A US appeals court has ruled that the vice-president of an internet service provider cannot be charged with violating federal wiretapping laws for snooping on e-mail sent to his customers, a decision that will give ISPs and other e-mail providers free rein to spy on e-mail, privacy advocates said.
The US Court of Appeals has affirmed a district court ruling dismissing a criminal wiretap charge against Bradford Councilman, who was vice-president of Interloc, a rare book listing service, in 1998. Interloc, since acquired by another company, provided an e-mail service to book dealers who were its customers, and in January 1998, Councilman told employees to write computer code to read incoming e-mail messages from rival book dealer Amazon.com.
Councilman was charged with violating the US Wiretap Act, which prohibits private citizens from intercepting communications, but appeals court Judge Juan Torruella wrote that US law does not prohibit ISPs and other e-mail providers from reading e-mail residing on their servers. The Wiretap Act gives wire and oral communication more protection against interception of stored communications than it does for electronic communication, Torruella added.
"We believe that the language of the [wiretap] statute makes clear that congress meant to give lesser protection to electronic communications than wire and oral communications," Torruella wrote. "Moreover, at this juncture, much of the protection may have been eviscerated by the realities of modern technology. We observe, as most courts have, that the language may be out of step with the technological realities of computer crimes. However, it is not the province of this court to graft meaning onto the statute where congress has spoken plainly."
Privacy advocates including the Center for Democracy and Technology (CDT) and the Electronic Frontier Foundation questioned the appeals court ruling. By ruling that an e-mail was in storage instead of transit when it stopped for a "millisecond" on Interloc's servers, the appeals court has opened up e-mail to easier spying by law enforcement or ISPs, said Lara Flint, staff counsel for the CDT.
"We think it's a very strained interpretation of the law," Flint said. "I think people understand that their employer has the right to read their work e-mail, but I don't think people have the concept that their personal e-mail is susceptible to being read and used by their ISPs... without their consent."
The decision "dealt a grave blow to the privacy of internet communications," the EFF said.
"By interpreting the Wiretap Act's privacy protections very narrowly, this court has effectively given internet communications providers free rein to invade the privacy of their users for any reason and at any time," said Kevin Bankston, an EFF attorney and Equal Justice Works fellow. "This decision makes clear that the law has failed to adapt to the realities of internet communications and must be updated to protect online privacy."
But Councilman's lawyer said the decision was the right one given that congress provides less protection to stored electronic communication than it does to other forms of communication. Congress may want to change the law, but Councilman did not break existing law, said Andrew Good, of the law firm Good and Cormier.
Grant Gross writes for IDG News Service