Risk
6/11/2009
07:46 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

U.S. Court Weighs E-mail Privacy, Again

At issue: whether e-mail messages deserve the same privacy protection as telephone calls.

In a replay of a court decision from two years ago, civil liberties groups are once again trying to persuade the U.S. Court of Appeals for the Sixth Circuit that e-mail messages deserve the same privacy protection as telephone calls.

On Wednesday, the Electronic Frontier Foundation, the ACLU of Ohio, and the Center for Democracy and Technology filed an amicus brief in Warshak v. USA in support of appellant Steven Warshak.

Warshak argues that a court order secretly directing his ISP to preserve his e-mail violates federal privacy laws and his expectation of privacy.

The government's interest in Warshak follows from its 2005 investigation of allegations of mail and wire fraud, money laundering, and other federal offenses arising from the operations of Steven Warshak's company Berkeley Premium Nutraceuticals, a maker of herbal pills for the treatment of erectile dysfunction.

In May 2005, the government obtained an order from an Ohio judge directing Internet service provider NuVox Communications to turn over electronic messages belonging to Warshak and his associates. In September of that year, the government used a similar order to obtain Warshak's e-mail from Yahoo.

In November 2006, the EFF, the ACLU of Ohio, and the CDT filed a similar amicus brief in support of Warshak, arguing that e-mail deserves the same legal protection as telephone calls. In June 2007, the 6th U.S. Circuit Court of Appeals ruled in Warshak's favor. But that decision was vacated on procedural grounds. And now the case is back before the court.

In a statement, EFF senior staff attorney Kevin Bankston says that the Justice Department conducted what amounts to a "back-door wiretap" when it intercepted six months of Warshak's e-mail without a warrant. "Thankfully, this abuse has given the appeals court yet another opportunity to clarify that the Fourth Amendment protects the privacy of e-mail against secret government snooping, even when it's in the hands of an e-mail provider," he said.


InformationWeek Analytics has published an independent analysis on what executives really think about security. Download the report here (registration required).

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0547
Published: 2015-07-04
The D2CenterstageService.getComments service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors.

CVE-2015-0548
Published: 2015-07-04
The D2DownloadService.getDownloadUrls service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors.

CVE-2015-0551
Published: 2015-07-04
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P2...

CVE-2015-1966
Published: 2015-07-04
Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before FP17, 6.2.1 before FP9, and 6.2.2 before FP15, as used in Security Access Manager for Mobile and other products, allow remote attackers to inject arbitrary web script or HTML via a crafte...

CVE-2015-4196
Published: 2015-07-04
Platform Software before 4.4.5 in Cisco Unified Communications Domain Manager (CDM) 8.x has a hardcoded password for a privileged account, which allows remote attackers to obtain root access by leveraging knowledge of this password and entering it in an SSH session, aka Bug ID CSCuq45546.

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report