Fourth Amendment Protects Hosted E-mail 236
Okian Warrior writes "As reported on the EFF website, today the US Court of Appeals for the Sixth Circuit ruled that the contents of the messages in an email inbox hosted on a provider's servers are protected by the Fourth Amendment, even though the messages are accessible to an email provider. As the court puts it, 'The government may not compel a commercial ISP to turn over the contents of a subscriber's emails without first obtaining a warrant based on probable cause.'"
Re:ISPs only (Score:3, Informative)
This would apply to hosted services, free or paid, as well, such as Gmail or Yahoo.
Best Nonprofit in the US (Score:4, Informative)
Yet another data point proving that the EFF is one of the best nonprofit organizations in the US for a geek to bestow a gift upon.
If you're the kind of donor who's inclined to reward success rather than fund battles, now's a great time...
Oh, wait... See sig.
Re:Still best to host your own mail. (Score:5, Informative)
Because reputation based systems (i.e., anyone hosting more than 1,000 mail accounts, and some smaller systems) are going to see that you don't own that IP, and don't own the reverse lookup on that IP. So they will score you badly.
On top of that it's virtually guaranteed that your ISP explicitly forbids running services on your home Internet connection, and probably even mentions email as a service you're not allowed to run. Most large ISPs also block all TCP/25 traffic going through their networks that is not aimed at their own email servers (which is why TCP/587 is so popular for SMTP submission with third party email providers), and you HAVE to use that port for server to server email traffic.
Those are just some reasons.
Note only "the contents" (Score:5, Informative)
Thats the very old trick that is used. A massive passive database of who is connected to who.
One person gets a real court sneak and peek letter, anyone one connected gets their email lists sorted
- who they are connecting to and so on. So if they dont read they can collect all connecting details they want.
A bit like the NYPD collecting IMEI numbers via an offer to remove a cell phone battery to prevent leakage.
NYPD tracking cell phone owners [nydailynews.com].
Its the number/ip/logs/connections thats interesting long term, the contents can wait.
Re:ISPs only (Score:5, Informative)
http://mail.google.com/mail/help/legal_notices.html [google.com]
Re:Still best to host your own mail. (Score:4, Informative)
If you have the extra money, I think it's worth it to ride right past $BIG_CONSUMER_ISP and go with something like Covad. They don't care what services you run, or if you max your connection all day and night. An ISP like this will enable you to run your own mail providing you:
- Also run your own DNS
- Have the ISP delegate/host reverse DNS
- Have at least one static IP
In my opinion it's worth it for the extra control, but you also have to be willing to handle data and battery backup to make things reliable.