Feeds

Email privacy strikeout suspended

Wiretapping on demand

  • alert
  • submit to reddit

Intelligent flash storage arrays

Privacy groups have succeeded in persuading a First Circuit Appeals Court to reopen a case with some nasty unintended consequences for email users. A June ruling inadvertently opened the door for spooks and Feds to snoop on email without a court order, but that's now been suspended, pending the hearing in December.

In US vs Councilman a court decided that when email providers made a copy of your email - even for a few milliseconds - the US Wiretap Act doesn't apply. The defendent, an email service provider who sought to examine the contents for commercial advantage - like Google with its new Gmail service, which scans the email so it can display context-based advertisements - was acquitted. The Wiretap Act required law enforcement officers to get a warrant to snoop on email. Since this was considered to apply only to electrons in transit, all of a sudden, they didn't have to.

"Extending the court's disturbing approach, an entire surveillance system wouldn't be considered interception if it were built into local mail processing," internet researcher Seth Finkelstein told us.

The Courts this week admitted as much when it said it needed to re-hear the arguments.

"It may well be that the protections of the Wiretap Act have been eviscerated as technology advances," noted the panel, which examined a brief filed by public interest groups including the Electronic Freedom Foundation and the American Library Association.

The First Circuit encompasses Maine, Massachusetts, New Hampshire and Rhode Island, but the case is being watched far beyond the Eastern seaboard. One of the arguments thrown back at privacy groups concerned about Google's "creepy" Gmail service was that people who didn't like the T&Cs should use another service. But this can only work for the sender: recipients would be obliged to firewall out any correspondents who uses a Gmail account, or in this case, anyone who lives in Maine or Massachusetts.

Writing here in June, the former head of the DoJ's computer crime division, Mark Rasch, warned against a parallel consequence raised by one of Googles' favorite assertions - that computers are making the decisions, not humans, removing it of responsibility.

"If a computer programmed by people learns the contents of a communication, and takes action based on what it learns, it invades privacy", he wrote.

"Google may also argue that its computers do not learn the contents of the message while in transmission but only contemporaneously with the recipient, making wiretap law inapplicable. That argument, while technically accurate, is somewhat fallacious. If taken to its logical extreme, electronic communications are never intercepted in transmission. The packets must be stopped to be read. Fundamentally, we should treat automated searches of contents as what they are: tools used by humans to find out more about what humans are doing, and provide that information to other humans."

Two bills were introduced in Congress to make peeking at temporarily stored email illegal, but with a potentially lucrative advertising market up for grabs, the subject is sure to feature more prominently.

Thomas Pynchon last year described the internet as "a development that promises social control on a scale those quaint old 20th-century tyrants with their goofy moustaches could only dream about." So all the better you tick those consent boxes. ®

Related stories

Close the email wiretap loophole
Google's Gmail: spook heaven?
The battle for email privacy
America - a nation of corporate email snoops

Beginner's guide to SSL certificates

More from The Register

next story
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Musicians sue UK.gov over 'zero pay' copyright fix
Everyone else in Europe compensates us - why can't you?
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
BT said to have pulled patent-infringing boxes from DSL network
Take your license demand and stick it in your ASSIA
Right to be forgotten should apply to Google.com too: EU
And hey - no need to tell the website you've de-listed. That'll make it easier ...
prev story

Whitepapers

Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Website security in corporate America
Find out how you rank among other IT managers testing your website's vulnerabilities.