Intercepting E-Mail
July 7, 2004 12:30 AM Subscribe
E-mail snooping is legal. A U.S. federal appeals court set an unsettling precedent last week by ruling (PDF) that an e-mail provider did not break the law when he copied and read e-mail messages sent to customers through his server.
Well, as a independent admin (currently on hiatus until replacement Ultra Wide SCSI drives come in), I have always reserved the right to monitor mail. I have however, limited myself in the terms of service to only that mail which has been tagged as spam by the filtering tools and only for the detection of false positives...
posted by Samizdata at 2:49 AM on July 7, 2004
posted by Samizdata at 2:49 AM on July 7, 2004
and people worried about machines reading gmail.
posted by birdherder at 5:26 AM on July 7, 2004
posted by birdherder at 5:26 AM on July 7, 2004
Anything you sent plaintext over the internet, that passes through countless persons machines was never private in the first place.
posted by zeoslap at 5:40 AM on July 7, 2004
posted by zeoslap at 5:40 AM on July 7, 2004
Yeah...I'm all for privacy, but the netadmin is doing you a favor by allowing your email to flow through his computer. He naturally has the right to read whatever you send, although why would he care?
posted by bingo at 5:54 AM on July 7, 2004
posted by bingo at 5:54 AM on July 7, 2004
For me it is the lower standards for gov't access that is troubling. Rather than requiring a search warrant (admittedly anachronistic it seems today) all a law enforcement officer needs is a subpeona.
Of course, I'm just being paranoid.
posted by infowar at 5:57 AM on July 7, 2004
Of course, I'm just being paranoid.
posted by infowar at 5:57 AM on July 7, 2004
After empying your trash, GMail says:
No conversations in the trash. Who needs to delete when you have 1000 MB of storage?!
Don't delete!
Just sayin'...
posted by Shane at 6:22 AM on July 7, 2004
No conversations in the trash. Who needs to delete when you have 1000 MB of storage?!
Don't delete!
Just sayin'...
posted by Shane at 6:22 AM on July 7, 2004
Thanks for the Register link, homunculus. I've had the pleasure of discussing this case with the federal prosecutor who dealt with this at the trial level, and it certainly was, and continues to be, a so-called loophole.
The Register article does a fair job at explaining how the defense was able to play with the statutory language. Fault really lies with Congress for once again passing a law relating to technology without having any clue as to how the technology works.
posted by anathema at 6:23 AM on July 7, 2004
The Register article does a fair job at explaining how the defense was able to play with the statutory language. Fault really lies with Congress for once again passing a law relating to technology without having any clue as to how the technology works.
posted by anathema at 6:23 AM on July 7, 2004
Having worked MIS and been a sysadmin, I can attest that your phone calls and email, at least from work, have been very not private for years. I can't imagine that your personal ISP or voice carrier has policies all that much different from the ones serving your employer. Take comfort in the fact, however, that the vast majority of the email you send is colassally boring. It only gets read on a very slow day.
posted by ChasFile at 7:02 AM on July 7, 2004
posted by ChasFile at 7:02 AM on July 7, 2004
That precedent is not at all unsettling; it aligns with reality. I'd be more worried if the decision had gone the other way, and we'd ended up with yet another misguided attempt to change the technological infrastructure by legal fiat.
posted by Mars Saxman at 9:01 AM on July 7, 2004
posted by Mars Saxman at 9:01 AM on July 7, 2004
but the netadmin is doing you a favor by allowing your email to flow through his computer. He naturally has the right to read whatever you send
Huh? If you're in a commercial relationship with a service provider, they're not "doing you a favor", even if the specific service being provided is a loss leader, which it appears to have been in this case. Second, if you hand me a folded note to give to that girl (or boy) you like, the fact that I'm doing you a favor doesn't give me the right to open it and read it. There is a principle of system administration that you never read user emails without permission or directly examine their content unless there is a specific system administrative purpose for doing so. That doesn't speak to the legality of it (I can't) but it speaks to the propriety of it.
posted by George_Spiggott at 10:04 AM on July 7, 2004
Huh? If you're in a commercial relationship with a service provider, they're not "doing you a favor", even if the specific service being provided is a loss leader, which it appears to have been in this case. Second, if you hand me a folded note to give to that girl (or boy) you like, the fact that I'm doing you a favor doesn't give me the right to open it and read it. There is a principle of system administration that you never read user emails without permission or directly examine their content unless there is a specific system administrative purpose for doing so. That doesn't speak to the legality of it (I can't) but it speaks to the propriety of it.
posted by George_Spiggott at 10:04 AM on July 7, 2004
Yeah, so it might be ethically wrong, but there's no reason lawyers have to be brought in over it. If this ruling stood, then we could be headed towards a slippery slope where unintentional reading of mail could result in felony charges.
posted by calwatch at 6:57 PM on July 7, 2004
posted by calwatch at 6:57 PM on July 7, 2004
1. Is it okay for the phone company to listen in on your phone calls?
2. If not, then why is it okay for ISPs to read your email?
3. Although I haven't tried it, I'm sure that it would be quite possible to build a rig that could listen to and record every cordless phone conversation within a 500-foot radius. Just because it's technologically possible to eavesdrop on private conversations, does that it make it okay?
4. When I was a customer service representative for a certain telecommunications company, I often took credit card payments over the phone, which meant keying in credit card information as it was given to me. I usually jotted it down so I could read it back to the customer (and destroyed the information at the end of the call). Would it have been okay to take those customers' credit card numbers and publish them on the Web, just because I could?
5. Should any of the above be legal?
I contend that "private" does not equal "secure"; that just because a conversation is not completely secure, does not mean that it isn't private, and so subject to expectations of privacy; that just because someone can read private information, doesn't mean they should; and that communications that are private, but not completely secure (e.g. encrypted, or sealed and hand-delivered), should be reasonably and consistently protected by law.
calwatch: Not being one myself, I'm not sure how a sysadmin could accidentally read private emails (maybe by picking through a core dump?), but if she did so in the course of her sysadmin duties, that would seem to be anticipated by the existing wiretap statute as quoted in the Wired article cited by the FPP ("the Wiretap Act states that a provider shall not 'intercept, disclose, or use' communication passing through its network 'except for mechanical or service quality control checks.'") The NYT editorial simply calls for emails to be treated like phone calls under that statute.
posted by skoosh at 11:54 PM on July 7, 2004
2. If not, then why is it okay for ISPs to read your email?
3. Although I haven't tried it, I'm sure that it would be quite possible to build a rig that could listen to and record every cordless phone conversation within a 500-foot radius. Just because it's technologically possible to eavesdrop on private conversations, does that it make it okay?
4. When I was a customer service representative for a certain telecommunications company, I often took credit card payments over the phone, which meant keying in credit card information as it was given to me. I usually jotted it down so I could read it back to the customer (and destroyed the information at the end of the call). Would it have been okay to take those customers' credit card numbers and publish them on the Web, just because I could?
5. Should any of the above be legal?
I contend that "private" does not equal "secure"; that just because a conversation is not completely secure, does not mean that it isn't private, and so subject to expectations of privacy; that just because someone can read private information, doesn't mean they should; and that communications that are private, but not completely secure (e.g. encrypted, or sealed and hand-delivered), should be reasonably and consistently protected by law.
calwatch: Not being one myself, I'm not sure how a sysadmin could accidentally read private emails (maybe by picking through a core dump?), but if she did so in the course of her sysadmin duties, that would seem to be anticipated by the existing wiretap statute as quoted in the Wired article cited by the FPP ("the Wiretap Act states that a provider shall not 'intercept, disclose, or use' communication passing through its network 'except for mechanical or service quality control checks.'") The NYT editorial simply calls for emails to be treated like phone calls under that statute.
posted by skoosh at 11:54 PM on July 7, 2004
George_Spiggott: Sure, the ISP is in a commercial relationship with you. However, many of the computers that your mail goes through after leaving the ISP are not.
Second, if you hand me a folded note to give to that girl (or boy) you like, the fact that I'm doing you a favor doesn't give me the right to open it and read it.
Of course it does. Are you kidding?
posted by bingo at 5:21 PM on July 8, 2004
Second, if you hand me a folded note to give to that girl (or boy) you like, the fact that I'm doing you a favor doesn't give me the right to open it and read it.
Of course it does. Are you kidding?
posted by bingo at 5:21 PM on July 8, 2004
« Older Why do political ads stink? | Unger chews Isikoff a new one Newer »
This thread has been archived and is closed to new comments
posted by homunculus at 1:14 AM on July 7, 2004