Wiretapping email at the Volokh Conspiracy
Orin has an interesting discussion
over at the Volokh Conspiracy
about applying wiretapping rules on the Internet. My contribution to the discussion is below.
You have a bit of a problem in that it's not readily practical to
access message header information without also accessing content
information. Technically, there are three portions of a typical
internet mail message:
1) The envelope information (typically exchanged as part of the
SMTP protocol prior to content delivery and usually duplicated in the
2) The header information (information about the message intended
to be read and processed by machines; this includes the subject line,
information about when the message was written, where responses should
be sent, and what type of content the message contains, etc)
3) The message body information (entered by the user directly, and
displayed to the receipient; usually text paragraphs but also attached
files and so on).
The problem is that both 2 and 3 reside in the same file when
messages are stored in (standard) RFC822 format. To preserve access to
2 for law enforcement, you have to obtain access to the message content
as well. This would normally involve looking on the user's computer,
seizing it, since the ISP normally does not keep either parts 2 or 3 of
the message once the user has retrieved it.
If you truly want only address information, then you only want the
information in 1. That information is stored in SMTP logfiles and can
probably be provided by the ISP without invading the user's home or
setting up an ongoing monitoring process, simply by examining their
existing log data. The burden to everyone involved is much lower, and
the analogy to a pen trace on a telephone line (which, as I understand
it, provides who-called-who data but no access to the content of the
call) is clearer.
Bruce Schneier has some interesting thoughts
Some of the comments on Orin's original post have also brought up the fact that the content/addressing distinction is dependent on which network layer you look at. If you are looking at the TCP/IP level, almost everything is content... however, for practical purposes, the number of criminals inventing their own network protocols or email applications in order to hide their activities is probably small and not useful for formulating general rules.
This entry was published 2009-03-31 11:11:36.0 by email@example.com
and last updated 2009-03-31 11:11:36.0.