NNSquad - Network Neutrality Squad
[ NNSquad ] Google, Others Help Yahoo Fight DOJ E-Mail Snooping
Google, Others Help Yahoo Fight DOJ E-Mail Snooping
http://lauren.vortex.com/archive/000706.html
Greetings. In Charles Dickens' classic novel "Oliver Twist," the
character of Mr. Bumble is chastised that "The law supposes that your
wife acts under your direction." He replies that "If the law supposes
that ... the law is a ass -- a idiot."
How little has changed.
Google and a number of prominent pro-privacy groups have come to
Yahoo's defense in its attempt to fight off intrusive efforts by
the U.S. Department of Justice to gain access to stored e-mail
contents without warrants ( http://bit.ly/bMY0cC [CNET] ).
The Obama DOJ is even trying to go far beyond one of the most
ludicrous aspects of current privacy laws, a section that I call the
"Cinderella Clause."
You'll recall that most of Cinderella's goodies (clothes, coach,
footmen, etc. -- all courtesy of her handy fairy godmother) reverted
to their original mundane aspects at the stroke of midnight.
There's a similar effect in our privacy laws, with potentially even
more devastating consequences.
U.S. federal law normally requires search warrants to access remote
e-mail contents in "electronic storage" that are less than 181 days
old (approximately six months). After 181 days, all bets (and most
legal protections) are off. As far as the federal government is
concerned at that point, you stand naked before their demands for your
e-mail, whomever is holding it at the time -- other than yourself
(more on this in a moment).
Disturbingly, the Obama administration is pushing this perverse
situation much farther into the Bizarro World, by claiming that even
if e-mail is less than 181 days old, once "opened" by users it no
longer is in "electronic storage," and so should be available to the
government without warrant regardless of how short a time it has
existed.
The claimed concept that opened e-mail is no longer in "electronic
storage" may come as quite a surprise to technologists (like myself)
who were previously unaware of the fact that opening an e-mail message
instantly transformed it (cue the magic wand!) from bits and bytes on
spinning disks into something apparently much closer akin to cottage
cheese.
This is insanity of course -- as Mr. Bumble would likely recognize.
But the same rules don't apply for e-mail that you have stored locally
on your own computers -- your legal protections are currently higher
in such a case.
This reality divergence is intolerable, and is a main reason why
Google, Microsoft, AT&T, and an extraordinary range of other groups
recently joined forces as the "Digital Due Process" coalition
( http://www.digitaldueprocess.org ) -- calling for a rewrite of the
1986 Electronic Communications Privacy Act (ECPA), which created much
of this twisted situation in the first place.
Their goal is to change the law to require the highest possible
privacy standards for e-mail users regardless of where e-mail is
stored (and irrespective of whether or not is has been opened by the
recipient, for that matter). In particular, search warrants should be
required for any access to e-mail contents.
I wholeheartedly support this effort to update the ECPA and bring
common sense back to e-mail privacy. It is intolerable that cloud
computing services and their users should be hobbled by the existing
disparity affecting the privacy of e-mail.
In the meantime, keep in mind that the fellow knocking on the door of
your e-mail provider, demanding access to your e-mail contents,
probably isn't a prince holding a recently discovered glass slipper.
--Lauren--
Lauren Weinstein
lauren@vortex.com
Tel: +1 (818) 225-2800
http://www.pfir.org/lauren
Co-Founder, PFIR
- People For Internet Responsibility - http://www.pfir.org
Co-Founder, NNSquad
- Network Neutrality Squad - http://www.nnsquad.org
Founder, GCTIP - Global Coalition
for Transparent Internet Performance - http://www.gctip.org
Founder, PRIVACY Forum - http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Twitter: https://twitter.com/laurenweinstein