• United States



Why the recent court ruling on Gmail matters to you

Jul 29, 20144 mins
Cloud SecurityData and Information SecurityGmail

Email may be coming under different guidance when it comes to warrants and subpoenas as society and the courts address the evolution of technology. Are you prepared to engage in the discussion?

“Just email it to me, I work out of my inbox anyway.”

That was the answer to my question of how to share a collaborative document with a client. A nod, perhaps, to the continued importance of email. Timely, too, since last week Sophos tipped us off to the ruling of New York District Judge Gabriel Gorenstein that a Gmail account is equivalent to a hard drive when a warrant is concerned.

That means seizing your entire email account instead of specific messages when a warrant (technically a warrant/subpoena) is issued.

Big deal or non-issue?

Why this matters

This decision demonstrates the ability of the court system to interpret and adapt laws to the changing nature of technology. While it often feels slow for those steeped in the technology, the point is change is not always brought about as a result of legislative action. We discussed this on the DtR newscast and weren’t surprised or disappointed. 

That doesn’t mean the court got it right.

It represents another step in the evolution of technology and our legal system. It signals a need to pay attention. To consider the arguments, engage in constructive conversations, and work to steer toward reasonable outcomes.

Unique in this case is the 23-page explanation of the ruling. Worth the read, the memorandum opinion (found here) laid out the logic and statutes behind the decision.

Highlights from the explanation

Here are some excerpts that explain how the courts tackle the challenge of copious amounts of presumably unstructured data and records:

In the case of electronic evidence, which typically consists of enormous amounts of undifferentiated information and documents, courts have recognized that a search for documents or files responsive to a warrant cannot possibly be accomplished during an on-site search. Thus, “courts developed a more flexible approach to the execution of search warrants for electronic evidence, holding the government to a standard of reasonableness.”

(“[T]he ability of computers to store massive volumes of information presents logistical problems in the execution of search warrants.”).

The need to permit the Government to examine electronic materials off-site rather than require it to conduct an on-site search is most obviously demonstrated in the case of a search of a computer hard disk drive (“hard drive”), which is the part of a computer that actually stores files and documents.

Note that the order had few restrictions on it – no defined search protocols or time limits. It allowed a search of connected elements like contacts. Is that vastly different than the approach with a hard drive?

(“Where proof of wrongdoing depends upon documents … whose precise nature cannot be known in advance, law enforcement officers must be afforded the leeway to wade through a potential morass of information in the target location to find the particular evidence which is properly specified in the warrant.”)

“The federal courts are in agreement that a warrant authorizing the seizure of a defendant’s home computer equipment and digital media for a subsequent off-site electronic search is not unreasonable or overbroad, as long as the probable-cause showing in the warrant application and affidavit demonstrate a sufficient chance of finding some needles in the computer haystack.”)

Does that naturally, then, lead to connected google services like Google Drive? Does it matter that Google explained (here) that “ In short, we’ll treat you as a single user across all our products, which will mean a simpler, more intuitive Google experience.”

Or is email distinct from the hard drive (or collection of documents)?

According to the court:

We perceive no constitutionally significant difference between the searches of hard drives just discussed and searches of email accounts.

In this case, the judge ruled that email is increasingly like a drive. As evidenced by the comment from my client, I’m inclined to agree.

But does it need limits?

Considerations we need to explore

The court focuses on gmail, setting the stage for a Google-oriented discussion. Recognize that this is broader than Google. It certainly applies to other providers. In fact, is your organization considered a provider for contractors and clients?

What does a ruling like this mean for you and your company?

More importantly, are you prepared to comply with a warrant/subpoena like this? Is your legal team?

Furthering the conversation (and evolution)

Do you agree or disagree with the ruling in this case? Is this a step forward or the beginning of a slippery slope? Share your thoughts and experiences that we may all work for slow and steady improvement for the benefit of everyone.


Michael Santarcangelo develops exceptional leaders and powerful communicators with the security mindset for success. The founder of Security Catalyst, he draws on nearly two decades of experience of success advancing security in variety of operational roles. He guides leaders and teams on the best next step of their journey.

More from this author