A US appeals court has ruled that the vice-president of
an internet service provider cannot be charged with violating
federal wiretapping laws for snooping on e-mail sent to his
customers, a decision that will give ISPs and other e-mail
providers free rein to spy on e-mail, privacy advocates
said.
The US Court of Appeals has affirmed a district court ruling
dismissing a criminal wiretap charge against Bradford Councilman,
who was vice-president of Interloc, a rare book listing service, in
1998. Interloc, since acquired by another company, provided an
e-mail service to book dealers who were its customers, and in
January 1998, Councilman told employees to write computer code to
read incoming e-mail messages from rival book dealer
Amazon.com.
Councilman was charged with violating the US Wiretap Act, which
prohibits private citizens from intercepting communications, but
appeals court Judge Juan Torruella wrote that US law does not
prohibit ISPs and other e-mail providers from reading e-mail
residing on their servers. The Wiretap Act gives wire and oral
communication more protection against interception of stored
communications than it does for electronic communication, Torruella
added.
"We believe that the language of the [wiretap] statute makes
clear that congress meant to give lesser protection to electronic
communications than wire and oral communications," Torruella wrote.
"Moreover, at this juncture, much of the protection may have been
eviscerated by the realities of modern technology. We observe, as
most courts have, that the language may be out of step with the
technological realities of computer crimes. However, it is not the
province of this court to graft meaning onto the statute where
congress has spoken plainly."
Privacy advocates including the Center for Democracy and
Technology (CDT) and the Electronic Frontier Foundation questioned
the appeals court ruling. By ruling that an e-mail was in storage
instead of transit when it stopped for a "millisecond" on
Interloc's servers, the appeals court has opened up e-mail to
easier spying by law enforcement or ISPs, said Lara Flint, staff
counsel for the CDT.
"We think it's a very strained interpretation of the law," Flint
said. "I think people understand that their employer has the right
to read their work e-mail, but I don't think people have the
concept that their personal e-mail is susceptible to being read and
used by their ISPs... without their consent."
The decision "dealt a grave blow to the privacy of internet
communications," the EFF said.
"By interpreting the Wiretap Act's privacy protections very
narrowly, this court has effectively given internet communications
providers free rein to invade the privacy of their users for any
reason and at any time," said Kevin Bankston, an EFF attorney and
Equal Justice Works fellow. "This decision makes clear that the law
has failed to adapt to the realities of internet communications and
must be updated to protect online privacy."
But Councilman's lawyer said the decision was the right one
given that congress provides less protection to stored electronic
communication than it does to other forms of communication.
Congress may want to change the law, but Councilman did not break
existing law, said Andrew Good, of the law firm Good and
Cormier.
Grant Gross writes for IDG News Service