ISPs Can Check E-Mail

Backed by the clear, though perhaps out-of-date, language of the Wiretap Act,
e-mail providers have the right to read and copy the inbound e-mail
of their clients, a federal appeals court ruled Wednesday. The decision sparked howls of
protest from privacy advocates, despite immediate assurances from some of the nation’s largest ISPs
that they would never engage in such practices.

The U.S. Court of Appeals for the 1st Circuit in Boston voted 2-1 Wednesday to uphold the dismissal of
a 2001 indictment against Branford C. Councilman, the vice president of now-defunct Interloc Inc., a rare
and out-of-print books site.

The U.S. district attorney for Massachusetts charged Councilman, who
maintained an e-mail service for his clients, with illegal wiretapping for making copies of e-mail
sent to his clients from The district attorney claimed Councilman copied the e-mail to gain a
competitive advantage.

But Councilman’s attorneys argued his actions were within the legal limits, because he
did not intercept the messages in transit. E-mail, often
only momentarily, is routed through servers. The U.S. District Court for Massachusetts ultimately ruled that
counted as storage and dismissed the indictment.

Yesterday’s decision echoed that ruling in voting to uphold the indictment dismissal, saying
e-mail does not enjoy the same eavesdropping protections as telephone
conversations, because it is stored on servers before being
routed to recipients.

Samantha Martin of the Massachusetts district attorney’s office said, “We are still
in the process of reviewing that decision and weighing our options on what
steps to take next.”

The two-judge majority deferred to the language of the Wiretap Act, noting it prohibits
the unauthorized interception and storage of “wire communications,” but
only makes reference to the interception of “electronic communications.”

“The Wiretap Act’s purpose was, and continues to be, to protect the privacy
of communications. We believe that the language of the statute makes clear
that Congress meant to give lesser protection to electronic communications
than wire and oral communications,” Appeals Court Judge Juan R. Torruella
wrote. “Moreover, at this juncture, much of the protection may have been
eviscerated by the realities of modern technology.”

“We observe, as most courts have, that the language may be out of step with
the technological realities of computer crimes,” Torruella wrote. “However,
it is not the province of this court to graft meaning onto the statute where
Congress has spoken plainly.”

In his dissenting opinion, Appeals Court Judge Kermit V. Lipez said there is
no distinction between the electronic transmission and storage of e-mail.

“All digital transmissions must be stored in RAM or on hard drives while
they are being processed by computers during transmission,” Lipez wrote.
“Every computer that forwards the packets that comprise an e-mail message
must store those packets in memory while it reads their addresses, and every
digital switch that makes up the telecommunications network through which
the packets travel between computers must also store the packets while they
are being routed across the network.”

Lipez concluded: “Since this type of storage is a fundamental part of the
transmission process, attempting to separate all storage from transmission
makes no sense.”

America Online, EarthLink and Yahoo
, three of the country’s largest ISPs, all have privacy policies
prohibiting them from reading customer e-mail, except in the case of a court

“Consistent with Yahoo’s terms of service and privacy policy, we do not
monitor user communications,” said Yahoo spokeswoman Mary Osako said.

Also jumping to the ISP defense was EarthLink spokeswoman Carla Shaw.

“EarthLink has a long history of
protecting customer privacy, and that protection extends to e-mail,” she said. “We don’t
retain copies of customer e-mail, and we don’t read customer e-mail.”

But this does little to alleviate the concerns of folks like Kevin Bankston, an attorney for the online privacy
group Electronic Frontier Foundation.

“By interpreting the Wiretap Act’s
protections very narrowly,” Bankston said in a statement, “this court has effectively given Internet
communications providers free reign to invade the privacy of their users for
any reason and at any time.”

Bankston added that the law “has failed to adapt to the realities of
Internet communications and must be updated to protect online privacy.”

News Around the Web