Slashdot Mirror

← Back to Stories (view on slashdot.org)

Where To Draw the Line When Punishing Email Snooping?

Posted by Soulskill on from the reasonable-expectation-of-bofh dept.

CWmike writes "While it might seem like a practical joke or a harmless, furtive glance, e-mail snooping could land you in more hot water than you'd ever expect — you could be charged with a federal crime. The recent case of a Philadelphia TV news anchor charged with breaking into his co-anchor's e-mail accounts shines a light on the seriousness of such snooping. Scott Christie, a former federal prosecutor who headed up the computer hacking section at the U.S. Attorney's Office, said, 'You look over someone's shoulder and read a personal letter and that's not a crime, so how can it be a crime to access someone's e-mail? It's not the same thing, of course... What you're doing when you're accessing e-mail is affirmatively exceeding your access to electronic documents and systems.' He adds: 'Usually, you're doing that by pretending to be that person to break into their account.'" It's worth noting that the Philadelphia man accessed his co-worker's email over 500 times, and his use of the information he found was hardly harmless. However, the rules and conventions for email privacy are much less familiar to most people than the laws regarding snail mail. At what point does a privacy breach demand punishment?

18 of 124 comments (clear)

  1. Privacy? by BSAtHome · · Score: 4, Insightful

    At what point does a privacy breach demand punishment?

    Wasn't privacy declared dead some time ago? So, no punishment, I guess...

    1. Re:Privacy? by KingSkippus · · Score: 3, Insightful

      Good point.

      When companies systematically reads our e-mail, we've gotten desensitized to the point where we just don't care any more. When your cubicle neighbor does, though, they (literally) make a federal case of it.

      Privacy? What privacy? It's just one more person knowing all the stupid little nitpicky details about my life. The best idea is to simply hole up somewhere and live the life of a hermit.

    2. Re:Privacy? by causality · · Score: 4, Insightful

      At what point does a privacy breach demand punishment?

      Wasn't privacy declared dead some time ago? So, no punishment, I guess...

      It certainly is dead if we don't stand up and demand it and if we choose not to punish those who violate it. We do have a choice in the matter, you know. We don't have to just sit back and do nothing and watch it slowly erode.

      Of course the other angle is that there is plenty you can do to make your communications and your systems much more difficult to compromise. You can use encryption, you can refuse to use free services like Hotmail and Gmail for sensitive data, you can follow good security practices for how you administer your computer. You can also assume that someone somewhere really might target you, which that co-worker mentioned in the summary almost certainly did not do until it became evident that this was the case. Privacy is very much like freedom; the price is vigilance.

      --
      It is a miracle that curiosity survives formal education. - Einstein
    3. Re:Privacy? by perlchild · · Score: 3, Insightful

      When a company does it, it's "usually" not without your knowledge. (As in, you've agreed to it) You can also quit over it, but would you quit over it if they don't fire the cubicle mate that reads your email?

    4. Re:Privacy? by dgatwood · · Score: 2, Insightful

      And even if it is without your knowledge, the federal government won't lift a finger because that's a civil issue between you and them. Translation: we'll only help you protect yourselves against invasion of your privacy by individuals because they aren't as generous with their lobbying dollars. The government these days is pretty thoroughly in the back pockets of the corporate world. Expecting them to do anything to defend you against their buddies is like expecting the corporations not to sell your personal info if it will make them a quick buck.

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

  2. Is not it a federal crime to interfer or open .... by 3seas · · Score: 1, Insightful

    .... anothers snailmail?

    then of course email should be treated the same, as it is private communication between sender and receiver.

  3. Stupid analogy by phorm · · Score: 2, Insightful

    You look over someone's shoulder and read a personal letter and that's not a crime, so how can it be a crime to access someone's e-mail

    Talk about apples to oranges.

    If you read somebody's letter over their shoulder, not a crime. If you read somebody email over their shoulder, same thing.

    If you break into their postbox and open their mail, that would be more comparable to actually entering somebody's account without permission to read email...

  4. Same as physical mail why not? by apathy+maybe · · Score: 3, Insightful

    Just make the deterrent/punishment the same as accessing someone's paper mail without permission.

    Sure, in some cases you have to pretend "to be that person to break into their account", in which case you might throw a bit of "fraud" at them as well, but in most cases, accessing snail mail and accessing physical mail are similar enough.

    If you are reading something over someone's shoulder, they can tell you to piss off, cover it up or whatever. The difference is actually going to the mail box (whether it be physical or electronic) and accessing what is in it.

    Oh yeah, I guess it might be slightly harder to prove that someone has accessed the electronic box (because they don't have to open any envelopes), but considering you should be treating email as you would post cards anyway... (That is, anyone between you and the destination can read it, unless you take measures to encrypt it or something.)

    -----
    Disclaimer, I don't believe the state should exist. However, my opinions expressed above are given on the condition that my belief is suspended for the time being.

    --
    I wank in the shower.
  5. Crappy journalism - par for the course by DNS-and-BIND · · Score: 4, Insightful
    "While it might seem like a practical joke or a harmless, furtive glance, e-mail snooping could land you in more hot water than you'd ever expect you could be charged with a federal crime."

    Sigh. They are NOT repeat NOT talking about looking over someone's shoulder, or a furtive glance. They're talking about logging into another's email account and making the (damaging) contents public. But hey, this sort of confusion is what I expect from journalists - doesn't matter if they work for the New York Times or the Daily Shopper, they're all pretty much the same.

    --
    Shutting down free speech with violence isn't fighting fascism. It IS fascism!
  6. Re:The line is fine by socsoc · · Score: 3, Insightful

    Except that e-mail is not US mail. You're confusing law about the US Postal Service (so snail mail) with e-mail.

  7. Re:Is not it a federal crime to interfer or open . by janeuner · · Score: 5, Insightful

    US Mail and E-Mail are fundamentally different. With snailmail, the government guarantees the timely and confidential delivery of your message, and it is a federal crime for a third party to interfere with that contract. Contrast that against E-Mail, where confidentiality is never guaranteed - consider every virus scanner and Junk Mail filter along the transmission path. However, when a third party breaks into an email account, a different crime is being committed - identity theft.
    Laws that specifically protect US Mail should not apply to crimes involving electronic mail. The act of impersonating the victim should be sufficient for prosecuting the offender.

  8. Re:How did he get the credentials? by Anonymous Coward · · Score: 1, Insightful

    A weak password does not waive the expectation of privacy and security at all. The fact that it is a password (read security access device) should clue you in to that. Bad argument.

  9. Re:Larry Mendte's real crime by causality · · Score: 3, Insightful

    You could say that it is stupid to have such conversations over email, but this was hardly "just looking over your shoulder."

    Sometimes shit just happens. Really. But most of the time that I see anything bad happen to anyone, they were doing something stupid. Something stupid that either directly caused the situation, or made it much worse than it had to be. That includes me, by the way -- if I have an advantage over others it's that I can admit this and see these things as lessons to learn from instead of treating everything as though it's random chance, as though my choices have no impact on what happens to me. Poor decision-making remains the number one cause of most peoples' problems, which is a good thing in a way because it's preventable.

    Try explaining this to most people, though, and see how far you get. Instead of saying "the power to change things for the better is in my hands" they say "so you're trying to blame this all on me?!" and they completely miss the point. Even if you don't directly cause things that happen to you, there is such a thing as making yourself available and allowing room for things to happen. It's disheartening because the way most people respond to anyone who says this leads me to believe that most of them want to be victims. When that's the case, they tend to get what they want.

    --
    It is a miracle that curiosity survives formal education. - Einstein
  10. Privacy Needs A Rethink! by b4upoo · · Score: 2, Insightful

    Privacy is highly over rated. Much can be done for the greater good when the very concept of privacy vanishes. The really important idea is that all entities should be free to study and accumulate all information. That puts government, the citizen and business on equal footing.
            From the past I wonder just how much privacy an American Indian who spent his entire life with a tiny tribe experienced. Chances are everyone knew every little thing about every other member of the tribe. Did harm flow from that? I sort of doubt it.

    1. Re: Privacy Needs A Rethink! by WamBam · · Score: 3, Insightful

      I'm glad you feel that way. And since you feel that way, can I have your email address, SSN, bank account# and any or all passwords you might have? Thanks dude! Oh, and I'll, um, share my info with you later...

  11. Re:How did he get the credentials? by Anonymous Coward · · Score: 1, Insightful

    You know, my mailbox doesn't even have a lock on it, all anyone has to do is open it to read all the letters inside. It's still a federal offense to do so. 'Expectation of privacy' applies to mail no matter how weakly it's protected.

  12. Re:Is not it a federal crime to interfer or open . by fishbowl · · Score: 2, Insightful

    >So, if something isn't guaranteed (privacy), then it should be perfectly legal to do so?

    Yes, as long as you have a legal right to be where you are, what you witness is perfectly acceptable.

    I know there are gray areas like looking into windows from the road, and so on. But if you have a legal right to be where you are, what you witness from there is acceptable, and can be used as evidence.

    If you do your "email snooping" while burglarizing an office, that's a crime.

    --
    -fb Everything not expressly forbidden is now mandatory.
  13. What about Google, Yahoo by lingoman · · Score: 2, Insightful

    OK, I know that when you sign up the fine print gives them to right to study your emails. And I know that it's not a human being, but an automaton reading the email, and directing spam toward your screen. The Telcos are drifting in that direction. Ha, the NSA has plenty of company. And what happens when their (Google, Verizon, and the NSA) software gets good enough to be called intelligent?

    Even if prosecutors aren't interested if you sign your right to privacy away, but this a good place to discuss the bigger picture.