A federal appeals court in Boston has been asked to take a second look at a decision that some say could have a far-reaching effect on the privacy of Internet communications in the United States.
The decision handed down by a panel of appeals court judges ruled that monitoring the content of people’s incoming e-mail by a service provider does not violate federal wiretap laws.
The U.S. Justice Department has asked the full bench of the First Circuit Court of Appeals to again hear the case, U.S. v. Councilman, and last Friday several civil liberties groups filed a “friend-of-the-court” brief in support of the department’s motion.
Important For Privacy
“It’s very important for Internet communication to protect online privacy,” said Marc Rotenberg, president and executive director of the Electronic Privacy Information Center (EPIC), a public interest group in Washington, D.C., established in 1994 to focus public attention on emerging civil liberties issues.
“The law that does that is the federal wirtetap law,” he told TechNewsWorld. “The reading that the court gave to the federal wiretap law in this particular case is so narrow that it would make it much easier for law enforcement officials and others to get access to private communications.”
The case before the court involved a bookseller, Bradford Councilman, who also offered e-mal services to his customers. Councilman configured his service to secretly copy all incoming e-mail from Amazon.com, a competitor, and forward the copies to his mailbox.
Stored Versus Transit
The Justice Department argued that Councilman was intercepting mail in transit — which would violate federal criminal wiretap laws — but the three-judge panel in a two-to-one decision said another law applied: the federal Stored Communications Act (SCA), a statute with less robust protections than the wiretap act.
“The court treated it as stored rather than in transit because there’s a moment when it’s on a server that it becomes accessible,” Rotenberg explained.
Kevin Bankston, an attorney with the Electronic Frontier Foundation (EFF), a civil liberties group in San Francisco, California, added that the SCA doesn’t prohibit any access to a customer’s e-mail by the provider of the service.
Unfettered Law Enforcement
“The wiretap act, on the other hand, prohibits interception by a provider unless it’s for a legitimate reason — for protecting the provider’s rights or property, or maintaining its network,” he told TechNewsWorld.
In the brief filed with the full court, EPIC, EFF, the Center for Democracy & Technology (CDT) and the American Library Association (ALA) contend that the panel’s decision will open the door for law enforcement to intercept e-mail communication unfettered by the restrictions of the wiretap law.
“[The decision] would allow federal, state or local law enforcement agents to install monitoring devices that impose the functional equivalent of a wiretap without needing to satisfy the Wiretap Act,” the groups declare in their brief. “Because many surveillance devices can be installed in a way that obtains communications while in nanosecond storage, the panel opinion threatens to reduce the Wiretap Act to almost a nullity.”
Law out of Step?
“Essentially, it takes e-mail out of the wiretap laws,” CDT Staff Counsel Lara Flint told TechNewsWorld.
In its opinion, the panel maintained that the existing laws governing e-mail “may be out of step with the technological realities of computer crimes,” a contention challenged by EPIC’s Rotenberg, who worked on the development of the amended federal wiretap law and for the congressional committee that helped enforce the law.
“Everybody at that time understood that this kind of activity that occurred in the Councilman case would violate the privacy law,” he said. “I think Congress got it right when it drafted the law, and I think the court’s opinion is simply wrong.”
Nothing’s Happening Here
Councilman’s attorney, Andrew Good, of Good & Cormier in Boston, though, sees the groups’ alarums as overstated.
“There is no significant privacy loss because of this decision,” he told TechNewsWorld. “This case is about whether a sequence of electronic events makes any difference.”
“You get the same content from the copy whether you make it before or after it arrives in an inbox,” he said. “So there’s no privacy loss. It’s just a question of electronic mechanics.”
“This brief argues as if there’s a significant privacy loss here,” he added. “There isn’t. Nothing’s happened here.”