• United States



Huge EFF Win: Stored Email IS Protected by the Fourth Amendment!

Dec 14, 20104 mins
Data and Information SecurityMicrosoftSecurity

The U.S. Appeals Court ruled that stored email is protected by the Fourth Amendment. This federal decision will hopefully urge Congress to update the law so when the feds secretly demand a user's email, but do not have probable cause, an email provider can safely say, "Oh yeah? Come back with a warrant."

In a tremendous landmark decision, the U.S. Appeals Court ruled that stored email is protected by the Fourth Amendment. The Sixth Circuit Court of Appeals found that email users have the same reasonable expectation of privacy in their email stored by service providers as they do have in their phone calls and snail mail. In the criminal appeal of U.S. v. Warshak, the Court’s decision followed along the same arguments made by the EFF in its amicus brief.

In 2006, criminal defendant Warshak brought a civil suit against the government for warrantlessly seizing his email. At that time, the Sixth Circuit agreed with the EFF that email users do have a Fourth Amendment-protected expectation of privacy in electronically stored emails. However, that decision was later dismissed on procedural grounds. Warshak appealed his criminal conviction, bringing the issue back to court.

This time, the Court ruled:

Given the fundamental similarities between email and traditional forms of communication [like postal mail and telephone calls], it would defy common sense to afford emails lesser Fourth Amendment protection…. It follows that email requires strong protection under the Fourth Amendment; otherwise the Fourth Amendment would prove an ineffective guardian of private communication, an essential purpose it has long been recognized to serve…. [T]he police may not storm the post office and intercept a letter, and they are likewise forbidden from using the phone system to make a clandestine recording of a telephone call–unless they get a warrant, that is. It only stands to reason that, if government agents compel an ISP to surrender the contents of a subscriber’s emails, those agents have thereby conducted a Fourth Amendment search, which necessitates compliance with the warrant requirement….

The Stored Communication Act regulates when an email provider can hand over a customer’s emails or other electronic communications to private parties. Disclosure regulations provide, any “person or entity providing an electronic communication service to the public shall not knowingly divulge to any person or entity the contents of a communication while in electronic storage by that service,” with limited exceptions. Government agencies are supposed to show “specific and articulable facts showing … reasonable grounds to believe that … the records or other information sought, are relevant and material to an ongoing criminal investigation.” However, stored electronic communication is relatively easy for law enforcement agencies to obtain. The FBI, and other agencies, have gotten around proving probably cause by the amended PATRIOT Act. It basically allows them to write their own subpoena, and use National Security Letters (NSL) as a gag order to stop the email provider from revealing to its customer that the demand was ever made.

The EFF reported:

Today’s decision is the onlyfederal appellate decision currently on the books that squarely rules on this critically important privacy issue, an issue made all the more important by the fact that current federal law–in particular, the Stored Communications Act–allows the government to secretly obtain emails without a warrant in many situations. We hope that this ruling will spur Congress to update that law as EFF and its partners in the Digital Due Process coalition have urged, so that when the government secretly demands someone’s email without probable cause, the email provider can confidently say: “Come back with a warrant.”

Woot! This is a huge and very exciting victory for privacy!

Like this? Check out these other posts:

  • All of today’s Microsoft news and blogs
  • FBI Spied and Lied, Misled Justice Department on Improper Surveillance of Peace Groups
  • EFF Warns of Untrustworthy SSL, Undetectable Surveillance
  • Traveler to TSA: If you touch my junk, I’ll have you arrested
  • TSA: Show Us Your Body Or We’ll Feel You Up
  • ACLU Report: Spying on Free Speech Nearly At Cold War Level
  • Full-Body X-Ray Scanners Driving Down A Street Near You?
  • Police State of Wiretapping the Web: Who Do THEY Want to Watch?
  • DHS to Launch SAR Database. In Suspicion and Surveillance We Trust?
  • TSA Secure Flight: The Next TSA Privacy Threat?

Follow me on Twitter @PrivacyFanatic

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.