Slashdot Mirror
Federal Judge Says E-mail Not Protected By 4th Amendment
DustyShadow writes "In the case In re United States, Judge Mosman ruled that there is no constitutional requirement of notice to the account holder because the Fourth Amendment does not apply to e-mails under the third-party doctrine. 'When a person uses the Internet, the user's actions are no longer in his or her physical home; in fact he or she is not truly acting in private space at all. The user is generally accessing the Internet with a network account and computer storage owned by an ISP like Comcast or NetZero. All materials stored online, whether they are e-mails or remotely stored documents, are physically stored on servers owned by an ISP. When we send an e-mail or instant message from the comfort of our own homes to a friend across town the message travels from our computer to computers owned by a third party, the ISP, before being delivered to the intended recipient. Thus 'private' information is actually being held by third-party private companies."" Updated 2:50 GMT by timothy: Orin Kerr, on whose blog post of yesterday this story was founded, has issued an important correction. He writes, at the above-linked Volokh Conspiracy, "In the course of re-reading the opinion to post it, I recognized that I was misreading a key part of the opinion. As I read it now, Judge Mosman does not conclude that e-mails are not protected by the Fourth Amendment. Rather, he assumes for the sake of argument that the e-mails are protected (see bottom of page 12), but then concludes that the third party context negates an argument for Fourth Amendment notice to the subscribers."
I cannot see how this won't be overturned on appeal. People have a general expectation of privacy in regards to their e-mail, and the fact that it's being physically hosted somewhere doesn't defeat that.
It's a real shame that email encryption never really hit the mainstream.
The Government does have to get a warrant to open your mail. Don't they?
To a Lisp hacker, XML is S-expressions in drag.
...your medical records aren't private, either. When you use a hospital or a doctor's office, you're not in your own home, and your records of the visit are stored at the facility. This judge is a moron.
Ed R.Zahurak
You know, oblivion keeps looking better every day.
when we send mail via USPS, since the mail isn't technically in our homes while it is sitting in the post office, that the government can read it without violating A4?
It's not about transportation, it's about destination.
Plus there's no expectation that FedEx would (or should) have access to the *contents* of your mail, but an ISP-hosted email account, currently, does have full access to the content, with your tacit approval.
There are options, potentially, for the more privacy minded:
* POP email with "delete from server" active will limit how much of your mail your ISP has access to.
* Run your own mailserver.
* Develop a mailserver that stores mail in an encrypted folder and requires your key to access.
That last one could also go a long way to helping solve the issue where private companies have to host their own mail and forbid employees from using other accounts solely to avoid the exposure of proprietary communications to third parties (the ISP). It also shouldn't be too difficult to set up...
I run my own mail server, you insensitive clod!
of course, the 'ever so smart judge' does not know this fine nuance.
the fact that packets travel along routers, bridges and gateways means that some of your 'property' is stored/forwarded outside your 'house'. BUT SO WHAT??
US mail travels in a store-forward way. are they allowed to read your mail because its 'not in your house, at the time' ?
finally, why is this moran allowed to concluded that ALL mail sits on 'webservers' ? even if it IS web-based, oftentimes its pop/imapped to your home system and then deleted off the server. or maybe you run old style port25 mail and it truly does go point to point and never 'sits' on an ISP for more than transit-time.
I'm really annoyed by judges who make decisions based on FALSE assumptions and lack of understanding. this judge should be fired or even tried for treason. his crime is THAT great; its a threat to some fundamental privacy that the constitution (once) allowed us.
those who seek to over-rule constitutional laws ARE traitors. look it up.
--
"It is now safe to switch off your computer."
When a person uses the Internet, the user's actions are no longer in his or her physical home... All materials stored online, whether they are e-mails or remotely stored documents, are physically stored on servers owned by an ISP
Yes, just like:
- Mail
- Safe deposit boxes
- Bank accounts
- Voice mails
- Telephone conversations
- Storage units
As far as I know, all of the above things are subject to the 4th amendment. WTF???!!!
Oh certainly, if everyone you get email from uses PGP, you're already good.
I'm talking about keeping all the plaintext and/or HTML mail you get from normal people/banks/mailing lists and having the mailserver know to automatically encrypt the content of new messages with your public key. An ISP running such a server could then HOST your normal mail without ever having access to it, or without ever implicitly getting your permission to access it.
A postcard is public, a letter in an envelope is private.
A postcard isn't a good analogy. If I send a postcard, lots of people might see what is on it by simple chance. For example, the mail carrier might see it when they pick it up. In order for someone to read an email they need to go out of their way to access it in some form. That such access is easy doesn't say much. It is easy for someone to access physical mail often when people use a physical mailbox in the suburbs. Moreover, anyone in the postal service can easily access the internal contents of your mail without getting caught (steaming open a letter is really easy and hard to notice). That doesn't mean that the government has a right to read all my physical mail without a warrant. Just because something is possible doesn't mean that it is considered either normal or acceptable practice.
The judge ruled that the warrant can be served on the third party without notifying the sender. This would be akin to serving a warrant to one's employer to search one's workspace.
Or, serving a warrant on your friend to access your friend's computer to get emails sent by you.
I think this ruling is on shaky ground due to the concept of "reasonable expectation of privacy".
There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
Perhaps you can tell me the difference between a phone call and a email. Phone calls are protected by wiretapping laws, it is a criminal offence to listen in to private phone calls or record them without the permission of all parties involved. Both phone calls and email are simply digital transmission over wire, both pass through other parties to get to the final destination, the only difference is the hardware and coding to encode, decode and interpret them.
Face it, the judge is an idiot of the first order, I mean come on has the boob never heard of ADSL. It completely ignores the fact that email servers are completely automated and require no human intervention to reach their destination. It is time for email software to make use of the DMCA and, incorporate a simple encryption technique that prevents the email from being read as plain text but require a simple for legal reasons only decryption technique with a default warning if the person is not the intended recipient, for email where the default recipient email address does not match the target email address.
Basically am encryption technique that is no more secure than you typical envelope but still providing the full legal security of a typical envelope, with the added bonus of the DMCA to beat them over the head with.
Chaos - everything, everywhere, everywhen
I would like a warrant for the Senates email accounts please... All of em...