Slashdot Mirror

← Back to Stories (view on slashdot.org)

Appeals Circuit Ruling: ISPs Can Read E-Mail

Posted by timothy on from the odd-distinctions dept.

leviramsey writes "The US Court of Appeals for the First Circuit (covering Massachusetts, Maine, New Hampshire, and Rhode Island) has ruled that e-mail providers are not violating the law by reading users' e-mail without the user's consent. The decision finds that the Wiretap Act does not cover interception of communications where the communications are being stored, not transmitted. Perhaps OSDN should send the defendant, accused in 2001 of reading users emails in order to find out what they were interested in purchasing from Amazon, a T-shirt from ThinkGeek?"

20 of 527 comments (clear)

  1. Two words by VinceWuzHere · · Score: 5, Insightful
    Two words: HOLY SHIT!

    More words: This most certainly has to be overturned on a privacy bill of some sort. Imagine the widespread mail-reading that is now determined -at least in the mentioned juridstictions- to be legal. I wonder what ever happened to the privacy laws and how they match up to this new ruling (the ones that say a conversation is deemed to be confidential and cannot be disclosed outside of the circle in which it originated?)

    I completely agree with "And he acknowledged that "the line that we draw in this case will have far-reaching effects on personal privacy and security."

    1. Re:Two words by 0racle · · Score: 5, Insightful

      You mean that you can say with a straight face that you thought E-Mail was a private medium to begin with? Its sent plain text, through who knows how many intermediaries, then stored on a system you don't have control over. At any one of those points it could be read, even accidentally.

      --
      "I use a Mac because I'm just better than you are."
    2. Re:Two words by Honest+Man · · Score: 5, Insightful

      Holy Shit is right!

      I'll tell you what though - If we start having people at isp's reading email from the First Circuit's personal email accounts and using any information they receive thats interesting and forward 'tips' to the LA Times and Seattle Times reporters and see how long this kinda garbage legal action continues.

      I cant believe we have people this stupid working in our legal system...

    3. Re:Two words by NigritudeUltramarine · · Score: 5, Insightful
      Two words: HOLY SHIT!
      One word: Postcard.
      More words: ... Imagine the widespread mail-reading that is now determined -at least in the mentioned juridstictions- to be legal.
      More words: If you don't want people reading your mail, you use an envelope. If you don't want people reading your email, you use encryption. Simple as that. It's always been that way, from the days of ARPANET. Nothing's changed.
    4. Re:Two words by flibuste · · Score: 5, Insightful

      There is still a huge difference between what you are ABLE to do and what your are ALLOWED to do.
      My company's database probably contains your credit card information - I am ABLE to access them - do you think I should be ALLOWED to use it?
      Let's face it - this court judgement is either a result of plain ignorance, or a lack of laws AND judgement.
      Again a nice example of freedom - brought to you by Big Corporation America. Thank whoever, I am not living there.
      Let freedom reign GW - June 2004

    5. Re:Two words by pilgrim23 · · Score: 5, Funny

      I think this is absolutely the ISP (or admin's) right to read whatever they need to in a customer's email to better provide service and further the casue of communication..
      -signed Apeals Court Sysadmin

      PS : Justice Smith: Zelda's email had some tech difficulties getting through, but what she said was:
      She couldn't get the chocolate stains out of her purple tutu so she will have to wear the red one for the usual Thursday session. be sure to wear your fishnets and don't forget the whips.

      --
      - Minutus cantorum, minutus balorum, minutus carborata descendum pantorum.
    6. Re:Two words by iammaxus · · Score: 5, Insightful

      Why? It seems much smarter to start encrypting your email than to simply trust a private company to not watch what is done with their equipment. That's ridiculous! Why don't you start filling out forms to sign up for auto insurance in garbled alpha-numeric characters and just tell them to get a verisign key? If you can't rely on a private company keeping your information safe, you are screwed. Just like an insurance company wouldn't dare give the kind of info you put on those forms to anyone else because of legal repercussions, an ISP wouldn't dare read your email if the proper laws were in place. Insightful my ass.

    7. Re:Two words by gumpish · · Score: 5, Insightful


      From the point of view of a systems admin, I'll be honest. I look at users' email from time to time. ...

      I dont see the big fuss here.

      Then why post anonymously?

    8. Re:Two words by joranbelar · · Score: 5, Insightful

      But the issue here is not comparable - the guy in question wasn't reading the emails while they were "in transit" a la a postal worker glancing at a postcard coming through. A more accurate analogy is saying the guy went up to every user's physical mail box, opened it, rifled through the contents (whether they were postcards or not) and used the data he gained for his own purposes.

      Whether the email is encrypted or cleartext, the bottom line is that you have to go to a lot more trouble to read someone's email than to read someone's postcards. And since email is sorted, routed, and delivered without human intervention, there *IS* a valid expectation of privacy.

    9. Re:Two words by Le+Marteau · · Score: 5, Insightful

      There was one other thing I meant to put in my original reply, but did not.

      Check this guy out. Study him, and those like him. You will find a similar trait, which I have observed most often in liars. Chronic liars think that everyone else lies like they do. That is key to understanding them. Likewise, this guy. He blithly goes on about how he reads other people's mail, as if it was a 'well, duh' situation, and as if ANYONE would do the same thing.

      This shithead is like the liars I've observed. He thinks that HIS 'natural tendency' to invade another's privacy is the way EVERYONE thinks. Well, his mode of thought is certainly common, but it is NOT the way everyone thinks. He thinks otherwise, which is one of the reasons guys like this are so pathetic. I've been a sysadmin. The thought HAS crossed my mind; hey, I could read anyone's email. But I CONCIOUSLY decided not to. This is what makes HUMANS different from ANIMALS. Animals do what comes natural to them, like the shithead parent. Human beings, true human beings (in the Dune sense here) actually have control of themselves and can aspire towards nobility instead of wallowing in animalistic voyeurism.

      Thank you for listening. I needed to get that off my chest. I'm just sick and tired of dickheads like the parent being the standard by which humanity is judged.

      --
      Mod down people who tell people how to mod in their sigs
  2. Isn't it about time... by Nea+Ciupala · · Score: 5, Insightful

    ... to start using strong crypto for our email? The technology has been available for free for years now, so what's stoping us? Why this inertia?

    1. Re:Isn't it about time... by cutecub · · Score: 5, Insightful

      Why the inertia?

      Confusion
      Complexity
      Laziness
      Cluelessness


      For me its always been a tossup between complexity and laziness. None of my friends would know what to do with a GPG public key if it hit them in the head, nor would most of them bother learning how to use it. You got it right with "Inertia". Overcomming this is like pushing a black-hole up-hill.

      -Sean

  3. I'm confused by Anonymous Coward · · Score: 5, Funny

    There are people that don't run their own mail servers? Well, I suppose that might change now.

  4. Implications for google? by Richard_at_work · · Score: 5, Insightful

    If ISPs are not breaking any laws reading users stored email without consent, then why was there a huge fuss about Google using a parsing engine to do the same?! I would have thought that a parsing engine was more in line with privacy than someone reading your mail!!

    I feel a tremendous schizm forming within the ranks of the American Legislature over this, with one side determined to force restrictions upon 'publicised' companies in an effort to make names for themselves, while the other side making rulings like this that will bearly make the main press. Something tells me not everyone is singing off the same hymnsheet.

    Something died a little today. That something was common sense.

  5. oh no! by 2057 · · Score: 5, Funny

    Oh god now they will know about my massive addiction to penis enlargers! seriously i don't use my isp account for anything important if they wanna know about penis enlarging treatments go fer it.

    --
    For The Best Jazz/Hip-hop fusion > COlD DUCK
  6. Fortunatly... by Mind+Booster+Noori · · Score: 5, Funny

    Fortunatly...

    1) I'm not in USA;
    2) I use gpg;
    3) I'm wearing that t-shirt.

    This is just as wrong as stupid: makes me remember how 2600 lost in court making links to illegal stuff illegal, when, after, others won in the same court prooving linking is just linking, not illegal (good for Google :-))

    It's frustrating when we clearly see that the laws are just bendable...

    --
    Mind Booster Noori
  7. It'll never stand by Noose+For+A+Neck · · Score: 5, Insightful
    Hopefully, if the Supreme Court doesn't overturn this decision, then at least people will get outraged enough that they will write to their lawmakers to quickly remedy this problem. It's not just Slashbots that worry about privacy in email, this is a clear enough danger that I'm sure the non-IT public would be shocked if they heard about what was going on.

    And to those who think encrypting your email is the answer - it's not. The email sent to you can still be read, and many sites like Amazon, which is mentioned in the article, send automated emails to whatever address you provide them, making your communications easy pickings for unscrupulous ISPs.

    Of course, on the other hand, I'm sure some people here won't be surprised, and will in fact welcome such intrusion into their email, as evidenced by the enthusiasm here and elsewhere in geek circles for Google's Gmail service, which at least as intrusive and does the exact same thing with a user's emails (i.e. reads them for the purposes of marketing other products they think the user would be interested in). I'm still not sure what causes this cognitive disconnect in the technical community, but it is both puzzling and worrisome.

    --

    Software piracy is victimless theft.

  8. Lets be rational here... by dan_sdot · · Score: 5, Insightful

    Lets try to be a little rational here. I know that everyone is going to scream in the typical slashdot style about "invasion of privacy!!!!!", but lets really look at the problem.

    The first thing is to understand what the Judicial Branch's job is. It is to interpret the meaning of existing laws! And looking at the law, it seems that they did a pretty good job of this.

    So does this mean that I want my ISP's reading my email? Of course not!

    The problem is that the legislative branch is not creating laws that keep up to speed with the ethical problems presented by technology. Lets not get on the Judges' cases for the ISPs reading our email, get on the LEGISLATORS.

    In fact, I want to congratulate the judges in this case for making the ruling. Even though it is obvious that it is absurd that the ISPs are reading people's email, the judge did not overstep his authority by trying to create laws, rather than interpret them. This is one of the largest tyrannies that happens in US Politics, judges effectively creating legislation.

    So here is a call to all legislators: GET ON THE BALL! New technology has created many new ethical dillemas, and we need the legislators to start dealing with them.

  9. ISPs can read e-mail? Finally. by Random+BedHead+Ed · · Score: 5, Funny

    ISPs can read e-mail? Finally. Now maybe someone at an ISP will reply to the several dozen "One of your customers is sending me spam" messages. It's about time ISPs got around to reading e-mail.

    Now to read the article ...

  10. Re:We don't need any analogies. by drtomaso · · Score: 5, Insightful

    Sorry for not including citations of cases, but I believe the courts have held that email users have no expectation of privacy when sending mail over others systems (I think most pertained to University systems, but dont quote me). In fact, this makes sense- SMTP is inherently insecure, from a privacy perspective. If you want to compare it to snail mail, imagine mailing private letters with no envelope. Anyone between point A and B can read it. You cant complain if you later learn the postman read it when he was bored.

    That said, you must take the case in context- all that was ruled here was that a (technologically speaking) ancient wire tapping law didnt apply to this specific case of email, because the message was stored in RAM, not actually in transport. If the company had been snooping on packets coming from *your* mail server, I suspect the result might have been different. Further, no other law was tested here- the case was solely over this wiretap law.

    In a perfect world, no one would do this, and we'd all be sending encrypted mails anyway. What should be required is a privacy policy clearly stating the administrator's policy on email reading (ala Gmail), so that the educated consumer may choose the provider most suitable for his/her needs. If a company wants to read your mail in exchange for a free gig of mail space, I whole heartedly believe that to be within their rights, providing they are upfront about it. That this provider gave no warning of it was a non-issue as far as the case was concerned- only the wire tap law was ever used.

    Given the context of the case in regards to the wire tap laws, and the history of expectation of privacy in email, this ruling shouldnt suprise anyone. What we should be doing is pushing for European-style privacy acts and some sort of required disclosure for service providers pertaining to email snooping.

    I also dont see this as a danger to the common carrier status of ISP's-if indeed they ever had this status with regard to email. This ruling is very specific, and does not mandate that ISPs *must* read their users mail, only that if they do, they arent in violation of a specific wire-tap law. I believe what we have here is a judge who just refused to legislate from the bench.