The Washington Post reported last week that the Obama administration is seeking to modify the 1993 Electronic Communications Privacy Act so that Internet service providers must turn over transaction records on email communications and possibly web browsing records, upon receipt of a “national security letter” from the FBI. This particular legal process doesn’t require review by a judge—unlike search warrants.[1]
The law does not allow access to the contents of those emails without judicial oversight…only the more externally-visible addressing information, and that does tend to be what email systems log and archive. On the other hand, the term “electronic communication transactional records” which is what the government could require ISPs to divulge, is not defined in federal statutes, according to the Washington Post.[2] And so it could conceivably be extended to include other person-to-person communications, such as social media contacts
This is the same process the Bush administration used, in the early 2000s, to ask libraries to turn over the records of books checked out by patrons, which was strongly resisted by librarians at that time.
Phone companies keep records of all of the numbers you call, and these are subject to the same access rules. This has never been a question, and most people in the US are probably at least marginally aware of this.
The real question isn’t whether someone is reading your email addresses and headers—it’s how they are interpreting the titles, subjects, and names of the people you are corresponding with. In the McCarthy era here in the US, you could be blacklisted for associating with the wrong people.
If you have an inquiring mind, would you want someone to judge you based on the titles of the books or publications you’re reading? Or the subjects and addressees of your email?
[1] The Washington Post — original article 29 July 2010
[2] The New York Times 30 July, 2010 — secondary report and opinion
A whole nother ancillary question is whether your ISP actually keeps these records or not. If they do not, are they then exempt from having to turn over any records, or will the government require that they keep such records in the future? Some ISPs intentionally do not keep certain kinds of records, which helps keep your use of certain services anonymous. And, for instance, I’d guess that very few ISPs, if any, keep records of your browsing history, and this makes it prohibitively difficult to document all of the web sites you’ve visited.
Leave a Reply