Save a Chatlog... Go to Prison?
Alien54 writes "You are engaged in a chat session with some friends and colleagues, when one of them makes a witty remark or imparts a pithy bit of information. You hit CTRL-A and select the conversation, then copy it to a document that you save. Under a little-noticed decision in a New Hampshire Superior Court in late February, these actions may just land you in jail. New Hampshire is "two-party consent state" -- one of those jurisdictions that requires all parties to a conversation to consent before the conversation can be intercepted or recorded. The decision is the first of its kind to apply that standard to online chats, and the ruling is clearly supported by the text of the law. But it marks a blow to an investigative technique that has been routinely used by law enforcement, employers, ISPs and others, who often use video tape or othermeans to track criminals in chat rooms. This also has troublesome implications [for employers] monitoring of email and other forms of electronic communications."
Well, I guess I better turn off Trillian Pro's logging by default....or at least have a macro sent to them when I start the conversation...
GeekWares - Buy and Download Today!
iChat for Mac OS X has a feature that allows you to log all IM conversations automatically. I wonder if this kind of online communication is included in the NH decision.
Does anyone really think that this will make it impossible for police to record chats? They can tap a phone line without the consent of either party, so why wouldn't they be able to do the same here?
Dewey, what part of this looks like authorities should be involved?
This sounds an awful lot like a Your Rights Online topic.
This is the NFL, which stands for "Not For Long" if you keep making those bulls*** calls.
So, online games with logging to file features (Everquest, SWG, DAoC, etc) would fall under this ruling too? /tell features in the games should be considered as private as a chat session, this must suck.
I know people that have logged to text files and then to data base everything they have said and had said to them for 5+ years in some of these games. Considering that
Also considering that techsupport often asks for logs when reporting bugs/unusual behavior or cheating, would that make them accomplices after the fact?
What the poster probably ment was monitoring employee use of company facilities. Personal or not you shouldn't expect or have any privacy while using company computers.
Anything that's public is takeable. If the police want someone's fingerprints, they may not be able to get them without a warrant, but they can snag the softdrink the person just tossed in the trash. The chat room is like a piece of paper someone has written a letter on then tossed out: now public domain. Once the person leaves a chat room (especially in something like IRC), the list is still there logged to your computer until you close the screen.
Interestingly enough, what about programs that log the chats automatically? I would have an easy time (I think) defending that trillian was logging without my knowledge as opposed to me physically copying a conversation without the other party's consent.
They are missing one crucial point here I think. A chat log is (usually) just a plain text file of the contents of a chat session. A file like this could easily be created by hand by anyone, at any time. Even when it's something more sophisticated than a text file, it can still be faked pretty easily.
So wouldn't a log like this be completely inadmissable in any court anyway? Wiretaps have been used for years on the premise that audio analysis can be used to unerringly establish the identity of the speaker. Chatlogs are simply a whole other kettle of fish.
I hear there's rumors on the Slashdots
Yeah, but I would think a video would make for better evidence, giving indications of the speed of the conversation, and guaranteeing that the contents of the conversation hadn't been edited, which could be done with any sort of flat-file logging.
Most IRC clients will buffer quite a few (thousands) of lines in RAM. Is this sort of recording different? What if it gets swapped to disk? What about systems with long average uptimes--if I just leave my IRC window open for a month (or leave it up through hibernate/resume cycles), have I recorded it? What if I have that conversation on a laptop, and try to get it admitted as evidence without ever powering it down? ("Hurry up, Your Honor, klaptop says I've got 30 minutes of battery life left!") What if I hibernate it and resume it in the courtroom? Then it's technically been written to a permanent storage medium, but only as an extension of a volatile one.
The law needs clear definitions to work well... I don't think it's a blow to privacy rights for participants to assume that anyone party to a text conversation can record it.
Spoken conversations are by definition transient--the sound is gone as soon as it happens. The law makes sense for those. But for text conversations, with backscroll and long buffers, it quickly becomes silly.
I don't think we want to encourage poking at check-boxes to be a legally-binding act.
Remember all the ire about clickthrough agreements? Yeah.
But once we start throwing compatible and cross-network IM clients around, who knows what the rulings would be. Plantiff: "My client does NOT log by default, so there is no implied consent" Defendant: "Your doesn't but my client DOES log by default, therefore, the system implies consent."
frob
//TODO: Think of witty sig statement
I think you should say giving the appearance that it has not been edited. Video taping the conversation means very little as you dont have any proof of when it is. You just play back an edited chat in front of the camera and it would look the same. You want a good log give me packet dumps from there end complete with any encryption there are firewalls that do that as a standard feature. Thats a lot harder to fake than some video tape of a computer and some cop. Granted I dont trust cops implicitly by definition there career is bosted by having a high arrest and conviction rate they have plenty of oppertunity and motive to alter evidence when they know they can get away with it. And before I get flames no not every cop is bad most probably arent but in something as serious as criminal charges I think they are not held to a high enough stnadard.
No sir I dont like it.
Exactly what constitutes recording? Saving on magnetic media? Printing on paper? Storage in RAM? Storage in SRAM? Storage in human memory?
The answer is important, since chat software "saves" conversations in RAM, at least as long as the chat window is open. I can preserve a record of a chat session for as long as I want by simply not closing the window. Given that fact, I would expect that all chat sessions are recorded, and therefore use of chat software implies consent by all parties to record the session.
I suppose that if you're really concerned about this, you could strengthen that case by transmitting a statement immediately after starting a chat session along the lines of "This chat session may be recorded. If you do not consent to the recording of this session, disconnect from this session now."
IIRC apples ichat does this by default. looks like its time to call grandma and alert her to the breaking of the law by using that functionality.
<ranting>
seriously now, what are govt officials thinking? more recently about the gmail privacy issue (which is only made an issue by folks who dont understand it) and now this sillyness? and why is this post under the science section? yro maybe?
argh!
</ranting>
from the article: " Why should e-mail be any different? Why should VOIP? Why should IM? IRC? SMS? Either communications are private, or they are not. To the Internet, packets is packets. Maybe its time for the law to make up its mind."
IMO these mediums -should- be different bc they have different acuisition(sp?) methods.
lets take email and snailmail for example
to open another person mail is a crime. it involves using your hands or some tool to break the paper/cardboard that the item arrived in and view its contents.
to open another persons email is an invasion of privacy which may involve simply turning the computer on. (auto email checking that puts a cute icon on teh screen, grandma clicks it and voila)
IMO we need laws that accomodate and understand the technology, not make some half arsed RL relation to it.
besides, if you think that your plaintext sent IM messages are ensured to be private to only you and your intended recipient then you really need to learn about el interneto. if ppl want that then use encryption!
I believe that online chatting is analogous to the beep on the phone. I think the argument should be that online chatting is implied consent to record. The -vast- majority of chat programs save the chat logs, sometimes automatically (ie gaim). I think if the court is going to rule that ctrl+a pasting is recording, then the network card and associated drivers are also recording, though deleting as it passes. When does having something in memory become storage? Is there a nanosecond clause to that law? (If you have the data in memory for more than one ns, then you are copying/recording?) If so, then what about video buffers? It stays in the video buffer as 'text', or in the memory behind the textbox values until the window is closed. Anyway, like I said, i think the chat box should be the beep.
"expectation of privacy"
In a public forum, there is no expectation of privacy. People may record what you say. Get over it.
How's my programming? Call 1-800-DEV-NULL
By viewing contents on [your website here], you consent to monitoring and logging.
Looks like a universal EULA similar to the above is needed just to not find oneself in violation of the law for logging anything.
What those who want activist courts fear is rule by the people.
"New Hampshire is "two-party consent state" -- one of those jurisdictions that requires all parties to a conversation to consent before the conversation can be intercepted or recorded. "
The law is not meaningless as long as you sign an agreement. The law requires that you agree. You are missing the point or did not even read the topic.
And another thing:
When you're on the telephone you have no presumption that your conversation is being recorded.
Unless maybe you're talking into an answering machine or voicemail box, or have otherwise been informed that you are being recorded.
When you're sending data on the computer, you know, because you've been told again and again that THE INTERNET IS NOT SECURE, that anything you transmit may be intercepted, recorded, retransmitted, stored, parsed, decrypted, or otherwise coopted. Your rights in this regard can be presumed to be limited to those you would have if you know someone has a legal copy of a document. Anything else the law has done to expand those rights is based on a fundamental failure to understand the fact that THE INTERNET IS NOT SECURE.
I.e., it's not the copying and storing that's a problem. It's the uncopyrighted duplication to repeat to others that's a problem. Original copies are, as always, free to be transferred to others (and if they are, by law, not, then the law is, as always, a ass). But here's a hint for all the lawyers out there: the act of transferring a copy from hard disk to floppy disk is copying, and copying more than once, in the various hardware in the machine; destroying the copy on the hard disk doesn't change that; so you might have an out.
How do you get around the fact that the IM chat is immediately recorded (by definition) when it appears in your IM application?
What about implied consent? Since you know by using the IM application that your conversation is automatically being recorded in the other party(or parties) IM application, doesn't that necessarily mean that you have consented to its recording?
I think so, and I think this decision is just one that will be dismissed or criticised when this issue is briefed before the majority of courts in other jurisdictions. It is a NH state decision - it has no force anywhere else.....
--Kobayashi--
No, because implicit in the agreement that everyone makes with Slashdot when posting is permission for Slashdot to reproduce and store the post upon their servers.
That means that even if it is a conversation, permission has already been given to Slashdot, at least, to copy and record it.
So, for example, I can't sue Slashdot for reproducing my words here, because my post is indication of my consent to have them reproduced.
But if you save a copy, I could potentially accuse you of copyright infringment, because I have only granted Slashdot a right to reproduce.
But fair use would cover that, probably, and I license this post under the Creative Commons Attribution-ShareAlike License
But do note that copyright is a separate issue from the chat logging issue.
(Dang, I sound like a stinkin' lawyer!) IANAL.
Fellowship 9/11
So how is this different from a physical letter, in which the consent of the sender is presumed?
So what you're doing isn't copying their conversaiont - you're making another copy of a pre-existing copy which they consented to.
I believe this is the logic used in reference to voice mail/answering machines, where it was by nature recorded and it had to be supposed that a third party could hear it.
What confuses me is that this is listed under a "wiretap" law; my understanding (common understanding?) is that a wiretap is a "man in the middle" attack where a third party "eavesdrops" on a conversation. In this case, they are applying it to one party recording their conversation with a second party. While they may want to prohibit this (two party consent) it really is separate from wiretapping.
Someone asked if I had patched against MSBlast; I said yes, I installed Linux.
You have no fundamental right not to be recorded. What you have is a right to *know* that you are being recorded when you are. The two party consent guarantees that both parties *know* that they are being recorded (or at least could be). The consent isn't giving anything away. It is just registering your knowledge of the situation.
The point is to keep people from being caught by such things as "Can you please read the following document?" where the document seems to be a fictional passage but when replayed in court later, it sounds like you are admitting some crime. Other examples exist as well (e.g. orally agreeing to something and changing one's mind later; with the recording, the oral agreement is a contract; without it, it's just air).
A written record of what happened is different. It does not bear the same weight as the recording in someone's own voice (although modern audio edit facilities may make this overblown, i.e. a recording might be faked almost as easily as a written transcript).
There are any number of situations in which I would *like* to be recorded. For example, under current law, I can call an insurer and record my description of an accident. If recordings were *not* allowed, I would have to go into the insurer's office to sign a written report, further slowing an already slow process.
When I call an organization that records all conversations, I know that not only am *I* being recorded but that they are as well. Thus, I am protected from them misrepresenting my statements or their own.
That's not to say that there are not abuses. I'm sure that there are. However, there would be abuses if the information was missing as well. Consider the case of an unrecorded conversation that would explicitly clear me of something and reveal that the other party did it. Or a revised agreement that could have been recorded but wasn't; offer withdrawn before signing. So on and so forth. There are a lot of babies flying out with that bathwater.
I keep all my email and chat transcripts. Partly for the record and partly so that I have access to that info for future conversations (I have emailed someone an excerpt from a chat to save reformulating the info after they forgot). I do a lot of my work to spec, so I spend a lot of time with printouts of email marking off things that are done, making notes, etc.
Well the judge is wrong. The protocol itself makes no attempt to allow or block recording, but another application by the same company (ICQ) can talk to the same network and includes a history function. That's a pretty damn fine hair to split if you are going to throw someone in jail. I can see not allowing police officials to introduce such a log without a court issued warrant but I can not see making it a crime to record a medium which is by nature not secure.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.