Your ISP Can Now Legally Read All Your Email
from the and-you-thought-Gmail-was-a-problem... dept
If you thought all those worries about Google storing your email messages was a problem, you're certainly not going to be happy with a new court ruling that basically says it's okay for an ISP to read your emails. The case concerned a book seller who offered his customers free email accounts. Then, he read through any of their emails that came from Amazon.com in order to offer better deals on the books Amazon was offering. He was charged with violating wiretap laws, but the Appeal Court has ruled that because the messages were already stored in RAM on his server, he didn't actually "intercept" communications -- which is the basis for wiretap law. The court admits that this is a problematic finding, suggesting that perhaps its time politicians updated wiretap law to take into account the internet. Of course, knowing how all of our politicians have been acting lately, the idea of them trying to "adjust" wiretap laws for the internet age should be particularly scary, because it's likely that what comes out will be even worse than what we have now. Either way, with this ruling, people can make the very real case that anyone offering email services can read every email that goes through their servers without fear of breaking wiretap laws.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Old problem
[ link to this | view in thread ]
Re: Old problem
And you can make this 'assumption' because you know exactly what?
[ link to this | view in thread ]
Re: Old problem
[ link to this | view in thread ]
Re: Old problem
Because
1. Computer Science/IT/EE departments have not made significant increases in the emphasis on ethics. A few departments have tacked on a course requirement in "scientific ethics", which they also did many years ago, and it will be forgotten again in a few years.
2. The kind of people who go into the field remain the geeky males who watch anime, play role-playing games, go to star trek conventions, and otherwise stay in their clannish little groups.
3. There remains an elitist attitude among people in category 2, that those who don't have CS/EE/IS degrees "don't belong" in the field. Thus, those with better training in ethical topics, from a liberal arts perspective, remain unwelcome.
4. The "libertarian" sentiment, so popular among techies, with its do-gooder talk of open source, of abolishing intellectual property, is still rooted in a Machiavellian mentality that says that the technical elite are above social responsibilities, and the non-elite should suffer at the hands of "market forces", manipulated by elites.
5. Computers remain physically uncomfortable devices that cause muscle stiffness, so IT types are chronically irritable and "don't have time" for ethics.
6. Because techies fail to see the bigger picture, they remain victims of their own narrow-mindedness.
[ link to this | view in thread ]
Re: Old problem
[ link to this | view in thread ]
Re: Old problem
Yup, a typical techie response -- issues that make them uncomfortable are "trolling".
[ link to this | view in thread ]
The implication is different
The real "meat" of this ruling is that the court ruled that, for the purposes of the Wiretap Act, procmail is not a wire. Even though procmail was actively processing data which was passing over a wire, the court held that the data that it was processing was in storage:
As for the more general case of ISPs reading e-mails, Title II of the ECPA explicitly exempts "the person or entity providing a wire or electronic communications service" from the ECPA's access prohibitions.[ link to this | view in thread ]
Re: The implication is different
Exactly right, Doug, the ECPA makes it legal for ISPs and other communication carriers to read the communications for security and QA reasons, but it is against the law to then communicate what is heard or read by the ISP or communication carriers to 3rd parties, especially the Government or other Law Enforcement officers without a subpoena or other legal document authorizing the release of the information.
When I ran a BBS, many years ago, I, and most of my fellow compatriots would typically read (actually, more like skim) a few of the email messages sent through our systems just to make sure that our users weren't doing anything illegal (this was before the Communications Decency Act (CDA) came into affect and we became "safe-harbors" specifically if we didn't read the email and didn't know anything illegal was happening on our network and did something when the illegal acts on our network were brought to our attention.) However, if we caught anything (and I sometimes did,) we'd bring it to the attention of the sender that such activity was illegal and that we'd wish they would stop it.
Then again, we all had disclaimers on our BBSs that said when the user logged in that we would, for purposes of security and QA, occasionally read emails, so don't send anything private that you wouldn't want us to read, and if they didn't like this, they could go somewhere else. Therefore, there was no presumption of privacy, and no ethics problems (sorry, Dorpus.)
After Prodigy got sued for monitoring email of users on the system, and doing nothing when illegal activity was discovered, most BBS sysops stopped this practice. The CDA firmed this up, and most of us misplaced our login disclaimers and life went on (until the internet forced most of us BBS sysops off-line.)
[ link to this | view in thread ]