Electronic mail

Electronic mail (“e-mail”) refers to messages transmitted through the Internet or some other network. In modern implementations, e-mail messages are usually delivered very quickly, although not quite in real time, unlike instant messaging (IM) and similar communication methods. Internet users commonly treat e-mail as the online equivalent of postal mail, unaware of its implications for privacy and security.
Third-party monitoring of e-mail is commonplace and can occur without the knowledge of either party to a communication. Other privacy issues relate to the technical mechanisms employed by marketers and others to monitor the reception and disposition of e-mail messages, the storage and retention of e-mail messages, and the actions of individual e-mail users. In addition, e-mail is commonly used to transmit intrusive and unwanted advertisements and other unsolicited messages called spam.
The standard protocol for sending Internet e-mail is the Simple Mail Transfer Protocol (SMTP). The Post Office Protocol version 3 (POP3) and the Internet Message Access Protocol (IMAP) are the most common protocols used for accessing received e-mail messages. Typically, the sender uses e-mail client software to compose a message. That software then transmits the message through an SMTP server, usually one operated by the sender’s own Internet access provider, which transmits the message to an SMTP server designated to receive messages on behalf of the recipient. The message is held there until it is retrieved by the recipient.
The header of a message and its envelope both contain addressing information, although most e-mail clients display only the header. The “from” and “to” fields in the header normally contain the e-mail addresses of the sender and recipient, respectively, and sometimes their names as well. However, these fields do not control the delivery of a message, and they can easily be altered by the sender. Another means of concealing the address of a recipient (for example, from other recipients) is to place it in the “bcc” (blind carbon copy) field rather than the “to” field. In 2001 a large pharmaceutical manufacturer sent a form e-mail message to hundreds of consumers who had agreed to receive e-mail reminders about an antidepressant drug. The company inadvertently included the recipient’s address in the “to” field instead of the “bcc” field, causing all of the addresses to be exposed to each recipient.
Extensions to the SMTP protocol can be used to authenticate the source of a message or encrypt its content. E-mail messages may be sent pseudonymously or anonymously by routing them through a remailer that strips or alters identifying information before forwarding each message and, optionally, encrypts the message content.
An e-mail message may be sent in plain text or in various enhanced formats such as HTML, and may include file attachments and (depending on the format) embedded images and even program code. Current e-mail clients may disable certain enhanced features because of their privacy and security implications. For example, a sender may embed a link to an image located on the sender’s web server in an HTML e-mail message in order to monitor whether and when the message is opened or previewed by the recipient. If the recipient’s e-mail client were to retrieve the image from the sender’s web server and display the message, the access log for that server would reveal the date and time that the message was opened, the IP address from which the image was requested, and other information the sender might find useful.
Some e-mail systems provide senders with the ability to track delivery of messages, control message retention or forwarding, and even recall messages after they have been sent. Although standard Internet e-mail does not intrinsically support these functions, they can be implemented by e-mail client software or various work-arounds.
User actions can have many privacy-related consequences, often unintended. For example, an e-mail message can be forwarded by its recipient to a third party without the sender’s knowledge or consent. Although such forwarding may be considered a breach of “netiquette,” e-mail users may give little thought to the original sender’s privacy or other rights in the message content. A related concern arises when a forwarded message contains the e-mail addresses of many other recipients, who may not be aware that their addresses are being circulated widely.
The “reply to all” function available in many e-mail clients causes the user’s reply to be directed to all of the recipients of the original message as well as its sender. Frequently, users will inadvertently use “reply to all” when intending only a private “reply.” Similarly, a subscriber to an Internet mailing list who desires to respond only to the individual who posted a particular message may inadvertently send a reply to the entire list either by using the “reply to all” function or (if the listserver is configured to direct replies to the entire list) by merely selecting “reply” without first checking the “reply-to” address in the posted message.
A different user error led to unanticipated consequences in McVeigh v. Cohen (1998). A noncommissioned naval officer mistakenly used the wrong AOL account name when sending a message to the wife of a fellow crew member. The account name he used was linked to a profile that listed his marital status as “gay.” The Navy then initiated discharge proceedings for homosexual conduct, based on the statement in his online profile, although a court later enjoined the proceedings.
In the United States, federal laws protect the privacy of e-mail. The most important of these, the Electronic Communication Privacy Act of 1986 (ECPA), makes it illegal to intercept an e-mail message. This prohibition applies to law enforcement officials as well as private entities. However, there are many exceptions to this prohibition; for example, an e-mail service provider may view messages when necessary for purposes related to the operation of the service.
In United States v. Councilman (2005), the United States Court of Appeals for the First Circuit ruled that the interception provisions in ECPA apply to e-mail in temporary, transient storage. In Councilman, an Internet service provider routinely scanned its customers’ e-mail in order to obtain a commercial advantage. The court rejected the provider’s claim that a less protective standard should apply to e-mail messages in temporary storage than to those “in transit.”
Law enforcement officials can access e-mail messages with a warrant or court order, and in some instances even without an order or warrant. Such access was expanded under the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (USA PATRIOT Act), enacted in the aftermath of 9/11. In 2000 it was revealed that the Federal Bureau of Investigation (FBI) had developed an automated system for scanning e-mail messages using hardware and software installed at the premises of a suspect’s Internet service provider. The system, originally named Carnivore and later renamed DCS1000, was widely criticized by privacy advocates and civil libertarians. Critics charged that the system would facilitate broad privacy violations and lacked accountability; the FBI claimed that it protected privacy by intercepting only those communications that were within the scope of a court order. The government had effectively abandoned Carnivore by 2003, although other mechanisms for intercepting and monitoring e-mail remain in use.
A seemingly non-objectionable exception to ECPA permits the interception of e-mail with the consent of the sender or recipient. Some Internet providers routinely require such consent as a term of service, however, and courts generally have held that an employer has the right to access messages sent or received using its e-mail systems, at least if the employer has informed employees that their e-mail will be monitored. Surveys of employers in the United States reveal that monitoring of employee e-mail has become the rule rather than the exception, especially at larger firms.
In Smyth v. Pillsbury Co. (1996), a federal court in Pennsylvania rejected an employee’s claim that he had been wrongfully discharged on the basis of “inappropriate and unprofessional comments” he had made in e-mail messages to his supervisor. The company had assured its employees that their e-mail would be confidential and that the company would not intercept it or uses it as grounds for termination or reprimand. The court held that the employee had lost any reasonable expectation of privacy in regard to his comments when he sent them over the company’s e-mail system, and that the company’s interception of his messages was not a substantial invasion of his privacy.
Storage and archiving of e-mail messages can greatly increase the likelihood that third parties will gain access to their content. Declining data storage costs have removed much of the incentive to delete unneeded messages, while technological advances have made it easier to recover messages that have been deleted and those that exist only in otherwise obsolete backup archives. Meanwhile, businesses increasingly are adopting uniform policies on electronic document retention, largely in response to changes in the legal environment.
In Zubulake v. UBS Warburg LLC (2004), an employment discrimination case against a large investment brokerage firm, employees of the firm had deleted e-mail messages relevant to the case even after being instructed to retain them by the firm’s lawyers. Many of the relevant messages eventually were retrieved, and the court instructed the jury to infer that the remaining missing messages contained material damaging to the firm’s case. The plaintiff ultimately won damages of nearly $30 million.
In Arthur Andersen LLP v. United States (2005), the Supreme Court reversed Arthur Andersen’s conviction for obstruction of justice, which was based largely on the accounting firm’s destruction of electronic records. Legislation enacted in the wake of the Enron/Andersen scandal has imposed stricter document retention requirements on businesses, particularly in the banking and financial services sector.
Individuals with personal e-mail accounts also have privacy interests that are affected by the storage and retention of e-mail. In 2004, when Hotmail and other web-based e-mail providers generally offered fairly limited storage capacities, Google’s GMail service began offering 1 GB in free storage along with advanced search capabilities, encouraging users to keep old messages rather than deleting them to free up space. Although Google’s privacy policy limits the use and disclosure of stored e-mail messages, it is clear that long-term retention of e-mail messages increases the opportunities for a breach of privacy.