Tuesday, January 1, 2013

Privacy and email. What you need to know from NetiquetteIQ

There is much discussion regarding email and privacy. There is also as much misunderstanding it as well. The abuse of privacy is a very serious matter, not only with Netiquette, but also with legal issues. How and where emails are composed play a significant role in what expectations a sender and the recipient can expect with regard to privacy. The follow blog addresses some of these issues, but by all means, not all. There will more provided in future postings.
          "The right of the people to be secure in their persons, houses, papers and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

 - The Fourth Amendment of the Constitution of the United States
Email privacy
        As long as there is email, there will be questions concerning its privacy.  The origins of the Fourth Amendment date back to c. 1754 when British tax collectors were given the powers to search homes and private records of colonists.  It is this amendment which guarantees privacy.  There are a number of laws which have been enacted specifically to provide clarity and protection given by this original law.  To discuss them in detail is not in the scope of this book, but some summarizations will be stated below.
        The Electronic Communications Privacy Act ("ECPA") was enacted in 1986 to define federal electronic eavesdropping provisions.  It was intended to create "a fair balance between the privacy expectations of citizens and the legitimate needs of law enforcement."  Congress also sought to address new technologies by assuring that personal information would remain safe.

         The following table constitutes the legal actions which are needed to access the contents of an email at various times as outlined by EPIC.ORG.
Type of Communication
Required for Law Enforcement Access
Email in transit
18 U.S.C.§ 2516
Email in storage on home computer
4th Amendment, US Constitution
Email in remote storage, opened
18 U.S.C.§ 2703
Email in remote storage, unopened, stored for 180 days or less
18 U.S.C.§ 2703
Email in remote storage, unopened, stored for more than 180 days
18 U.S.C.§ 2703

In addition to the specific government exceptions outline above, there is other information that the government is empowered to collect from communications providers in the form of customer records.  Under § 2703, an administrative subpoena, a National Security Letter ("NSL"), can be served on a company to compel it to disclose basic subscriber information.  Section 2703 also allows a court to issue an order for records; whether an NSL or court order is warranted depends upon the information that is sought.
Pen registers/trap and trace
        Pen registers and trap and trace devices only provide the origin and destination of email and other communications.  The Supreme Court has held that there is no reasonable expectation of privacy of this information because the service provider has access to it.  The company must utilize this information to ensure the communications are properly delivered.  The Pen-Register Act covers pen registers/trap and trace.  Because email subject lines contain content, their use on emails, per revision in the USA Patriot Act, must include the sender and addressee, but not necessarily the subject.  IP addresses and port numbers associated with the communication are not exempted by the Act.  The Pen-Register Act specifically applies to hardware that captures content.  ECPA generally prohibits the installation or use of any device that serves as a pen register or trap or trace.  Amendments in the USA Patriot Act encompass software as well.

         ECPA provides guidelines for law enforcement to access data with the Stored Communications Act, the government is able to access specific stored communications without a warrant.

Here are to answer's to the last blog's quiz:

Which country has the highest percentage of spam email servers?

1.) China

2.) Taiwan

3.) United States

4.) Israel

5.) India

What percentage of total units is this?

1.) 25%
2.) 33%

3.) 51%

4.) 68%

5.) 85%

The answers are Taiwan which has 68% of the world's spam servers.
Today's question/fact is:
According to about.com, what is the average size of an email?
1.) 25k
2.) 50k
3.) 75k
4.) 250k
5.) 500+k
Answers will appear in the next blog.