Risk

6/11/2009
07:46 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

U.S. Court Weighs E-mail Privacy, Again

At issue: whether e-mail messages deserve the same privacy protection as telephone calls.

In a replay of a court decision from two years ago, civil liberties groups are once again trying to persuade the U.S. Court of Appeals for the Sixth Circuit that e-mail messages deserve the same privacy protection as telephone calls.

On Wednesday, the Electronic Frontier Foundation, the ACLU of Ohio, and the Center for Democracy and Technology filed an amicus brief in Warshak v. USA in support of appellant Steven Warshak.

Warshak argues that a court order secretly directing his ISP to preserve his e-mail violates federal privacy laws and his expectation of privacy.

The government's interest in Warshak follows from its 2005 investigation of allegations of mail and wire fraud, money laundering, and other federal offenses arising from the operations of Steven Warshak's company Berkeley Premium Nutraceuticals, a maker of herbal pills for the treatment of erectile dysfunction.

In May 2005, the government obtained an order from an Ohio judge directing Internet service provider NuVox Communications to turn over electronic messages belonging to Warshak and his associates. In September of that year, the government used a similar order to obtain Warshak's e-mail from Yahoo.

In November 2006, the EFF, the ACLU of Ohio, and the CDT filed a similar amicus brief in support of Warshak, arguing that e-mail deserves the same legal protection as telephone calls. In June 2007, the 6th U.S. Circuit Court of Appeals ruled in Warshak's favor. But that decision was vacated on procedural grounds. And now the case is back before the court.

In a statement, EFF senior staff attorney Kevin Bankston says that the Justice Department conducted what amounts to a "back-door wiretap" when it intercepted six months of Warshak's e-mail without a warrant. "Thankfully, this abuse has given the appeals court yet another opportunity to clarify that the Fourth Amendment protects the privacy of e-mail against secret government snooping, even when it's in the hands of an e-mail provider," he said.


InformationWeek Analytics has published an independent analysis on what executives really think about security. Download the report here (registration required).

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
New Mexico Man Sentenced on DDoS, Gun Charges
Dark Reading Staff 5/18/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-7268
PUBLISHED: 2018-05-21
MagniComp SysInfo before 10-H81, as shipped with BMC BladeLogic Automation and other products, contains an information exposure vulnerability in which a local unprivileged user is able to read any root (uid 0) owned file on the system, regardless of the file permissions. Confidential information suc...
CVE-2018-11092
PUBLISHED: 2018-05-21
An issue was discovered in the Admin Notes plugin 1.1 for MyBB. CSRF allows an attacker to remotely delete all admin notes via an admin/index.php?empty=table (aka Clear Table) action.
CVE-2018-11096
PUBLISHED: 2018-05-21
Horse Market Sell & Rent Portal Script 1.5.7 has a CSRF vulnerability through which an attacker can change all of the target's account information remotely.
CVE-2018-11320
PUBLISHED: 2018-05-21
In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that are sourced from the target do not have sensitive values obfuscated in the deployment logs.
CVE-2018-8142
PUBLISHED: 2018-05-21
A security feature bypass exists when Windows incorrectly validates kernel driver signatures, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-1035.