Feeds

Cloud computing lets Feds read your email

You have 'no expectation of privacy'

Top 5 reasons to deploy VMware with Tegile

Last week the Court of Appeals, not satisfied with finding that Warshak's claim was not "ripe" because he couldn't say where or when the government was going to seize his email, went further in a very dangerous manner. The Warshak court said that it had no idea if emails potentially seized by the government without a warrant would be subject to any expectation of privacy by Warshak. The Court noted that ISPs have all kinds of policies and practices regarding the privacy of their customers electronic communications, with some like AOL saying that the ISP "will not read or disclose subscribers' emails to anyone except authorized users," some like Juno saying they "will not intentionally monitor or disclose any private email message" but that it "reserves the right to do so in some cases" and some like Yahoo stating that they shall have the right to pre-screen content, or that content may be provided to the government on request.

The court for example relied on Google's Gmail service, which permits automated review of the contents of email (for advertising purposes), or statements by corporate employers eschewing an expectation of privacy by users of the system. The government urged the court to go even further, arguing that there is no constitutional protection of privacy in email where, for example, the ISP used malware scanners to look for malicious code in email or deep packet inspection of email.

Couple this with prior Supreme Court precedent in Smith v. Maryland, where the government sought to subpoena from a telephone company a subscriber's use data - information such as time of calls, who they called and how long the call lasted. Just as with Warshak, the defendant claimed that the government needed a search warrant, and the government claimed that Smith had no reasonable expectation of privacy in this "non-content" information. The Supreme Court agreed with the government, noting "we doubt that people in general entertain any actual expectation of privacy in the numbers they dial. All telephone users realize that they must "convey" phone numbers to the telephone company, since it is through telephone company switching equipment that their calls are completed. All subscribers realize, moreover, that the phone company has facilities for making permanent records of the numbers they dial, for they see a list of their long-distance (toll) calls on their monthly bills."

Applying that rationale to email, all (well, most) internet users realize that they must "convey" email content to the ISP, since it is through the ISP's routers that their emails are transferred. All (most) users realize that the ISP has facilities for making permanent records of the contents of their email - storing it - for they see a list of their emails when they log on.

The Smith court went further. It noted that the Court "consistently has held that a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties" and that:

When [Smith] used his phone, [he] voluntarily conveyed numerical information to the telephone company and "exposed" that information to its equipment in the ordinary course of business. In so doing, [he] assumed the risk that the company would reveal to police the numbers he dialed.

Thus, when you "voluntarily" turn stuff over to a third party - a bank, an accountant, the phone company, or presumably an ISP, you run the risk that they can turn it over to the cops, and therefore you have "no expectation of privacy".

Intelligent flash storage arrays

More from The Register

next story
The 'fun-nification' of computer education – good idea?
Compulsory code schools, luvvies love it, but what about Maths and Physics?
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Yes, yes, Steve Jobs. Look what I'VE done for you lately – Tim Cook
New iPhone biz baron points to Apple's (his) greatest successes
Lords take revenge on REVENGE PORN publishers
Jilted Johns and Jennies with busy fingers face two years inside
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.