Appeals Circuit Ruling: ISPs Can Read E-Mail

leviramsey writes "The US Court of Appeals for the First Circuit (covering Massachusetts, Maine, New Hampshire, and Rhode Island) has ruled that e-mail providers are not violating the law by reading users' e-mail without the user's consent. The decision finds that the Wiretap Act does not cover interception of communications where the communications are being stored, not transmitted. Perhaps OSDN should send the defendant, accused in 2001 of reading users emails in order to find out what they were interested in purchasing from Amazon, a T-shirt from ThinkGeek?"

Two words

[VinceWuzHere]

Two words: HOLY SHIT!

More words: This most certainly has to be overturned on a privacy bill of some sort. Imagine the widespread mail-reading that is now determined -at least in the mentioned juridstictions- to be legal. I wonder what ever happened to the privacy laws and how they match up to this new ruling (the ones that say a conversation is deemed to be confidential and cannot be disclosed outside of the circle in which it originated?)

I completely agree with "And he acknowledged that "the line that we draw in this case will have far-reaching effects on personal privacy and security."

Isn't it about time...

[Nea Ciupala]

... to start using strong crypto for our email? The technology has been available for free for years now, so what's stoping us? Why this inertia?

We don't need any analogies.

[h4rm0ny]

We don't need to say that this is like opening postal mail, or that RAM holding the email temporarily is like a modem caching the data. We don't need to compare this to anything to explain it.

It is plainly and utterly stupid and wrong.

Enough said.

good thing...

[chachob]

google isn't an ISP :D

Implications for google?

[Richard_at_work]

If ISPs are not breaking any laws reading users stored email without consent, then why was there a huge fuss about Google using a parsing engine to do the same?! I would have thought that a parsing engine was more in line with privacy than someone reading your mail!!

I feel a tremendous schizm forming within the ranks of the American Legislature over this, with one side determined to force restrictions upon 'publicised' companies in an effort to make names for themselves, while the other side making rulings like this that will bearly make the main press. Something tells me not everyone is singing off the same hymnsheet.

Something died a little today. That something was common sense.

isn't this irrelevant?

[happyfrogcow]

Email is plain text. clear text. not encrypted. Now if this covered IPS right to read their users mail if it were encrypted, then that would be something else.

It's clear text though, what do you expect?

encrypt it [gnupg.org]

Encryption

[funk_phenomenon]

I think it may be a good time for people to start looking into ecryption [gnupg.org].

GnuPG :-)

[Anonymous Coward]

http://gnupg.org

Most email clients support it nowadays (thunderbird and Mail.app both have free extensions) and the only reason not to use it is the initial cost of collecting keys for everyone you want to talk to. Well, think again!

So the loophole is...

[Amiga Lover]

The decision finds that the Wiretap Act does not cover interception of communications where the communications are being stored, not transmitted

So now the loophole is telecomms carriers can store messages, and by storing messages they're allowed to listen to them.

Of course, it's no use just to listen to a message to get info on what a subject is up to, it has to be stored for later use, so simply the fact of listening in to a phone conversation and recording it for later use makes it legal to listen to and store for later use.

bah

It'll never stand

[Noose For A Neck]

Hopefully, if the Supreme Court doesn't overturn this decision, then at least people will get outraged enough that they will write to their lawmakers to quickly remedy this problem. It's not just Slashbots that worry about privacy in email, this is a clear enough danger that I'm sure the non-IT public would be shocked if they heard about what was going on.

And to those who think encrypting your email is the answer - it's not. The email sent to you can still be read, and many sites like Amazon, which is mentioned in the article, send automated emails to whatever address you provide them, making your communications easy pickings for unscrupulous ISPs.

Of course, on the other hand, I'm sure some people here won't be surprised, and will in fact welcome such intrusion into their email, as evidenced by the enthusiasm here and elsewhere in geek circles for Google's Gmail service, which at least as intrusive and does the exact same thing with a user's emails (i.e. reads them for the purposes of marketing other products they think the user would be interested in). I'm still not sure what causes this cognitive disconnect in the technical community, but it is both puzzling and worrisome.

cd /var/mail

[DrSkwid]

grep -i -n -A 3 username * > password_list

thanks for that

Let's make lemonade form these lemons

[orthogonal]

The US Court of Appeals for the First Circuit (covering Massachusetts, Maine, New Hampshire, and Rhode Island) has ruled that e-mail providers are not violating the law by reading users' e-mail without the user's consent.

In a way, I suppose, this ruling is a good thing, because it underscores the need for a comprehensive privacy and data retention law.

What's needed is something along the lines of The European Union's privacy law: that is, something that is explicitly mandated, rather then the "penumbras" of privacy that some judges can, and some judges won't, see lurking between the lines of the Ninth Amendment.

We can hope that this defeat in the courts can be -- with our hard work -- turned into a victory in the U.S. Congress.

Re:isn't this irrelevant?

[happyfrogcow]

let me append this with the statement, don't put the government in a position to legislate something when we have the ability fix the problem ourselves.

Because email encryption has FAILED

[Noose For A Neck]

The technologies for encrypting email that have been offered up, most notably PGP, require too much learning and intervention on the part of the user while offering far too few tangible benefits ("Why encrypt my email? I have nothing to hide!") to make it worth the effort.

I'm speaking here about an average user, rather than the tech-saavy crowd that populates Slashdot.

Re:Eh?

[bladernr]

It has been ruled that ISPs are simply a carrier, but they can read the email?

Wow, that got me thinking. ISPs are not held liable for piracy, hacking, etc, because they are a "common carrier." Common carriers have no knowledge of the traffic they carry, they are simply moving things from point A to point B. That limits their liability.

Now, though, the court (in those jurisdictions) has ruled it is legal for ISPs to, at the least, read e-mail. Since it is ruled legal, and they are able, does that confer some responsibility to them?

Thinking this through to conslusion, what are the odds that the ISP defending itself in reading the e-mail, has in fact increased its liability in all things its customer's do and have done to them?

Re:Isn't it about time...

[cutecub]

Why the inertia?

Confusion
Complexity
Laziness
Cluelessness


For me its always been a tossup between complexity and laziness. None of my friends would know what to do with a GPG public key if it hit them in the head, nor would most of them bother learning how to use it. You got it right with "Inertia". Overcomming this is like pushing a black-hole up-hill.

-Sean

Lets be rational here...

[dan_sdot]

Lets try to be a little rational here. I know that everyone is going to scream in the typical slashdot style about "invasion of privacy!!!!!", but lets really look at the problem.

The first thing is to understand what the Judicial Branch's job is. It is to interpret the meaning of existing laws! And looking at the law, it seems that they did a pretty good job of this.

So does this mean that I want my ISP's reading my email? Of course not!

The problem is that the legislative branch is not creating laws that keep up to speed with the ethical problems presented by technology. Lets not get on the Judges' cases for the ISPs reading our email, get on the LEGISLATORS.

In fact, I want to congratulate the judges in this case for making the ruling. Even though it is obvious that it is absurd that the ISPs are reading people's email, the judge did not overstep his authority by trying to create laws, rather than interpret them. This is one of the largest tyrannies that happens in US Politics, judges effectively creating legislation.

So here is a call to all legislators: GET ON THE BALL! New technology has created many new ethical dillemas, and we need the legislators to start dealing with them.

Re:Because email encryption has FAILED

[garcia]

I'm speaking here about an average user, rather than the tech-saavy crowd that populates Slashdot.

And the people that need to be encrypting their emails wouldn't be leaving them out in the open before this ruling anyway.

Those that were concerned about privacy would have encrypted them or used their own service to deliver messages. I am *sure* ISPs are going to just love grepping through emails to look for whatever it is they are looking for.

I seriously hope that ISPs have something better to do than that.

[tinfoilhat]
If anything, this was funded by the RIAA/MPAA/US Government to find out the subversive terrorists at the expense of those people that don't send important shit in email anyway.
[/tinfoilhat]

Re:Two words

[aardvarkjoe]

More words: This most certainly has to be overturned on a privacy bill of some sort.

Why? It seems much smarter to start encrypting your email than to simply trust a private company to not watch what is done with their equipment.

slippery slope argument

[KillerCow]

The decision finds that the Wiretap Act does not cover interception of communications where the communications are being stored, not transmitted.

That's nice. So now they can use this precedent to listen to your voicemails.

And if we move to VoIP on the telecom's backbone, then they can listen to your conversations... since it is being stored in the router's buffers alone the way.

Re:Two words

[0racle]

You mean that you can say with a straight face that you thought E-Mail was a private medium to begin with? Its sent plain text, through who knows how many intermediaries, then stored on a system you don't have control over. At any one of those points it could be read, even accidentally.

Re:isn't this irrelevant?

[Buzz_Litebeer]

If it is on a postcard they can.

Which is what Email is. Like a electronic post card.

Now if you use a caesar cypher on your postcard messages, then you can claim you meant to keep it secret

privacy?

[rhaig]

so is there anyone out there who actually thinks your email to me is actually private and won't be read by an admin of a server that queues it for delivery somewhere along the way??

it's email. there should not be any real expectation of privacy. deal with it.

Re:Eh?

[eaolson]

Wow, that got me thinking. ISPs are not held liable for piracy, hacking, etc, because they are a "common carrier." Common carriers have no knowledge of the traffic they carry, they are simply moving things from point A to point B. That limits their liability.

There's a minor problem with your argument. ISP's are not common carriers

http://www.cctec.com/maillists/nanog/historical/00 10/msg00012.html [cctec.com]

Re:Implications for google?

[jgs]

why was there a huge fuss about Google using a parsing engine to do the same?!

AFAIK this is the first case law on the subject, and up until now everyone assumed the courts would rule the other way. In other words, up until today most people assumed that it was a violation of the law for ISPs to read email.

Now that the First Circuit has ruled otherwise, it'll be interesting to see what happens.

Of course, if the ISP's terms of service indicate they won't read your email, you've still got civil law on your side, anyway. For what that's worth.

Re:Isn't it about time...

[chill]

He was reading mail sent by Amazon. You expect Amazon to start using PGP for every e-mail query?

No mention is made if he was reading other mail. I use GnuPG w/KMail regularly and I can't think of why I'd encrypt a book request to Amazon.

I only use signatures and encryption on stuff that I think should have it.

-Charles

Re:Two words

[Honest Man]

Holy Shit is right!

I'll tell you what though - If we start having people at isp's reading email from the First Circuit's personal email accounts and using any information they receive thats interesting and forward 'tips' to the LA Times and Seattle Times reporters and see how long this kinda garbage legal action continues.

I cant believe we have people this stupid working in our legal system...

Re:Two words

[NigritudeUltramarine]

Two words: HOLY SHIT!

One word: Postcard.

More words: ... Imagine the widespread mail-reading that is now determined -at least in the mentioned juridstictions- to be legal.

More words: If you don't want people reading your mail, you use an envelope. If you don't want people reading your email, you use encryption. Simple as that. It's always been that way, from the days of ARPANET. Nothing's changed.

Re:Two words

[liquidsin]

You mean that you can say with a straight face that you thought snail mail was a private medium to begin with? Its sent plain text, through who knows how many intermediaries, then stored in a building you don't have control over. At any one of those points it could be read, even accidentally.

Re:Two words

[flibuste]

There is still a huge difference between what you are ABLE to do and what your are ALLOWED to do.
My company's database probably contains your credit card information - I am ABLE to access them - do you think I should be ALLOWED to use it?
Let's face it - this court judgement is either a result of plain ignorance, or a lack of laws AND judgement.
Again a nice example of freedom - brought to you by Big Corporation America. Thank whoever, I am not living there.
Let freedom reign GW - June 2004

Re:Isn't it about time...

[Tet]

I can't think of why I'd encrypt a book request to Amazon.

So that when you do need to encrypt something, it doesn't stand out like a sore thumb, but rather it looks just like every other message you send.

Re:Isn't it about time...

[cloudmaster]

A stored message is not readable until the user has received it and elected to leave it on the server. Until the user has seen it, it's considered to be "still in transmission".

While it can still be read, there are more restrictions on when that's legal if it's in transmission rather than in storage. /glad that the supreme court finally holds up the claims I've been making in flame wars with people who don't read the law ;)

Re:Two words

[AJWM]

Not quite. Most snail mail has an envelope, and it's a violation of federal laws to open that envelope unless you are or are authorized by the addressee (or warrant, etc).

Postcards, however, are another matter. Unencrypted email is like postcards.

Re:It'll never stand

[drgreg911]

I can't speak for everyone else, but I think Gmail's intrusion is more benign because I was informed about it up front and it is something I have to accept with a free service. An ISP providing a paid service that I entered into with at least slightly more of an expectation of privacy....that's a different story.

Re:isn't this irrelevant?

[arkanes]

It's about expectation of privacy. People expect privacy in regular mail (because you have to open the envelope), but not in postcards (because it's right there for the world to see). The problem with email is that while technically, it's barely more secure than a postcard (a little bit. It's very hard to accidentally read email in-transit, almost unavoidable with a postcard), it doesn't APPEAR that way to the end user.

Personally, I would have ruled the other way. Technical details notwithstanding, you DO have to proactively attempt to read other peoples email (misdelivered/misaddressed email is a different issue). The guy in the case certainly wasn't glancing at a post card on his way to deliver it - he was actively seeking out and reading these emails.

Re:Two words

[matth]

Sure.. if it's a postcard they can read it.

Postcard == regular e-mail
Sealed letter == encrypted e-mail.

Re:This is insane

[alienw]

which most of us have regarded as fairly secure

True, if by "most of us" you mean "those of us who happen to be morons." Guess why nobody sends credit card numbers over e-mail?

Your employer may now read all your email

Most already do.

Free email providers like Yahoo, Microsoft, and Google now are free to do anything they want with all the mail

It's a free service. They should be able to do whatever the hell they feel like. Read the usage agreement.

they can obtain web browsing data without warrant.

If you think an ISP wouldn't cooperate with the FBI without a warrant, then you are a moron. If you happen to piss off the FBI, they can (after obtaining the warrant) seize all your computers and network equipment for analysis. This will pretty much mean the ISP won't exist anymore -- they generally take a few months to a few years to return the stuff.

Re:Two words

[iammaxus]

Why? It seems much smarter to start encrypting your email than to simply trust a private company to not watch what is done with their equipment. That's ridiculous! Why don't you start filling out forms to sign up for auto insurance in garbled alpha-numeric characters and just tell them to get a verisign key? If you can't rely on a private company keeping your information safe, you are screwed. Just like an insurance company wouldn't dare give the kind of info you put on those forms to anyone else because of legal repercussions, an ISP wouldn't dare read your email if the proper laws were in place. Insightful my ass.

Re:We don't need any analogies.

[drtomaso]

Sorry for not including citations of cases, but I believe the courts have held that email users have no expectation of privacy when sending mail over others systems (I think most pertained to University systems, but dont quote me). In fact, this makes sense- SMTP is inherently insecure, from a privacy perspective. If you want to compare it to snail mail, imagine mailing private letters with no envelope. Anyone between point A and B can read it. You cant complain if you later learn the postman read it when he was bored.

That said, you must take the case in context- all that was ruled here was that a (technologically speaking) ancient wire tapping law didnt apply to this specific case of email, because the message was stored in RAM, not actually in transport. If the company had been snooping on packets coming from *your* mail server, I suspect the result might have been different. Further, no other law was tested here- the case was solely over this wiretap law.

In a perfect world, no one would do this, and we'd all be sending encrypted mails anyway. What should be required is a privacy policy clearly stating the administrator's policy on email reading (ala Gmail), so that the educated consumer may choose the provider most suitable for his/her needs. If a company wants to read your mail in exchange for a free gig of mail space, I whole heartedly believe that to be within their rights, providing they are upfront about it. That this provider gave no warning of it was a non-issue as far as the case was concerned- only the wire tap law was ever used.

Given the context of the case in regards to the wire tap laws, and the history of expectation of privacy in email, this ruling shouldnt suprise anyone. What we should be doing is pushing for European-style privacy acts and some sort of required disclosure for service providers pertaining to email snooping.

I also dont see this as a danger to the common carrier status of ISP's-if indeed they ever had this status with regard to email. This ruling is very specific, and does not mandate that ISPs *must* read their users mail, only that if they do, they arent in violation of a specific wire-tap law. I believe what we have here is a judge who just refused to legislate from the bench.

Re:Two words

[Anonymous Coward]

Why? It seems much smarter to start encrypting your email than to simply trust a private company to not watch what is done with their equipment.

I agree. I'm a UNIX admin and I've been in charge of several mail systems throught my years and I've read users' mail on all of them uninvited. Why? I'm just fscking currious. I stopped after everyone started getting only spam and virii though.

Those who have power will use it. If you encrypt your e-mail you've just taken that power away from them and given it back to yourself.

Re:Two words

[gumpish]

From the point of view of a systems admin, I'll be honest. I look at users' email from time to time. ...

I dont see the big fuss here.

Then why post anonymously?

Re:Two words

[Le Marteau]

Why? I'm just fscking currious. I stopped after everyone started getting only spam and virii though.

What an anal opening.

It has been my observation that those who are most interested in others lives generally have none of their own.

Those who have power will use it.

No, not all will, as you imply. Only those without any sense of decency, which is perhaps most sysadmins, but not all. Any admin who aspires to being a good man would not invade other's privacy because they're 'just fscking currious'.

Re:Two words

[joranbelar]

But the issue here is not comparable - the guy in question wasn't reading the emails while they were "in transit" a la a postal worker glancing at a postcard coming through. A more accurate analogy is saying the guy went up to every user's physical mail box, opened it, rifled through the contents (whether they were postcards or not) and used the data he gained for his own purposes.

Whether the email is encrypted or cleartext, the bottom line is that you have to go to a lot more trouble to read someone's email than to read someone's postcards. And since email is sorted, routed, and delivered without human intervention, there *IS* a valid expectation of privacy.

Re:Two words

[liquidsin]

But it's not like you often "accidentally" read email. It's understandable that you'd have no expectation of privacy with a postcard, since everyone who handles it could conceivable read it. Email doesn't need to be "handled" by anyone - the software can do it all. Going out of your way to read plain text email is like going out of your way to steam open envelopes (except that, apparently, the former is perfectly legal while the latter would land you in jail).

All digital communications is "stored"

[ThinkTiM]

At all points in a digital communication the packets composing the message are stored in the memory of the devices involved in transmission (albeit for a short period of time). So does this mean that the wiretap law does not apply to any form of digital communication other than point-to-point where the end-points are owned by the communicating parties? It's fun when non-technical people create laws about technology....

Re:Two words

[MrLint]

I have to agree, but on more general grounds, I am still somewhat bewildered why nearly all internet traffic isn't encrypted by default in 2004? I mean only 'relatively' recently, has telnet been given the boot as default text connections to ssh. Its a mind shift that took a while to tip the balance. Why is everything else taking so long?

Of course even in my earliest days on the internet i has always assumed that it was a given that the administrator can read any file on the system.

Re:HIPAA

[Anonymous Coward]

I tell you, if a company discloses any personal info of mine even with a subpeona involved, they can expect one heck of a long and vicious lawsuit.

Why would you do that? They're doing what they have to do, if a subpeona is involved. They cannot legally turn down the request.

I mean, I can see why if no subpeona was issued, they shouldn't be giving out jack shit, but when there's one, there's nothing they can do. If you bring a lawsuit against them, you will lose, and because of the frivolousness of your suit, you will be paying their legal fees.

Thats why

[Soothh]

anyone with some sence has their own domain name (even dyndns would work here, static ip's ya know)
and their mail delivered to a box THEY own, in THEIR house, and encrypted whenever possible.

Re:Two words

[aardvarkjoe]

Because despite all the screaming on Slashdot, most people really don't care that much. I don't encrypt my e-mail because it makes no difference to me if someone reads it or not. (My comment was simply that if I did care, I'd take responsibility for it myself rather than asking the government to [ineffectively] protect me from the big bad ISP.)

Like you said, it took forever for ssh to replace telnet, and that's a problem which system administrators thought was pressing. Nobody considers email, web surfing, IM, or whatnot to really be all that important, and so nobody's going to go to the trouble to secure it.

Re:This is insane

[Rorschach1]

Worse than that, where do you draw the line for 'storage'? IP uses packets. Between receiving a packet on one interface and sending it out another, a router STORES packets. Does it have to be non-volatile storage? Does that mean a mail server with a ramdisk spool isn't subject to this ruling? How long does a piece of information need to sit in one place during transit to be 'stored'?

Looks like you're out of luck unless you've got a switched circuit all the way through to your destination.

Let's hear it for analog...

Re:Two words

[New_Syntax]

"I cant believe we have people this stupid working in our legal system..." Where have you been? Dont you remember the debacle four years ago when the supreme court selected our president? This is just a sample of the idiotic things that happen through our legal system.

Re:Two words

[samantha]

This is moronic. I am paying for email service. I am not paying for them to read my email for whatever reason or no reason whenever they wish. That it is their machine hasn't anything at all to do with it. They are providing a service that I pay for. They have already received compensation for use of their resources as per the contract. They have no justification for also mining the email they contracted to service. And no, it is very much NOT like renting a house. Please don't use worthless analogies. You may hurt yourself.

I just know I'll get flamed for this one... but...

[Reteo Varala]

I actually agree with the ruling, for several reasons.

1: This will bring more attention to privacy tools like any OpenPGP-compatible program, such as the GNU Privacy Guard, than any law preventing law-abiding citizens from thumbing through your emails.

2: The ISP is providing a service using their own equipment. While laws might help, remember that it IS their OWN damn equipment, and if they choose to, there's little you can do if you're not aware of it.

3: The ISP is not the only point in which any mail can be read. Any number of mail backbones can also store a message for perusing later. This is especially true in the case of those undeliverables that are logged for later review. To focus the blame on an ISP is a fallacy.

Personally, I think that people should have little fire lit under them to get themselves protected. I will admit that it's a bit of a bother now, but as soon as vendors see the market value of such systems, how long until it's easy enough for aunt Maude?

Re:Two words

[drsmithy]

I dont see the big fuss here. From the point of view of a systems admin, I'll be honest. I look at users' email from time to time. Its not that I care, nor do i get some kind of voyeristic pleasure out of it. Its part of the debugging process at times. 99% of mail I've seen is completely uninteresting anyway.

The big fuss is what happens when you see something that *isn't* completely uninteresting and, in particular, act upon it. This is even more important when talking about customer - as opposed to employee - communications.

Better to just avoid temptation altogether, rather than have to make the difficult decisions of what to do should it someday strike. What mail problems are you debugging that requiring reading the *content* of *other people's mail* ?

Courts aren't supposed to write laws

[Anonymous Coward]

Keep in mind that it is the job of the court to interpret the laws that already exist, not to "legislate from the bench" (which, unfortunately, happens all too often). As outrageous as it is for an ISP to be able to read email, don't bash the court -- bash the legislators for not fixing the law.

I know him - he's not a bad guy

[pestie]

I actually know the defendant in this case, Brad Councilman, personally (although it's been quite a few years since I've had any significant contact with him.) He's a good guy and he pretty much had his life torn apart for several years by overzealous prosecutors looking to make a name for themselves by looking tough on "computer crime." What he did wasn't necessarily right, but he certainly didn't deserve to be treated as a criminal for it. I'm not going to get into a debate with anyone about this right now - I doubt I'm going to change anyone's minds, but think about this: if this guy had the words "accused hacker" before his name in these headlines, how many of you would be rallying to his defense instead of looking to crucify him? If his name were Kevin Mitnick, how many of you would be complaining about how this country is turning into a police state instead of acting like some sysadmin reading your e-mail is a human-rights violation on a par with the Rodney King beating?

Re:Two words

[Le Marteau]

There was one other thing I meant to put in my original reply, but did not.

Check this guy out. Study him, and those like him. You will find a similar trait, which I have observed most often in liars. Chronic liars think that everyone else lies like they do. That is key to understanding them. Likewise, this guy. He blithly goes on about how he reads other people's mail, as if it was a 'well, duh' situation, and as if ANYONE would do the same thing.

This shithead is like the liars I've observed. He thinks that HIS 'natural tendency' to invade another's privacy is the way EVERYONE thinks. Well, his mode of thought is certainly common, but it is NOT the way everyone thinks. He thinks otherwise, which is one of the reasons guys like this are so pathetic. I've been a sysadmin. The thought HAS crossed my mind; hey, I could read anyone's email. But I CONCIOUSLY decided not to. This is what makes HUMANS different from ANIMALS. Animals do what comes natural to them, like the shithead parent. Human beings, true human beings (in the Dune sense here) actually have control of themselves and can aspire towards nobility instead of wallowing in animalistic voyeurism.

Thank you for listening. I needed to get that off my chest. I'm just sick and tired of dickheads like the parent being the standard by which humanity is judged.

Re:Two words

[Anonymous Coward]

"Then why post anonymously?"

For most I think it's a privacy thing. Not sure I trust this OSDN cartel.

But the original poster shouldn't be a sysadmin. It requires more than tech knowledge, there's an ethical dimension as well which he or she clearly has no grasp of. And that's true regardless of what the courts say. Even troubleshooting email at most I'll judiciously grep headers if necessary, it's extremely rare to need to look at the body of a client's email.