Government Has a Right to Read Your Email?

gone.fishing writes to tell us that a new lawsuit is challenging the government's right to read your e-mail. The Minneapolis Star-Tribune is reporting that a seller of "natural male enhancement" products sued after a fraud indictment based on evidence gleaned from his electronic mail. Federal prosecutors say they don't need a search warrant to read your e-mail messages if those messages happen to be stored in someone else's computer."

Re:Right to read

[Marxist Hacker 42]

The difference being that the US Mail has laws protecting it's privacy. FedEx, UPS, and your local mailserver simply don't. It's perfectly legal for them to snoop on a FedEx overnight envelope while it's stored at a FedEx warehouse or when it hits the central depository in Chicago.

So is any encrypted message.

[FatSean]

I do believe the government can jail you indefinately if you won't turn over the keys. Hopefully they can't declare you an Enemy Combatant who can be dissapeared forever...but I'm sure Lil'Bush and Company are trying their darndest!

Interesting thing

[gillbates]

So, if I understand this right: The executive branch believes it has a right to read our email, because we have no "Constitutional" expectation of privacy, but the White House can refuse to turn over emails to Congress, because, alas, email is private?

So, I guess the Constitution gets interpreted differently when the subject of an investigation is the President. Hmmm....

Re:So is any encrypted message.

[mark-t]

And what if you say you don't have the keys and you don't have any clue what the thing is about?

Seems that a really good way of getting someone you don't like incarcerated... send them some email (with a faked email return header, of course) that contains an encrypted message with no indication of how to decrypt it, but incriminating evidence within the email that its contents contain an illegal conspiracy.

Ultimately, if the person says they don't have the keys, the government would have to take them at their word or the above scenario would definitely occur.

Re:What part of

[TheUnknown]

I agree with your post but there's a small detail I want to correct. In your example, if you are a customer of Verizon, they might not be able to legally give your emails to the police without a warrant. That depends on the contract they have with you (most likely the TOS). But it is likely the TOS does not include such protections for you.

E-mail as court evidence

[westlake]

Even if your e-mail is stored on another individual's computer seized under a search warrant, the government cannot use this information as evidence.

From the U.K., but short and to the point:

Email content is treated in the same way as verbal and written expressions and statements and is admissible in a court of law. It is a common misconception that email messages carry less weight than letters on headed notepaper.

The problems are only likely to arise if your opponent disputes the authenticity of what you produce. The same applies to traditional letters - i.e. it is only when their authenticity is questioned that proof becomes a problem.

If the authenticity of an email produced in court is questioned, be prepared to provide evidence of the audit trail showing where the email originated and the route by which it was sent to your computer. The audit trail would show if there had been any opportunity for someone to interfere with the email as they are usually sent between several servers before they reach their destination.

Email have raised problems for the courts. In the past, evidence would invariably take the form of an original signed document and if that was not available then a copy of that signed document could be substituted. The signature would be the key to proving the authenticity of the document (of course, the argument can still be made that the signature is a fake). The difference with email is that there is no such thing as an 'original' since the print-out is the end result of a technological process. It is the audit trail showing that process which can be used to persuade the court of the print-out's authenticity if this is challenged by your opponent.

Forensic computing services can help if it becomes necessary to prove that a hard copy of an email produced in court is genuine.

Email as court evidence [out-law.com]

Re:Right to read

[balsy2001]

I think this is only if Fedex lets them. My guess is that Fedex etal will say you can't haveinformation on our clients without a warrant/subpoena. Otherwise why not just station a lay enforcement officer at all FEdex depot to search everything for potential criminal activity. On a kind of related note, several of my friends used to work at a UPS center during college and they said their instructions from the company in the event of accidental opening was to put it back in the box and ignore it even if it was weed or something.

Re:What part of

[vertinox]

In this case, your right to privacy has been violated and the evidence found cannot be used against you. However, this evidence can still be used against me. Why?

IANAL, but something about this tells me that a decent lawyer could find something to get this evidence dismissed against both parties due to improper police handling of evidence.

The better analogy would be that you rent out storage space at the local long term storage places and store your evidence there.

The police come and ask the storage space owner to search your space. Your a customer of his, but chances are the storage owner doesn't care enough about you to demand a warrant so it is a moot point whether they have it or not and grants them permission.

However, the key question is here does that rented space count as requiring a warrant since it is indirectly leased to you.

For some reason (someone correct me if I'm wrong about this) but as far as I know search warrants are still required for apartments for the residents even if the landlord agrees and gives the police a key to get in.

This is one of the reasons Landlords must give 24 hour notice before they enter the apartment etc.

The key question here if your email space on the server is considered "lease property" and technically owned by the persons paying for the space.

Re:Sure I am guilty...

[Mathonwy]

Are you kidding? The method by which the information was gathered is INCREDIBLY important to a case. It has to be. Some brief examples of why:

Judge: "Very compelling evidence here. How did you come by it?"
Sherrif: "Me and the boys made it up. It seemed like the sort of thing he would do."

Judge: "Very compelling evidence here. How did you come by it?"
Sherrif: "One of our men went undercover and pretended to be his friend. He wasn't originally planning on doing it, but after our guy kept encouraging him, he managed to convince him to consider it. Then we nabbed him!"

Judge: "Very compelling evidence here. How did you come by it?"
Sherrif: "We broke down his door, surprising him in the act."
Judge: "Very fortunate! How did you know it was him?"
Sherrif: "Oh, we didn't. We just went down the line and kicked in all the doors on all the houses on the street until we found someone doing something guilty."

Judge: "Very compelling evidence here. How did you come by it?"
Sherrif: "We just held his head underwater until he thought he was drowning. We did it enough times, and he confessed to everything. He didn't even read the confession we prepared for him! He was just that eager to sign. Must have had a guilty concience or something."
[optional ending]
Judge: "Very fortunate! How did you know it was him?"
Sherrif: "Oh, we didn't. We just started torturing people. Eventually they always confess to SOMETHING..."

So let's review. In example #1, it matters how they got the evidence, since it matters that it actually be, you know, EVIDENCE. #2 is what is called "entrapment", and is kind of a manufactured guilt. (i. e. they woudn't have been guilty of anything except that an undercover officer went and tried to convince them to do something illegal.) #3 is an example of where [possibly] justice was done to one person, at the expense of the justice of everyone else. (How would you like to have your door kicked in some day by police, who then say "ok, you're clean. Just checking!" Would the knowledge that they MIGHT catch someone that way be enough to offset your outrage at having your privacy invaded and your posessions broken?) And finally, #4 kind of speaks for itself. (I hope.)

So yeah. The reason that there is a mindset that "how the evidence is gained matters as much as the guilt" is because it kinda does. Or how about this: Think of it from a logic perspective - Your proofs are only as strong as the axioms they are based on. Legal judgements only have as much justice as the evidence they are based on. So before handing out judgements, it's INCREDIBLY IMPORTANT to make sure that the evidence is all on the up-and-up. You are probably thinking of cases where "well, everyone knew he did it, who cares how they proved it? If he walks, it's on a technicality", but YOU CAN'T CONVICT SOMEONE BASED ON "everyone knows they did it." And you SHOULDN'T be able to. (That way leads to mob-rule.)

Spammer

[pluther]

Smart of them to go try this out against a spamming fraudster (or is that fraudulent spammer)?

Certainly there is easily enough evidence out there to obtain a search warrant.

And it's not like search warrants are difficult to obtain.

The only reason I can think of not to bother in this case would be because someone wanted to set a precedent. And who better to set one against than someone hated by everyone?

Re:Interesting thing

[meta-monkey]

No, that's not what this is about.

The crux of the matter is that the owner of the machine on which the email resides is the focus of any attempt to read said email. So if your ISP has your email on their server, the feds can ask them if they'll hand over the email, without ever having to ask you. The ISP can either say, "Sure, here it is!" again without having to ask you, or they can say "No, we keep our customer's email private." At that point, the feds can get a warrant to search the ISP's computers, again without having to ask you.

In the case of the White House, I imagine they have their own, highly secure email servers, on which the President's email is stored. It is not stored by another outside ISP. Therefore the only way for Congress to get the President's email is to ask the White House, or subpeona it.

Not that that would matter, anyway. See Executive Privilege [wikipedia.org].

Sorry, I know a "Bush is evil" post is an easy +5 on /., but you're barking up the wrong tree on this one.

Re:In Soviet Russia... OT

[Oriumpor]

Looking around it may not seem that bad, but since I've grown up with the following expectations I'll just repeat them:

1. While enrolled in education, everything I do or say on a campus is subject to "restricted" rights
2. An animal can determine whether or not there's a 4th amendment allowance to search me
3. I can be told to take medication or be placed on the dole (if 'diagnosed' with a 'mental condition')
4. My phones are probably tapped at some point in a domestic communication, and are definitely tapped at least once on the way out of the country (have been since the 70-80's see:echelon)
5. My internet communication is probably tapped domestically (if I gotta go through Mae west etc or any SF pop there's a good chance) and internationally at least once there's a sniffer present.
6. My electricity bill is public information (used as a 4th amendment allowance to search homes)
7. The expectation of anonymity of a person is no longer allowed (you MUST provide your identity if the secret^H^H^H^H^H^H police ask for it.)

Need I continue? I'm sure I could, but it just gets depressing after that point... did I say depressing? I mean It's great that this is happening! Why wouldn't I want the world to be a "safer" place?

anonymous networks...

[mangledspine]

In cases like these, you might want to give AnoNet [brinkster.net] a try.

Doesn't even apply here!

[RvLeshrac]

You've all (or at least the vast majority of you) failed to notice that this case does not even invoke this act.

If you send me a letter describing in great detail how you intend to blow up with on , that letter then becomes my property. I can pass it along to law enforcement agencies as I see fit, etc.

If you send me spam, I can then pass that spam along to law enforcement agencies as I see fit. If you give me a 3 lb brick of black-tar heroin, I can do the same.

This act affects electronic messages which are stored by a recipient and then siezed, not messages which are voluntarily submitted to law enforcement. There is very little you can do if someone else legally obtains evidence against you and then hands it over to someone else, save for a lawsuit against the individual in question.

That said, the defendant in this case (The US Government) will be defending this act to the end, regardless of whether or not the act violates personal liberties - it DOES appear to, but again, this act has absolutely no bearing here.

Yet Another Reason...

[eno2001]

...why I say; run your own mail server. I do it. I've done it since 2001. I've had too many instances of incompetence at ISPs and large mail service providers losing my mail and not restoring it. Sure, they can read it on the way in or out, but then it's a different beast than actually getting onto my system without a warrant. Plus I have the added benefit of having a private mail system that is not accessible to anyone on the net as it's on a darknet used by friends and family. Simple solutions really. Until someone decides to make them "illegal".

Re:Sure I am guilty...

[amliebsch]

Hmmm...you're really dodging the OP's point though. HOW the evidence is obtained often goes directly to the question of credibility of the evidence. But we already have a method for challenging questionable evidence, and that is with testimony at trial. And I don't think anybody would dispute that improper evidence gathering should be admissible at a trial to undermine the credibility of the evidence thereby collected. But the question you are dodging is about evidence that is totally credible, but cannot be used because it was improperly collected. If the evidence gatherers make mistakes or commit wrongdoing, it is sensible to punish the evidence gatherers. But only in the United States does the law reward the criminal for the mistakes or wrongdoing of others. Clearly, the rationale is that rewarding the criminal punishes the evidence gatherers to the extent that the evidence gatherers really want the criminal to be convicted - but why is this the only legitimate remedy? Is there really nothing else that can deter evidence gatherer? You don't provide a good answer.

I don't quite get YOUR point...

[WebCowboy]

They're arguing that since you don't own the computer the message is stored on, you have no right to privacy. That makes no sense,

If you confess to a murder on the back of a postcard and email it to your brother, and your brother goes to the police with said postcard, or even if the mailman sees it and goes to the police before you brother even reads it, there is nothing stopping the police from charging you with murder. If the police find YOUR bloody gloves in your neighbours' yard the evidence is admissable if the neighbours willingly allowed the search or the police had a warrant to search their premesis.

Don't know where to start with this one. First, when we talk about "public domain," we're talking copyrightable works. The internet isn't copyrightable. Second, the government doesn't own the individual links in the internet backbone.

How about starting here: Search warrants are based upon the location not on the owner or originator of the evidence, so whatever copyright or ownership issues you have really do not matter. If you leave a used condom in a public park after having relations with a prostitute that later turns up dead, should that evidence be inadmissible or require some special warrant before it is examined? Is it an unjustifiable "invasion of privacy" because they can find out about your sex life? OF COURSE NOT! If you are having sex with a prostitute in a public place and don't umm...clean up after yourself, or if you confess on the back of a postcard and send it outside your private domain you cannot expect to be afforded protection of privacy.

Hell, chances are your every move is being recorded as you do your Christmas shopping, and pretty much everywhere you walk on the streets of London in public view...and you expect that sending an UNENCRYPTED transmission through a PUBLIC network to an OUTSIDE computer--without the permission of the recipient I might add--should be protected under some sort of right to privacy? What makes email so much more special than a message on a postcard, or walking down the street with a bullhorn, or skywriting, or beating the sh!t out of Rodney King on a public street whilst being videotaped by a concerned observer behind a bush?

I'm having a hard time seeing why an unsecured communication between two people should be protected when it's a phone conversation taking place over, say, Verizon-owned fiber, but not if it's an email saved on a Verizon-owned hard drive.

You're having a hard time because they AREN'T THE SAME THING. If law enforcement monitored a telephone conversation--or an instant message conversation, or perhaps the packets of data in and out of your PC, in real time, unbeknownst to EITHER party involved in the exchange, then yes, that would be wiretapping and it would require a warrant. If you are a stalker and leave a dirty phone message on some lady's answering machine, and the lady freaks out and brings in the message to the police, then there is no need for a warrant. I think that when some dork mass mails me some penis enlargement advertisement that it is the same as the stalker leaving dirty messages on an answering machine--the only difference is the media.

Old News to Steve Jackson

[acroyear]

In the infamous Secret Service seizure [sjgames.com] of Steve Jackson Games' Illuminati Online BBS system in 1990 (case resolved in 1993), the court found that the government reading unread emails on a machine by seizure of the machine was not "wire-tapping", in spite of arguments by the EFF that the end result is the same - the government sees your communication before you do.

For all of the alledged "protections" congress has given electronic communication, they've all been mere extensions of protection for variations of wire-tapping. If the government can actually get the physical hardware in their hands, anything goes. There is no sense of protected files or folders on a disk drive.

Story description is misleading

[indil]

The issue here isn't whether the government can read your email on another computer; it already can by using warrants. The issue is whether the government -- or anyone -- can read your email by a court order, which is easier to obtain than a warrant. The government is arguing that a court order or subpoena requirement is sufficient to protect the privacy of the public.

From the article:

During the investigation, agents obtained court orders allowing them to collect thousands of Warshak's e-mails from Yahoo and another e-mail provider. A court order requires a lesser burden of proof than a search warrant.

Warshak sued in federal court, claiming that the search of his e-mail violated the Fourth Amendment of the Constitution, which protects citizens against unreasonable searches and seizures. ...

In July, a U.S. district judge agreed, ruling that e-mails stored on the server of a commercial Internet service provider can't be read without a search warrant. ...

The government appealed the decision to the U.S. Court of Appeals for the Sixth Circuit, which has yet to rule on the case. E-mail users are protected from overzealous investigators, the government argues, because a search of stored e-mail still requires a subpoena from a prosecutor or a court order from a judge.

What this comes down to is the difference between a court order and a warrant and which one best fits the nature of electronic messages and the method by which they're delivered.

There is no privacy contract, social or otherwise, between the sender of an email and the computers that forward it to its recipient. Each forwarder may belong to different enterprises, each with its own usage and security policies, which may or may not include archiving your email for future scrutiny. If your email is forwarded by a computer that helps the government or publishes your email then you're hosed. Otherwise, I would argue that your email, stored on a physical medium on private property, should require a search warrant, much like retrieving a written letter from your office or home would.