« Why are You REALLY Investing Offshore? | Main | You Can Sue Anyone…Even God »

September 18, 2007

Who Can Read Your Stored E-Mail? Almost Anyone!

If you have the quaint idea that the e-mails stored in your Yahoo!, G-Mail, Hotmail or other "Webmail" accounts are somehow private, think again.  With one exception (see below), U.S. government investigators can read them, and now, private companies can do so as well in the name of "copyright protection."

It wasn't supposed to be this way.  Back in 1986, Congress passed a bill called the Electronic Communications Privacy Act (ECPA).  It was intended to extend the privacy protections that applied to telephone conversations on ordinary "land-line" telephones to e-mail, cellular phones, and computers. 

Naturally, like most other privacy laws in the United States, the ECPA has lots of exceptions.  One of the most glaring exceptions applies to e-mail or voice messages stored on an your Internet service provider's or telephone company's computers.  To read your stored emails or listen to your stored voice messages, police only have to demonstrate that the information it is seeking is relevant to an investigation.  They don't have to establish that there's probable cause of any crime.  (If you live in the states of Kentucky, Michigan, Ohio, or Tennessee, your stored e-mails have greater protection.  See my blog posting here)

An even broader exception may apply in civil cases involving copyright infringement.  In August, a U.S. District Court ruled that in a copyright dispute, the party alleging infringement can conduct ongoing surveillance of another party's stored e-mail messages, without their consent or other legal authorization, and not violate federal wiretap laws.  Indeed, the broad language of this decision makes it appear that it's legally impossible to intercept e-mail in a way that violates federal wiretap laws. 

I highly recommend that you go to any Webmail accounts you have and delete any messages that don't demand an immediate response. Make sure to empty your trash folder, as well.  If you want to keep a permanent record, keep one on your own PC, not online.

That advice applies no matter where you live, if you're using a U.S.-based Webmail service.  Since the servers are based in the United States, if police in the United States (other than in these four states) want to read your e-mail without a warrant, they can do so. That's true even if your country's law requires a warrant to read them.

Another good idea is to set up a free account at Hushmail (http://www.hushmail.com).  This company's servers aren't U.S.-based, so it's not subject to U.S. jurisdiction.   Plus, it's possible to send encrypted e-mails to other Hushmail users. 

And speaking of encryption...if you really want to protect your e-mail, encrypt any messages you wouldn't want published on the front page of The New York Times.  Unless someone manages to get hold of your encryption keys, and passphrase, anyone trying to read your messages will only see undecipherable gibberish.  PGP Desktop (http://www.pgp.com) is an excellent choice. 

For more information on protecting your privacy, on and off the Internet, click here.

Copyright © by Mark Nestmann

Posted at 10:27 AM in Communications Privacy |

Comments

The comments to this entry are closed.