry, I don't remember where I read about it or what it was called, or I'd post a link). Couple this with keyword searches or meta-data from the e-mails (sender, recipient, date/time stamp

Re:

[myrdos2]

You do it with a Spam filter. But instead of checking for spam, it checks for signs of terrorism and criminal intent. You can even train it in exactly the same way. That way, only a tiny fraction of emails get read by actual FBI agents.

Re:

[sgt_doom]

Sorry, iHasaFlavour, hate to be the one to break this to you, but with regard to the USA (not sure about the other countries) all one needs is SilentRunner [wired.com] (or another high-end sniffer) attached to each IXP [wikipedia.org] (which occurred at all the North American IXPs in 1996) and ALL the e-mails are being monitored....

'Nuff said.....

Woot

[lupis42]

I do like the "Where the third party is not expected to access the e-mails in the normal course of business ... the party (sending them) maintains a reasonable expectation of privacy." bit. We need more decisions like this, if we want to remain an even somewhat free society.

Andrew McCarthy

[otacon]

Wasn't he in Weekend at Bernie's?

prosecutors|police vs mere mortals

[misanthrope101]

Yes, I can see why a prosecutor would consider the ability to read people's email without warrants, oversight, or checks/balances "very important." It makes sense that he doesn't want to have to go before a third party and demonstrate probable cause, otherwise he can't go fishing for information, target people he doesn't like for political|religious reasons, etc.

Despite the torrent of "email isn't private, and only stupid people think it is" posts that will follow, if a monkey at the local ISP took sensitive customer emails (to each other, not to the company) that he had plucked from their servers and posted them to a blog or whatever, there would be an outcry, criminal investigation, lawsuit, and (fake) apologies. If the prosecutor's own dirty emails to his wife|mistress|whatever were publicized, the prosecutor would suddenly discover that a crime had been committed.

When it comes to private parties, either communication is private, or it isn't. If it isn't, then Joe Schmoe who works at AOL or the local ISP can read customers' emails at random and post the amusing bits to a public forum. Anything Joe Schmoe can't legally do, his brother Officer Jim needs a warrant to do. If Officer Jim doesn't need a warrant to do it, that means Joe the private citizen can do it with impunity.

What we're saying is, "you have an expectation of privacy in your private affairs, unless it's a police eyeball/eardrum, and in those cases you have no expectation of privacy because your action was public and they don't need a warrant." Bullshit. Anything the police don't need a warrant for is something every single private citizen should be able to do with impunity. Anything we don't want the public doing (privacy-wise) is something the police should need a warrant to do. Otherwise you're giving police and prosecutors the power to arbitrarily target anytone they want, without any oversight at all. This isn't complicated, people. I can understand why they would ask for it, but not why we would be so stupid as to give it to them.

Re:

[Attila Dimedici]

I think you defined a good rule of thumb on privacy: "Anything the police don't need a warrant for is something every single private citizen should be able to do with impunity." Now there may be some exceptions, but they need to be carefully srutinized.

Re:

[CensorshipDonkey]

Everyone who's posting here should be forced to read parent first. Beautiful post.

Re:

[inviolet]

:golf clap:

Well said. You just added a compelling new idea into my standard repertoire.

Re:

[dave562]

Despite the fact that I completely disagreed with your definition of what makes someone stupid, I completely agree with what you've said here.

Re:

[swillden]

if a monkey at the local ISP took sensitive customer emails (to each other, not to the company) that he had plucked from their servers and posted them to a blog or whatever, there would be an outcry, criminal investigation, lawsuit, and (fake) apologies.

Would there? What is the crime? The guy would probably get canned for pissing off a bunch of customers, and the ISP would apologize, and maybe the ISP could sue him for some breach of his employment contract, but I don't think there are any criminal statutes that would apply, and I don't see any grounds for suing the ISP.

Keep in mind that the fourth amendment restrictions on unlawful search and seizure apply only to the government. If I search your house or tap your phones, you can have me prosecuted

May be hope yet.

[bryan1945]

Seems like some judges are starting to understand this whole "electronic medium" stuff.

I wonder if their (grand)kids play WoW?

How does this affect Ryan McFadyen?

[vrmlguy]

To refresh your memory, think back to the 2006 Duke University lacrosse case. Sophomore Ryan McFadyen, a member of the team and an attendee of the party, sent an email [wikipedia.org] that parodied a bit from the book American Psycho, which is (or at least was) required reading in one of Duke's English Lit classes. The police got their hands on the email and threatened to release it to the press if he didn't admit to witnessing the alledged rape. To his credit [lewrockwell.com], McFayden refused; he was subseqently villified by the press and suspended by the university.

It seems to me that this ruling means that McFadyen now has an excellent chance to pursueing a case against the prosecuter's office.

This is great and all...

[Jaysu]

But after seeing articles like this [slashdot.org], where the FBI already oversteps legal boundaries pertaining to email, I wonder if this will change anything at a government level?

Other concerns?

[Etgen]

Shouldn't Ohio be more worried about the personal information of over 200,000 taxpayers that it has leaked instead of keeping email secure?

Wasn't this already shown

[The_mad_linguist]

in the Steve Jackson Games case?

My journal extry 6/18

[arbitraryaardvark]

Here's how I submitted the story a few days ago:

At Volokh, [volokh.com] Professor Orin Kerr notes a 6th circuit decision (pdf) [uscourts.gov] about whether the 4th Amendment's expectation of privacy applied to Yahoo emails. Yes. Wired [wired.com] has more. EFF's [eff.org] friend of the court brief may have helped.
--
Meanwhile Dr. Kerr has more on the case, here. [volokh.com]

interesting timing

[punterjoe]

Is it just coincidence that the 'sanctity of email privacy' precedent is being established at the same time there's growing attention to the practice of certain parties in the executive branch of the us gvt using non government mailservers (like partisan RNC email systems) to possibly sidestep public record retention laws?

Re:

[sgt_doom]

Personally I don't believe everyone (that is the Pentagon [rawstory.com]) deserves e-mail privacy. Someone has to check and see what those Office of Special Plans' doods are screwing off on.....

I am going to promote something

[roman_mir]

LeetKey [mozilla.org] FF extension. Use it to keep your email privacy. Before sending a message, select it, right click on it, select 'LeetKey, Text Encryptors, AES Encrypt' menu option and type in a password. Tell the other party to use AES Decrypt and tell them the password for this email.

Re:

[Y2KDragon]

Our Founding Fathers (and Mothers too), IMO, did not intend for the protections under the Constitution to be limited to "a select few". The words "ALL MEN" appear in this document for a reason. Therefore, not only should it apply to US Citizens, those here with Green Cards, foreign visitors, and even those here illegally, but it has to apply to everyone worldwide. Either they apply to everyone, or they apply to no one.

Re:

[sgt_doom]

And on the e-mail privacy topic, it appears someone [rawstory.com] may be subtley telling the Pentagon cretins, "You screw with us, and we'll screw with you."