There are at least five discrete stages at which an electronic mail message could be intercepted and its contents divulged to an unintended receiver: at the terminal or in the electronic files of the sender, while being communicated, in the electronic mailbox of the receiver, when printed into hard copy, and when retained in the files of the e-mail vendor for administrative purposes.
From a policy perspective, the laws that might be extended or drafted will vary by these five stages because of the historical development of telecommunications and privacy law. Moreover, the technological protections that are available will also depend on the stage of the communications process. Therefore, each stage needs to be analyzed separately to discern policy problems and policy options.”
Terminal or electronic files of sender Edit
At this stage, messages could be intercepted by accessing the computer system of the sender for purposes of reading the message or altering its content. In the case of interception by Government officials, the individual would probably argue that he or she had a fourth amendment expectation of privacy in the contents of the computer files. Although these are not “papers” in the traditional sense, they are arguably the computer age equivalent. They are also stored within a computer file that belongs to the individual, perhaps not in a tangible property sense, but at least in an intangible one, depending on the storage arrangement.
If the computer was at home, the individual’s expectation of privacy would be greater than if it was an office computer, but use of passwords and access codes would indicate that the individual took precautions at the office to ensure an expectation of privacy.
In the case of private parties accessing electronic mail in the terminal of the sender, such access may violate the federal Computer Fraud and Abuse Act of 1986. State laws may also offer protection. Theft laws might apply under some circumstances, although these are framed in terms of physical breaking and entering, and in terms of tangible property. Computer crime laws may also offer some protection against unauthorized private access.
There are also some technical measures that can be adopted to protect the contents of a computer file. Sophisticated password and/or key systems can be used to deter unauthorized access. Audit trails can be developed to detect unauthorized access. Although such systems may not be foolproof, their use will give additional legal weight to someone arguing that their computer mail files are expected to be private.
In transmission Edit
At this stage, messages can be intercepted by tapping into the wire over which the message is being sent, breaking into the fiber optic cable, or intercepting satellite or microwave signals. Such activities, if undertaken by the federal government are regulated by the Electronic Communications Privacy Act of 1986.
Again, there are some technical measures that can be used to protect the integrity of a message during transmission. The message can be encrypted using the Data Encryption Standard (DES) or some other code that scrambles or packages the message in a way that makes it difficult to decipher.
In the electronic mailbox of the receiver Edit
At this stage, messages can be intercepted by breaking into the computer terminal of the receiver, if the receiver has one that is used as an electronic mailbox, or into the computer terminal of the electronic mailz company where an individual has rented his or her mailbox. In either case, the individual should have a fourth amendment expectation of privacy against Government interception. This expectation will be higher if the mailbox is in the individual’s own computer terminal, but because renting implies property rights the expectation should also apply if the mailbox is held on the company’s terminal. Protection against private party interception would depend on the coverage of theft laws and computer crime laws.
When printed into hard copy before mailing Edit
Once mailed, the contents of the envelope would receive the same protections that are accorded first class mail. However, there would be no legal protection for the message during the time it was being printed out and before it was put into the envelope. During this time the individual would be dependent on the policy of the electronic mail company and the discretion of its employees.
When retained by the e-mail vendor for administrative purposes Edit
All e-mail companies retain a copy of the message both for billing purposes and as a convenience in case the customer loses the message. Based on the reasoning in United States v. Miller where the U.S. Supreme Court ruled that records of financial transactions, including copies of personal checks, were the property of the bank and that an individual had no legal rights with respect to such records, it is possible that an individual would not have a legal basis from which to challenge an e-mail company’s disclosure of the contents of messages or records of messages sent.
The issue of the privacy of personal information retained by a third party is not unique to electronic mail. It is important to note, however, that access to the administrative files of electronic mail companies can reveal a great deal of information about an individual — the substance of communications, the record of persons communicated with, and the locations of sender and receiver.
- ↑ 425 U.S. 435 (1976).
- Electronic Surveillance and Civil Liberties, at 45-48.