Slashdot Mirror
PA Supreme Court Decides if Reading Email==Wiretap
An anonymous reader noted that "Excite is reporting that the Pennsylvania Supreme Court is taking up a case to decide the question may police look at a suspect's email and instant messages without first obtaining a court order. The defendant, a former police officer, is also claiming his Fourth Amendment privacy rights were also violated. The outcome will only affect Pennsylvania but the issues at hand may eventually reach the US Supreme Court." Umm...
Duh?
This is by no means an obvious case. The difference between intercepting Internet communications and, say, communications on a phone line, is that the Internet is inherently unsafe, and information is publicly available. Every packet you send can be examined along each router through which is passes.
Social Contract? I don't remember signing any Social Contract!
It seems to me that any time during the course of an investigation you intercept a communication intended to be private that it should require a court order... But after all, if it involves the internet, common sense doesn't apply (legally speaking, at least).
psmylie's dictionary: Godzillion (noun) Any number large enough to destroy Tokyo
If that's not the case, then no "wiretap" has taken place--a party to the conversation turned over the logs to the police, and they are admissible at trial.
One CPU cycle wasted on digital restrictions management is ONE TOO MANY.
It does involve a wire, does it not? It is a communication. What would make this different than a telephone conversation?
I personally look at my email as being a postcard that I send through the mail. I am not gonna send naked pictures of myself to anyone in the manner (I think I hear a million sighs of relief). Still I would like to think that my ISP doesn't give out this info without being subpoenaed. Additionally I would feel the same way about any intellegence gathering software run by a Federal Agency if any such beasties existed (twitch).
Remember folks this is a "free" country.
(/local/home/curiosity)-#who -u|grep thecat|cut -c 44-49|xargs kill -9
You're confusing Pennsylvania with West Virginia.
~~~
I would think this is somewhat clear. Intercepting any type of com. should fall under the same wiretap regulations as voice calls. Often email and instant messenges are treated by end users as being *more* secure than your typical voice conversation. Just because, when you are in a room alone on your computer you tend to feel secure.... often because of the quiet. Of course this is a falwed assumption. I'm sure the NSA is reading everything we all type anyhow ;-)
But of course that is for "National Security"..... riiiiiiiight But, I am content with letting such security organizations operate somewhat above typical regulations, as long as they don't get too carried away. But, for your typical law enforcment agencies, including the FBI, I think we need to keep a close eye on. And, we should adopt policies that say any type of information intercept should be held to the same standards.
This is a case with possibly extremely dangerous outcomes. The scary thing is that a wiretap may only have the possiblility of being picked up, but what makes the email dangerous is the fact that there is a minimum two copies of it still floating on the internet, One on your server (depending on how you set up your server), and one on the opposite server (that you cant even control). While that alone might be scary enough, there are still the possiblities of old emails being stored on tapeback up for recovery purposes and who knows where they will be forwarded to. Further complicating this would be the fact that this wiretap access may be retrived on any of the affected servers with feds trying to pressure anyone to releasing the documents "voluntarily". Hope for the best in this, but prepare for the worst
~~~~~~~~~
Victory is gained, not in knowing your opponents next move, but in preempting them.
"Every packet you send can be examined along each router through which is passes."
And every phone call you make can be examined at any of the TELCO offices through which it passes. Your point being?
Oh, maybe you thought that just because it is somewhat easier to snoop internet traffic that it is therefore OK. The whole point of protections against unwarranted search and seizure is to say that the authorities aren't even allowed to try.
Nope, no sig
At first I was completely opposed to the police accessing his e-mail without a warrent, ready to liken it to them tapping his phone without permission. Then I read these lines:
The court also said the wiretapping law did not apply because police did not intercept Proetto's messages as he was sending them, but after the fact.
Now, the article didn't go into whether or not the police had an "overall warrant" to search through his stuff, but assuming they did, I see nothing wrong with this. If they merely got the e-mails from the 15-year old, the ISP, or his computer, then they'd just need the proper warrants to search. (Not a wiretapping warrant.)
My sci-fi novel, Ghost Thief, is now available from Amazon.com.
Couldn't the same thing be achieved using other months, ie 21:12, 21/12, 2112. this is just an example, it would apply... harryk -nuff said
think before you write, it'll save me moderator points.
Though federal law only requires the consent of one person before a telephone call or Internet communication can be recorded, Pennsylvania and 11 other states require the consent of all parties.
I wonder if these 12 states consider a defendant giving permission to recording phone calls or releasing IM logs to be a sort of self-incrimination, thus violating the 5th Amendment?
It's interesting the some state do and do not allow this.
I'm not afraid of falling, it's the sudden stop at the end that frightens me.
IANAL, but assuming a warrant has been obtained, if the e-mail is already in the inbox during the course of their search, or subsequent searches, of the suspects home or business then it should be considered regular mail as if it were sitting on the table or in the mailbox. If the law enforcement officers monitor future e-mail, or try to receive new e-mail during the course of their search or subsequent searches of the suspects home or business then a wiretap order should be obtained in addition to a wiretap. If the computer can be legally confiscated during the coure of the investigation the law enforcement officers should obtain a wiretap before monitoring e-mail but this should be a rubber stamp approval because if the computer is in the original warrant then there is suspicion of illegal activity focused on the computer in question and e-mail will likely be a reason for confiscating the compuyer in the first place during the course of serving the warrant.
Agsin, IANAL, I just think this would be the best approach to the issue.
WTF? sounds like the girl submitted the conversation to the police (smart girl.). + the pedafile solicited sex with a police officer posing as a 15 year old. what wiretap? don't tell me soliciting sex with a 15 year old is free speech either.
So it is not simply that one participant alowed the police to view the logs. Unless we are taking as a presuming that everyone assumes that all conversations are recorded/logged by both parties. While agree that the topic may be a little misleading, this is also going to be an interesting case to follow.
An interesting turn would be if the court ruled that the girl logging (if that is in fact what was turned over) was a violoation of the other users privacy right as he did not consent to her logging the conversation.
-OctZ
Duh? In what way? To me this looks pretty clear cut: this evidence - in this case - was 100% admissible, because it's not a wiretap. And here's why.
When making a phone call, you have a reasonable expectation that it is not being recorded. That's why law enforcement needs a wiretap order.
When sending a snail mail letter, you do not have a reasonable expectation that there will be no record of it after it has been received, nor that the recipient will not give it to law enforcement of their own free will, after they have received it. You have a reasonable expectation that it will not be intercepted in transit, but once it reaches the recipient to which you sent it, it's in their possession, you know it's in their possession, and it's fair game.
Pop quiz: do emails that you receive:
Given that you've ever received an email and know the correct answer to this, do you have a reasonable expectation that an email that you have sent will not be used by the recipient as evidence?
Perhaps Slashdot editors could consider taking a minute to read the article before kneejerking a commentary. I know it's a common lament, but this case is open and shut. The guy sent emails soliciting sex from a minor. The emails that he sent were given by the intended recipient to law enforcement after they were received. There was no wiretap. Perhaps the sender really was dumb enough to expect that there would be no record of his emails after they were received , but that was an unreasonable expectation, given that he was clued enough to send an email.
It's an interesting case, but it's really not about wiretapping or privacy or the evil feds. It's about a child abuser who was really dumb and got caught. The fact that it involves emails is neither here nor there - he might as well have been sending snail mail letters.
Are we all quite clear on that now? Please, please, please, read the news story before responding.
If you were blocking sigs, you wouldn't have to read this.
First, the article states,
"Though federal law only requires the consent of one person before a telephone call or Internet communication can be recorded, Pennsylvania and 11 other states require the consent of ALL parties." (emphasis, mine)
So, the ex-cop has a point. Even if they authorities had the girl's permission, State law requires ALL parties consent. The ex-cop says that this never happened.
Next, it says,
"Pennsylvania's Superior Court took a different view, ruling that Proetto had consented to the recording by the very act of sending e-mail and instant messages."
So what's really going on is this: Does sending an email or instant message imply consent for the email or instant message to be read by anyone other than the addressed party? I think this is a pretty important distinction. I'll be watching this case.
--Grrae
"I may not have gone where I intended to go, but I think I have ended up where I intended to be." -Douglas Adams
Was I the only one that read the headline as "Penny Arcade Supreme Court"?
Any sufficiently well-organized community is indistinguishable from Government.
The court ruled it legal to fuck the voters by running out the clock, and demonstrated how to do it
perl -MIO::Socket -e 'IO::Socket::INET-new(PeerAddr="some.windoze.box:1
If the supreme court of PA rules it a violation of privacy, then can something like this be eventually tied into the corporate office? People get fired for these kind of reasons. Like me posting to this site. :)
thelikesofwhich.com
IANAL but it seems reasonable to me to make the following comparison...
In the case of a telephone call, a wiretap involves a live recording of what is heard by intercepting the transmission. Now consider if someone leaves a message on an answering machine. The police don't need to tap the line, but is a wiretap order still required to obtain that tape or can it just be submitted as evidence? (Please don't give opinions, just facts with links if possible)
Now consider someone sending an email or IM. If the police obtain the contents by sniffing the network and capturing the packets, this would be the modern equivalent of a wiretap. But once the transmission is over and the message is saved as an email or IM on the receiver's computer, it seems to me that we have a modern answering machine (albeit one that is more interactive).
I think the legal answer to my question about answering machines should also apply in this case. Any thoughts, flames?
"Any reasonably intelligent person, savvy enough to be using the Internet ... would be aware that messages are received in a recorded format, by their very nature, and can be downloaded or printed," said the court, likening an e-mail message to a message left on a telephone answering machine.
A show of hands please...who here has to log into their answer machine to get messages? What manufacturer makes these password-protected answer machines?
Judges have no business making these kinds of comparisons when they clearly have never even used the technology to begin with. I think the biggest flaw our legal system faces in the 21st+ century is judges who make grand assumptions about technology, rather than have the honesty to admit they don't know how things work and have an expert brought in to explain it to them.
If this guy was posting messages on a newsgroup or something...sure...I would find the statment accurate. I, a reasonably intelligent person, savvy enough to be using the Internet would be aware that my messages are being received in a recorded format and and can be downloaded or printed. But for Pete's sake the same is absolutely untrue for e-mail. The very notion that anything I e-mail to someone is available for downloading/printing by anyone but the receipient is a huge privacy violation.
Judges ought not to be making comments about "reasonably intelligent people" who are "savvy about the Internet" when their analogies demonstrate conclusively that they themselves are neither.
- JoeShmoe
.
-- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
You're forgetting that packets are being transmitted across a network, and if you've got a router, they might go through your computer. Are you telling me its illegal for me to put my network card in promiscious mode and look at the packets flying around my local network?
Its more like having your postcard hand delivered by people who don't agree not to invade your privacy. In other words, currently, anyone who can has the right to invade your privacy on the internet, just so long as they don't hack into your computer to do it.
At the moment, freedom of usage exceeds freedom of privacy. I'm quite glad this is the case because the particular form of usage is necessary to allow for not hierarchical networking, such as ethernet. After all, if the hardware isn't allowed to examine all packets, it can't determine which ones belong to it.
Mod me down and I will become more powerful than you can possibly imagine!
The court also said the wiretapping law did not apply because police did not intercept Proetto's messages as he was sending them, but after the fact.
It seems that the defendent's case is extremely weak. Do police need a wiretap warrant to listen to a message left on an answering machine? No! Do police need a search warrant on the sender to look at a postal letter sent to a victim? No!
This case has nothing to do with Internet privacy, wiretapping laws!
Something along the lines of "sending unencrypted email on the internet is the equivalent of sending a postcard in USPS" right?
Or at least, that's about right from a technical perspective. Legal perspective is of course another matter.
Intercepting in transit generally requires a wiretap warrant. Getting records after the fact requires a search warrant, but not wiretap. Answering machine messages are fair game with a simple search warrant, and that's about what email logs and icq logs are... answering machine messages.
You probably don't even get into issues of "one party notification" or "two party notification" for recording, because it is assumed by the method (email and icq) that both parties are aware of logging/record keeping, just like with answering machine recordings.
This is my sig. There are many like it but this one is... Oops. Frank, I've got your sig again! Where's mine?
There is no way to tell WHO was at the computer at the time that the messages (or emails) where sent. Who's to say he even sent them. Common sense tells us "it's his computer he did it!" But how would we know? I mean, I run slak7 and as we all know some great splot for proftpd, bind, etc that give any script kiddie root access to do whatever he wants from my computer. He could do whatever he wanted, download gigs of child pr0n or message prez@whitehouse.gov with death threats. If this flies I'm screwed. One other point is that there is no way to prove the data's authenticity. These packets could me spoofed from a router in between him and the police, not to mention they could just make it up and say they logged it, heaven forbid. Hardware wiretaps (like keystroke loggers) are better then this. But there is still a question about who was at the keyboard.
the part which they lost.
When the SS seized the illuminati bbs machine, they took everything on that disk and read it all, including all the email sitting on it (i believe the bbs had a fidonet connection, giving it some limited degree of network email), some of which hadn't actually been read by the recipients (and in the end, never was because the BBS disk was never totally restored to the new system).
Seems the court at that time decided that reading email that had already been delivered to the target machine was not "intercepting the email" even if the intendent recipient hadn't read it yet, therefore wiretapping rules didn't apply.
yes, it would be nice if the gov or the courts acknowledged email as a private form of conversation/transaction, where its rights are with the sender and recipient and not with the site hosting the machine its sitting on, but I don't see that happening anytime soon...
"But remember, most lynch mobs aren't this nice." (H.Simpson)
-- Joe
I think it's time we started using highly encrypted messengers and email.
.be) that is doing huge research involving ADSL modems that will give the major company the possibility to 'listen' into your IM and email conversations.
We have stuff like GnuPG and PGP, but hardly anyone seems to use it...
Why? Because many think it's too much work to do so.
Well people, then stop making such a big deal about the government reading your mail and checking you IM logs...
Face it, it's the only form of protection we have agains governments that do not respect privacy. And I'm not talking about governments like China here, but the US goverments and the European ones.
Another thing is, here we only speak about governments... everhad the idea that companies may be doing it a bit sooner, the illegal way?
Imagine this: You are working for a major company. You have an ADSL Internet connection at home and use IM systems and email.
I know of one company (in
And that is just one of the possibilities.
Face the facts, encrypt!
42 + 1 = 42
Have any of ya'all ever read Code by Larry Lessig? It was probably reviewed here on Slash, but I'm too lazy to check. Anyway, at one point in that text, Larry makes the point that the requirement for a warrant before searching is something that has evolved over time, not something that was intended by the founding fathers. Originally, a cop could walk into your house and search at will - but if he didn't find anything, then he could be found guilty of trespass in a civil court. The warrant was intended to protect the officer from lawsuits, NOT the suspect from the officer.
Over time, people have become so fearful of big brother and so over-protective of their privacy that the intent of a warrant has changed connotation. However, people forget this. When you make an argument for e-mail privacy and the like, don't automatically assume that the police are in the wrong - just because you want it to be that way doesn't make it so!
Flame away!
Corbets
"... likening an e-mail message to a message left on a telephone answering machine."
It may be only my opinion, but there's a huge difference between the use of a delivered email and the monitoring of every communication from the computer.
It would okay for a written letter, sent by an accused party to a victim, to be used as evidence with no warrant (AFAIK) - if the letter was submitted after delivery (EG: submitted by the victim). There's a big difference between this and checking every letter that the accused mails. As the judge implies: monitoring a telephone conversation is different to retrieving a recorded message on an answerphone. One is monitoring or tapping of [all] communications, and the other is collection of a single item.
IMO the same distinction should apply to monitoring outgoing email from a person's computer or account: a single email that's already delivered into someone else's inbox shouldn't require a surviellance warrant. Monitoring everything a person sends is akin to a telephone wiretap, but this isn't the case in the story given.
As another thought: is there a law/precedent governing ownership of such communications? I would suspect that, upon delivery of a paper letter, the ownership of the letter & its content transfers to the recipient. Wouldn't this also apply to email? Once the email is delivered, the recipient can use it as they wish unless other laws (copyright, etc) apply to the content.
In case nobody has bothered to figure this one out, wiretaps and e-mail are both covered under this federal law. Give it a read sometime.
There is a fundamental social question here, and the reason Taco says "duh" is because his opinion is squarely on one side of the issue. It is the balance of individual privacy and public safety. Most of the Slashdot readership probably figures that the principle at stake here is official surveillance of purportedly-private communication, and feels that universaly shouldn't be possible without court supervision. On the other hand though is a well-established legal standard which could reasonably be interpreted to allow the practice at issue. It comes down to whether widespread public ignorance about insecurity of Internet transmissions should be construed to create that "reasonable expectation of privacy". I don't think it should, but that's for the courts and legislature to decide, isn't it?
Upon reading this thread further, I've also changed my mind about the wiretapping definition. Wiretapping, it seems to me, is something that records a conversation neither party expected to keep a record of, or give others easy access to. Voice conversations clearly fall into this area, because as soon as they are spoken, they're understood to evaporate. But most people know that email is not priviliged communication (as shown by employers monitoring/reading employees' emails, and text of emails being subpoenaed for various purposes).
Many people here seem to be surprised that whether this is wiretapping is even a question -- as if it should obviously be classified as wiretapping. But if we take the approach that whatever you do on the internet may be public information (no guarantee of privacy), then reading someone else's public messages might not be infringing on privacy -- there was no expectation of it to begin with! Just because someone hears or sees you do something, doesn't mean that your privacy was invaded!
However, I am interested in seeing what the courts have to say about this, as my interpretation is only a casual one. As people come to expect more privacy from the internet, will the law extend the privacy people expect? Are encrypted email messages entitled to special protection? I wonder what instant messages between cellphones will be classified as? Will these be priviliged "wire-tappable" communications?
The story has more holes in it than most hollywood plots of late.
It sounds like the girl went to the police about it, then the police posed as a 15 year old to catch the guy.
I don't see where any wiretapping or anything similar went on. Obviously the girl went to police after the fact, so they couldn't tap into that. Perhaps she brought a printout of the conversation - it doesn't say. And then when the police posed as the 15 year old, they caught him in the act.
About the closest is says is that the police looking at the messages should be subject to wiretap procedures - however, I'm guessing that the girl took the messages to the police. Nothing was recorded by the police - this is akin to the witness saying the defendant said such and such in a phone conversation with me, but with photographic memory.
I could see his complaint if the police had intercepted the messages in real-time by tapping into the line of communication (a sniffer at the ISP or something like that).
I suppose he could have claimed the girl modified the content of the messages in the printout if one existed, but since he got caught red-handed...oh well.
Though federal law only requires the consent of one person before a telephone call or Internet communication can be recorded, Pennsylvania and 11 other states require the consent of all parties.
E-mail falls under Internet communication and thus requires monitoring consent of the 15 year old (or her parents) AND the police officer. Having a reasonable expectation that communication will be recorded is different from consenting to monitoring. It will be interesting to see wether the courts accept this.
I don't use IM, so I don't know of any IM client features. But can't you save IMs as well? Even if the IM client has no save feature, you can cut & paste to save it.
this just kinda randomly popped in my head, but AFAIK many states have some pretty strict laws regulating telemarketers (i.e. if you tell them "take my number off your list and never call me again" they have to do this or they get fined).
if legal precedent is set which makes email an analog of telephone communication, could this make legitimate companies sending explicitly unasked-for email (repeat SPAM) subject to fines under the same (or similar) laws?
i sure as hell hope so...
The legal status of review and interception of unencrypted communications is a deep and fascinating inquiry. Virtually all these questions come down to the simple-sounding issue of whether the communicating parties had a "reasonable expectation of privacy."
The fundamental difference between telephone lines and internet communications derives from its "party line" nature -- interception isn't necessarily interception per se. Indeed, e-mail is in many respects much more like a postcard than a sealed envelope, and it is well-settled that postcard communications are NOT "private," although entering land to open a mailbox to see it WOULD be a violation.
But such analogies are fruitless, for they are always flawed. This is neither a postcard nor a sealed envelope nor a proprietary switching network -- it is an internet communication. There are separate laws that govern conduct on such networks, and these laws are different from general wiretap laws.
Lawyers have been battling over the question whether the use of unencrypted e-mail for attorney/client discussions constitutes breach of attorney/client privilege or the attorney's obligation to maintain a client's confidentiality. Unsurprisingly, the issue comes down to the same basic question -- reasonableness of the conduct and a reasonable expectation of privacy.
The vast majority of ethics rulings (non-binding administrative opionions published by state bars and the ABA) seem to treat e-mail the same as telephone communications, because there exist laws, in particular the ECPA and the CFAA that criminalize interception of transmissions. But those opinions may not be the law -- and certainly they were based upon a severely flawed (that is, oversimplified) understanding of both the relevant laws (which do not apply to many third parties, such as ISPs and the police in particular) and the technology itself.
This case may hit on those questions as they necessarily address "reasonable expectation of privacy." It will be fun to watch. Hopefully something useful will result.
They all map into the the real world. #1 Reading email from a server, would require some sort of search warrant. #2 The email question would be the same as if I wrote you a note. #3 has already been considered a wiretap.
The dispute in this case is in the chat logs. Where it is known that it can be logged, would be akin to having signs that say, "Your conversation may be recorded.".
Fight Spammers!
No, no you weren't. I have issues with that as well.
do not read this line twice.
As this war on terrorism is being used to justify every heavyhanded measure of social control and survaillance rather than address some of the issues in our western society that generates so much hate, I am beginning to lose hope.
For so many years in my youth I welled up with a sense of patrotism informed by the fact that America is a country that values freedom. When the web first was introduced, I was so excited, because it's architecture engenders so much freedom and proves "democracy will win" as thoughts and ideas are allowed to spread in an unfettered manner and that this churning coldron of information will reveal truth to us. Thankfully often the web still does (like on Slashdot). But more and more too I see this democracy of ours slowly de-evolve (DEVO was so ahead of their time) and morph more similarly into countries we label as tyrannical.
I'm sure that many of these security measures are created with good intensions by people who believe in their own sense of benevolence. In theory it's a good thing, and sounds good when Dan Rather or whoever tells it, but this infrastructure will become the machinery of our downfall if it is used and controlled by politically corrupt, corporate-owned, dimwhitted leaders.
Oh wait.... wasn't that the case on Sept 10th?
On Sept 11th, it wasn't just buildings and lives that were destroyed, but also that notion of what our democracy is and should always be...or that will be the case if if let it become so.
I believe the government should protect people's online privacy. I mean, saying that any packet can be intercepted is an excuse to do so is like saying that all tapping someones phone is legal because all you have to do is install the approprite device. Anti wiretap laws exist for a reason - to protect privacy. So what if the internet is not considered 'private,' communication is communication and should be respected as private. However, The scariest thing here is that if privacy wins, a pedophile goes free. That should bother people much more than wondering if reading someone's email is legal.
This is just plain wrong. Does this mean the teenage girl is a criminal for having gone to the authorities?
Isn't this really a mute point? Echelon is real. They are already listening in on every phone call any ways (legal or not) and they already snoop on our internet uses. What exactly will change? If *they* want you, they will get you. vote Libertarian, it's our only hope! www.lp.org
The usual tactic, as far as I've gleaned from other news stories:
- Probable pedophile contacts victim.
- Victim notifies police.
- Police officer pretends to be a juvie, and
takes the bait.
- Victim asks to meet somewhere in the real world, for sex.
- Police officer accepts.
- The meeting occurs at the specified time and place, and the perp is arrested.
In that sort of takedown, it's usually pretty clear, since random people don't respond to rendezvous that have no other connection than forged e-mails.
Only the dead have seen the end of war.
Actually I think the judges that said that are *quite* intelligent, and *very* in touch with the internet.
Let me paraphrase the judge's quote:
"Digital messages, pictures, music, and information in general can be copied perfectly. If you can read it; you can have it. If you see it; you can have it. If you hear it; you can have it. If you have it, then you can do whatever you'd like with it."
This is computer knowledge, and brought about frequently on slashdot in regard to music encryption schemes and the such. The judge is just saying that the guy has a reasonable expectation of privacy, until it gets to the recipient. A better analogy would be snail-mail. In transit nobody can touch it, but once the person gets the mail they can do whatever they'd like with it: burn it, save it, copy it, or forward it to the police.
Ok, the entire packet isn't examined, only the full header or parts of the header depending on the routing protocol.
Routers examine headers, but they will not read up beyond the transport layer of the OSI model. So a router will not read the "data" that is up in the application layer being transmitted in the packet. So no, beyond the headers, routers cannot "read" any data in a packet.
A sniffer is a separate device that simply grabs packets off the line. It does no routing and does not pass those packets back onto the line. It displays the entire contents of the packet, not just the headers. It is a separate entity from a router, the sniffer does not drop packets back onto the line.
If you have a PC set up as a router, then sure you can have a sniffer running on that PC as well. But that's not what most of the Cisco routers are doing out there- routers are designed to read the first few bytes of the packet to determine where it's going then zip it on its way.
The Internet is unsafe only in that you don't know who has put a sniffer device along the wire. However, if you know there's no sniffer on your side of the demarc, the only real threat is the ISP, an employee thereof, or on behalf of the Feds.
The data passing on the wire is NOT publicly available, at least not technically. I'm not sure about the legality of the data on the wire, but you as a public citizen cannot walk into an ISP and plug in your laptop to sniff the data. Unless you Tempest or something, you cannot see the data on my DSL. So no, it's not "publicly" available, no more than my conversations on a (non-cordless) phone line.
-- If god wanted me to have a sig, he'd have given me a sense of humor.
The one thing that is real sketchy about this case is that it involves a pedophile. I know judges are supposed to be impartial but I wouldn't be surprised if some anger towards the man in question is reflected in the decision about wiretaps. I guess it could be worse, the pedophile could of been a "terrorist."
"I think most people would feel more comfortable knowing the other participant in a communication does not have the unilateral ability to bring the government into that conversation without court approval," Sobel said.
What am I missing? It's electronic mail. The recipient always has a copy somewhere until they choose to trash it.
Hmmm... does this mean that I cc: an email onto a list or newsgroup that didn't cc: the list when they responded to me? If somebody confesses to murder in an email should I not CC: the cops? Do you REALLY need to give out disclaimers to people before any email?
Me physicist. Me make rockets.
This bothers me. On the one hand, most Slashdot readers will say, "This violates my privacy. The government has no right to use packet sniffers, etc. to view my Internet traffic." On the other hand, they praise hackers who utilize similar (if not the same) tools, by saying, "These people show the insecurities in Windows NT, etc." How come we praise the hackers for doing something we condemn the government for?
If the judge isn't aware of the federal Electronic Communications Privacy Act (ECPA), some of the people involved in this case are incompetent. That federal explicitly gives email communications strong privacy protection, and an explicit on-point law trumps an analogy every time. (Unless you're talking about an appeals court overturning the law on constitutional grounds, but we aren't.)
I don't think IM was covered by the ECPA - it wasn't common in the early 90s - but it may still be on-point.
As for logging into an answering machine, he's undoubtably refering to the access codes used for remote access. However it's again a lame analogy since the default access codes are well-known and often either unchanged or impossible to change. (If you're curious, most default passwords are straight sequences on the keypad, e.g., 789.)
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
it seems strange but yes in the US you can go to jail for asking to meet someone over 18 with romance in mind, if they think you thought they were under 18 even though they weren't.
In civilised countries it is illegal. EU regulations specifically deny you the right to intercept any traffic more than you need for debugging and diagnostic purposes.Any intercept beyond that may lead to the loss of a telecom operators license.
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
IANAL, but with the various IM clients having some serious security issues lately - not quite as bad as some other proggies out there, but in Joe six-pack's hands about the same level of Outlook Express - you would think the defense would be "I did not do it" rather than "you can't listen in".
It is way too easy to have something forged, or worse, proxied through your account compared to how people wet themselves over a one in ten billion chance a DNA match may be invalid. Assuming Innocence, of course, you would figure there is a reasonable doubt option....
+++ UGUCAUCGUAUUUCU
Yes. Move along, nothing to see here....
Hi!
Excite must have picked up the story off the news wire--this story in the Allentown Morning Call ran on Feb. 15. The plaintiff, Proetto, wasn't just a creep making lewd suggestions. He was a police officer. The Morning Call article also notes that Proetto didn't go to any prison--he got six months of probation, and will "probably" ("probably"????) lose his job. He is bringing this lawsuit to avoid getting labelled as a "sex offender", and thus subject to all kinds of reporting requirements and harassment. (In most states sex offenders are required to register with the local police when they move into an area, and the police are required to notify neighbors, schools, and local associations. Who--as you might expect--sometimes have been known to take matters into their own hands.)
At the time of his conviction, Proetto, who is in his early 30s, was working as a police officer... He was fired and now sells appliances.
Eww. I'm not buying any keyboards from that guy.
I think it is reasonable for a party to the conversation to submit a digital copy of what they received -- the participants should know that the recipient has a durable copy that they could use to show others. While I don't have a problem with using this evidence from that point of view, I'm concerned about the ability to prove that the submitted evidence actually came from a particular sender. With a voice recording, we have bio-metric information encoded which may attest to the authenticity. What can we use for email or IM? I suppose the law enforcement will be relying on the logs of the ISP (both sender and receiver) to verify that a message was sent. How can they verify the content of the message wasn't altered by the recipient? I assume that most ISP email logs, at least, do not maintain a copy of the content. I suppose digital signatures could be used for non-repudiation, but only if the sender signs the message. In this particular example, the nude picture of the sender could be used as proof, but only if he did not make it available elsewhere on the net (otherwise, a malicious person could have gotten it). I doubt that is the case here due to the corroborating evidence, but I'm a little uncomfortable with leaving it up to judges or jury's to judge the credibility of such digital evidence.
Hi!
The AP wire article that Excite quotes was written by a reporter in Philadelphia, presumably after reading this story which ran in the Allentown Morning Call five days earlier. The AP writer makes a couple of mistakes, and misses a significant point--a point that is made well in the Morning Call piece.
It wasnt me, officer, I found these messages on my computer of someone setting up a meeting here; I thought it was my (kid|wife|.*) and wanted to find out what they were doing being my back. If it wasnt them, maybe someone broke in and used my computer. Unlikely, but obviously a viable enough defense.
Liberty in your lifetime
Computer sends e-mail over the Internet.
The Internet is made of wires.
Therefore, E-mail == communications made over a wire.
Wire tapping == listening to communications made over a wire.
Anyone else see what I'm getting at?
Why does a court even have to rule on this? Existing laws should have this covered. I never understood why laws are either too broad or too narrow.
CAn'T CompreHend SARcaSm?
For god sake, the US, is the most analy restrictive country in the west, maybe appart from Germany.
:)
In the UK we have the RIP ACT, the Computer Missuse act, and the Data Protection Act, plus other laws, that deal with a population about 1/5 the size of the US. 1/5 is not alot, when you count all the technical people. You're not a free people, it is an illusion. Top bugers though, oh and the pizza is rather nice
Another factor in this case is that the Penn. Constitution provides for greater privacy rights than the Federal Constitution. Not sure of the current law, but where other state courts have allowed things like thermal imaging scans by police, Pa. courts have not.
This is not legal advice.
Since PA requires all parties of a conversation to consent to, or at least be aware of the recording, if any single party is unaware then a court order would be required to access such information.
Here's the problem though, when you send someone an email, it should be assumed that it is saved. Its not the same thing as a phone conversation that as soon as the moment passes, the data is gone, unless its recorded. Email does not automatically disappear when read. It has to be deleted. And even then, it could be retrieved legitimately by the owner of the machine without consent of the sending party. In any event, it should be assumed that email is always saved unless known otherwise.
Although I know the windows version of AIM doesn't record conversations unless you specifically save them, my ICQ client does by default save the message history unless I disable it. Same goes with leaving messages on an answering machine. You KNOW its being recorded even if nobody states that fact. It sounds like the defendant is attempting to claim technological ignorance.
Another issue, and I don't know how PA law applies here, but if the girl reported a crime to the police, and the police then (with her permission) witnessed the crime taking place, they do not necessarily need a warrant. A law enforcement officer could be looking over her shoulder while he was was chatting with her, witness everything, then record it for evidence once he had witnessed the crime taking place. Same as the cop without a warrant that knocks on your front door. If you open the door and he sees a stash of MJ on your living room table, he now has knowledge of a crime and can enter without a warrant and charge the occupant with a possession charge, although he'd probably still need a warrant to search the rest of the premises, he now has all the probable cause he'd need.
But PA law might work differently.
-Restil
Play with my webcams and lights here
"Any reasonably intelligent person, savvy enough to be using the Internet ... would be aware that messages are received in a recorded format, by their very nature, and can be downloaded or printed," said the court, likening an e-mail message to a message left on a telephone answering machine.
I would have to agree with this interpretation.
Personally, I would think the defense would hav ebeen better off arguing that the chat logs were altered... Then again his solitication to the girl while a detective was present would sort of torpedo that defense.
If the authorities were intercepting his messages while he was sending them, that would be one thing and should require a warrant. But a person turning over e-mail messages and chat logs after the fact? Nah.
That he used the internet to perform illegal solicitations, so they decided to put him under house arrest? Heh, that'll stop him using the internet.
dominionrd.blogspot.com - Restaurants on
- Hackers don't kick your door in.
- Hackers don't publicize your name as a "suspect", thus destroying your reputation.
- Hackers don't pauperize you with legal costs.
- Hackers aren't prosecutors concerned with obtaining as many convictions as possible.
- Hackers cannot put you in prison.
- Hackers cannot shoot you dead if you try to get away.
- Hackers don't joke about your future rape schedule in their prison.
- Hackers can't hold you indefinitely in an undisclosed location without counsel or contact.
- Hackers can be a nuissance, but they rarely destroy your life.
- Hackers aren't your government.
Are you trying to do a comparison (A is equivalent to B) or an assignment (A is B)?
Or are you just trying to show off you 1337 C skillz?
I think IM messages could be compared to two way fax communication where each fax can be sent instantly. Now, if someone sends you a fax, you can give that to police and have it be admissable in court. Even if the fax is sent to a fax modem board, that still holds. Of course, police still need a warrant to tap a fax, so the same should apply to IM messages. And for email, I consider email to be like postal mail, since email is stored by the email client until deleted.
It has nothing to do with wiretapping laws. Let me repeat.
THERE IS NO WIRETAPPING OF ANY KIND INVOLVED IN THIS CASE.
The defendent is arguing that since the e-mails and IMs were recorded by the intended recipient without his consent(necessary by PA Law), they are inadmissable.
The prosecution argued (and the lower courts agreed) that the defendent had no expectation that the e-mail messages and IMs would *not* be recorded by the intended recipient because of the very nature of the two mediums.
That is the issue at hand. The police weren't sniffing packets or intercepting e-mails. The intended recipient of the e-mails and IMs voluntarily turned them over to the police. If he had snail-mailed the solicitations to the girl, he wouldn't even be bothering appealing.
Strangely enough, being a geeky website and frequented by quite a few geeky people, quite a few people here understand "1337 C skillz" without having to make a big deal of it.
And if you knew yours, you'd know that == is always comparison. WTF are you on?
...this wouldn't be a crime. Alas, that I do not live in Sweden....
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?
If I send a letter to someone, say a bomb threat, and they turned it over to the police; that would be admissable against me.
However, this is Michigan standards, and we only need one side to have knowlegde of a phone conversation being recorded, so PA may be a bit different. However, I see no difference between this and mail that is turned over.
... then you shouldn't give a crap about this.
Jesus Christ, if he wanted to bang a fifteen-year-old so bad why not just buy himself a teen hooker? Got knows there are enough of 'em roaming about his home city looking for johns to please.
Either that or he could've taken a jaunt to Europe. In quite a few countries there it's completely legal to have sex with someone under 18. Assuming you can convince them to sleep with you, of course.
This boy sounds like an idiot to me.
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?
how do you verify the authenticity of the IM logs or email in question?
With a phone tap you can identify the people on the tape by voice.
Some IM logs are just plain text files. You can edit them to say whatever you want to. The only way to authenticate IM logs, it seems to me, would be to intercept them.
"For a successful technology, honesty must take precedence over public relations for nature cannot be fooled." -Feynman
Introduction
At first, the question of whether or not to tape record a phone call seems like a matter of personal preference. Some journalists see taping as an indispensable tool, while others don't like the formality it may impose during an interview. Some would not consider taping a call without the subject's consent, others do it routinely. However, there are important questions of law that must be addressed first. There are both federal and state statutes governing the use of electronic recording equipment. The unlawful use of such equipment can give rise not only to a civil suit by the "injured" party, but also criminal prosecution.
It continues here.
To me it seems obvious. Plaintext email should be considered a postcard. Encrypted email is mail in an envelope. Apply the same law. Cracking an encrypted email should be illegal like reading somebody else's mail. Is reading somebody else's postcard illegal?
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
Does it even matter whether the logs of the chats are allowed as evidence? Couldn't the girl just say "he told me (X)" and "he said (X)"?
"Mother, should I run for President? Mother, should I trust the government?"
This sounds much more like handing threatening paper mail to the police as evidence then like listening to a phone call.
After all, the police didn't tap the guy's email.
If they had a sniffer on the server and picked up his email, _that_ ought to need a wiretap!
I know *PLENTY* of immature 40 year olds.
This will be applicable when(if) it makes it to the Supreme Court. Federal Law establishes the minimum what about the state and local laws that this story is about?
Patche says, "You will attract more flies with honey than vinegar... but who wants flies?