EQUIPO NIZKOR |
|
22Nov04
A coalition of civil liberties groups filed a "friend of the court" brief in United States v. Councilman, a case on email interception.
On November 12th. 2004, a coalition of civil liberties groups filed a "friend of the court" brief encouraging the First Circuit Court of Appeals to overturn a controversial ruling on email privacy.
The Center for Democracy and Technology, Electronic Frontier Foundation, Electronic Privacy Information Center or "EPIC", American Library Association, American Civil Liberties Union and Center for National Security Studies, argue in their brief that "the panel's decision creates serious constitutional questions under the Fourth Amendment guarantee against unreasonable search and seizure."
On June 29th, 2004, a three-judge panel held In United States v. Councilman, that an email service provider did not violate criminal wiretap laws by acquiring users' incoming emails without their knowledge or consent to gain a commercial advantage over a competitor.
Because the emails were not actually in wires or cables between computers when accessed, but were instead temporarily stored on the service provider's computer system, the panel found the emails could not have been "intercepted" in violation of wiretap law.
Therefore the online literary clearinghouse involved in this case did not violate the law when it used an email service it provided to its subscribers to access their incoming email so it could view messages sent to them by a rival company.
In a 2-1 ruling, the court held that electronic communications are not "intercepted" if the communication is accessed while it is in temporary storage. A full panel of the First Circuit has decided to review the panel's ruling.
The First Circuit has withdrawn the panel decision and is reconsidering the case.
The issue in this case is whether an "intercept" of a communication occurred within the meaning of the Wiretap Act. In other words, whether email can be "intercepted" in violation of federal wiretap law while it is temporarily stored on an email server -- even if only for a fraction of a second.
The Electronic Communications Privacy Act was passed in 1986 to update the law to cover electronic communications. Before the Electronic Communications Privacy Act was passed, the Wiretap Act protected only wire and oral communications from interception.
The Electronic Communications Privacy Act extended the law to protect electronic communications for interception as well and also created the Stored Communications Act, which established legal standards for access to electronic communications in the possession of a service provider.
The changes created two distinct categories of electronic communications -- those "in transit," which enjoy relatively generous protection under the Wiretap Act, and those "in storage," which receive a lesser degree of legal protection under the Stored Communications Act.
The two categories that resulted from the amendments were viewed as complimentary efforts to protect the privacy of electronic communications.
The "tiering" of communications resulted more from the effort to address specific concerns -- such as extending protections to electronic communications and creating safeguards for stored communications -- than to formally categorize the privacy protection for each type of information.
This case involves Interloc, an online literary clearinghouse that sought to pair its subscribers, which were and used book dealers, with book buyers.
Bradford C. Councilman, former executive of the company, directed Interloc employees to write computer code to intercept and copy all incoming communications from Amazon.com to the subscriber book dealers, whom had been provided email service by Interloc.
The Interloc systems administrator wrote a revision to the mail processing code designed to intercept, copy, and store all incoming messages from Amazon.com before they were delivered to the subscribers. Councilman was charged with using the code to intercept thousands of messages to gain a commercial advantage.
The government sought to prosecute Councilman for intercepting the electronic communications in violation of the Wiretap Act.
Councilman pleaded not guilty and moved to dismiss the charge because, as Councilman and the government agree, the communications were stored on the Interloc ISP server when they were acquired by Interloc employees. Councilman argued that the communications were therefore covered by the Stored Communications Act, not the Wiretap Act.
The government could not charge Councilman with violating the Stored Communications Act because that law exempts Internet Service Providers (ISPs) from liability for accessing stored communications.
This exemption provides a loophole for ISPs because they can't be prosecuted under the Wiretap Act if they access subscribers' stored email, and they can't be prosecuted under the Stored Communications Act simply because they are ISPs.
The District Court for the District of Massachusetts dismissed the government's charge against Councilman, narrowly reading the definition of "electronic communication" in the Wiretap Act to exclude any type of stored communication. The government appealed the decision to the First Circuit.
A three-judge panel of the First Circuit upheld the district court's holding. The panel focused on the fact that Interloc obtained the subscriber email messages while they were in "temporary storage" in a computer system, even though such storage was only momentary as the email messages were then immediately made available to the users.
The panel's opinion noted that the parties had agreed that the emails were not acquired while they were transmitted through wires or cables between computers. In light of these findings, the panel said that the emails were not "in transit,"but were instead stored communications. Because no "intercept" occurred, the panel held that the Wiretap Act could not have been violated.
In dissent, Judge Kermit V. Lipez warned that this interpretation of the Wiretap Act "would undo decades of practice and precedent regarding the scope of the Wiretap Act and would essentially render the act irrelevant to the protection of wire and electronic privacy."
Under Councilman, the legal protection that applies to an email as it traverses the Internet switches between the Wiretap Act and Stored Communications Act. The level of protection depends on whether the email is in transit between intermediate servers or stopped temporarily -- often for less than a second -- on one of those servers.
This outcome creates significant uncertainty in the legal protection that now applies to email, and seems directly at odds with the intent of Congress when it passed the Electronic Communications Privacy Act.
Because of the aforementioned, a coalition of civil liberties groups filed on November 12, 2004 a "friend of the court" brief, or "amici curiae", encouraging the First Circuit Court of Appeals to overturn this controversial ruling on email privacy.
The main arguments of the organizations' brief are as follows:
- To avoid constitutional doubt, the court should Construe the scope of the wiretap act based on the Constitutional line drawn by the supreme court in Berger versus New York.
In Berger v. New York, (1967), the Supreme Court indicated that the Fourth Amendment triggers heightened scrutiny when surveillance is undertaken as "a series or a continuous surveillance" rather than as "one limited intrusion." ....
Under Berger, a statute that regulates "a series or a continuous surveillance" must include special privacy protections or risk facial invalidity under the Fourth Amendment.
Congress enacted the Wiretap Act soon after Berger, and drafted the statute with Berger in mind. Its statutory framework was designed to satisfy the Fourth Amendment in the context of ongoing surveillance.
Indeed, a number of circuit courts have indicated that the Wiretap Act's protections are required to ensure that ongoing surveillance satisfies the Fourth Amendment even where the Wiretap Act does not apply as a matter of statutory law...The intimate relationship between the Wiretap Act and the Fourth Amendment should guide the Court here.
The Court should construe the temporal aspect of "intercept" in 18 U.S.C. § 2510 (4) to encompass "continuous surveillance" as contemplated by Berger. Any statutory ambiguity should be resolved to synchronize the scope of the Wiretap Act with the Fourth Amendment concerns that animate it...A less protective approach would raise grave constitutional concerns under Berger.
- An e-mail can be simultaneously in "electronic Storage" and subject to interception under the Wiretap act.
The exclusion of communications in "Electronic storage" from the statutory Definition of "electronic communication" does not reflect a congressional intent to exempt Communications in "electronic storage" from the Wiretap act.
Congress added "electronic storage" to the definition of wire communication not to lessen protections for stored e-mail, but rather to expand protections for one-time access to stored voicemail. The different treatment of stored communications reflects an effort to protect voicemail in effect from 1986 to 2001.
During that period, Congress extended the Wiretap Act to govern one-time accesses to stored voicemail as a stopgap measure to provide special privacy protections for voicemail. While this approach did blur the constitutional line drawn by Berger, it did so only to extend the Wiretap Act to govern one-time accesses in the special case of stored wire communications.
When this history is understood, it becomes clear that an electronic communication can be simultaneously in "electronic storage" and subject to interception under the Wiretap Act...
After all, stored voicemail is conceptually similar to stored e-mail: it is a stored computer file held by a network service provider and retrieved at the user's request...Wire and electronic communications remain wire and electronic communications regardless of whether they are in transit or in electronic storage.
Section 209 [pf the USA Patriot Act of 2001] temporarily undoes the 1986 treatment of voicemail and instead protects stored voicemail under the lower protection Stored Communications Act... It does so by simultaneously adding "wire communications" to the Stored Communications Act and removing the "electronic storage" clause from definition of wire communication...
The clause reflects an effort to extend the Wiretap Act to cover one-time access to voicemail, not an effort to exempt ongoing surveillance of temporarily stored electronic communications from the Wiretap Act.
- The organizations' brief also expresses that it is unlikely that the conduct at issue in this case violated the Stored Communications Act.
On the other hand, Senator Patrick Leahy (Democrat from Vermont) also filed an amicus brief discussing what Congress had in mind when it extended legal protections to email in 1986.
Senator Leahy, the sponsor of the Senate version of the legislation that became the Electronic Communications Privacy Act, argued that the panel's decision fails to recognize Congress' intent to protect the privacy of electronic communications when the Act was passed, and should be reversed.
Five technical experts also filed a brief in favor of Internet privacy, explaining that email should receive full legal protection while in transmission. "Internet-based mail services clearly distinguish between the routine storage that occurs when a message reaches its destination . . . and the temporary 'storage' that occurs as electronic mail moves in many discrete steps from sender to recipient," the brief argued.
The technical experts endorsing the brief were Dr. Whitfield Diffie, Chief Security Officer of Sun Microsystems; Dr. Edward W. Felten, Professor of Computer Science at Princeton University; Dr. John R. Levine, Chair of the Internet Research Task Force Anti-Spam Research Group; Dr. Peter G. Neumann, Principal Scientist in the Computer Science Lab at SRI International; and Dr. Bruce Schneier, Chief Technical Officer of Counterpaine Security.
The First Circuit will hear oral arguments in the rehearing next month.
Documentation Note: This report has been produced by Radio Nizkor with the information provided by the Electronic Privacy Information Center (EPIC) on the case of United States v. Councilman.
This document has been published on 08Dec04 by the Equipo Nizkor and Derechos Human Rights. In accordance with Title 17 U.S.C. Section 107, this material is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. |