Privacy of emails

By coincidence, the theme of the previous blog post (expectations of privacy in correspondence, electronic or otherwise) also crops up in an article by Simon Jenkins in the Guardian today. Jenkins’ piece is actually about media ethics, but it’s prompted by the renewed media feeding frenzy over a now slightly dusty scandal… revelations that the News Of The World had been hacking into the voicemails of people who they thought might thus provide juicy material for the presses.

At one point, Jenkins notes, the Crown Prosecution Service (i.e. the agency responsible for prosecuting alleged criminals on behalf of the state) advised the police that it was “illegal to hack into a message before, but not after, a recipient had heard it”… much as the 11th US Circuit Court ruled in Rehberg v Hodges.

As the number of forms of electronic communication continues to grow, and governments’ appetite for retention, interception and retrieval of those communications grows correspondingly, let’s just pick that concept apart and see why it’s so absurd – because absurd it surely is.

The idea of an expectation of confidentiality in communications probably has its origins in the establishment of monopolised state postal services. Before that point, you had to have a good reason to trust anyone to whom you gave a letter to deliver to someone else… though in practice those with something particularly sensitive to say also put their trust in means such as encryption and tamper-evident technology. The advent of a universal postal service meant that people had to feel that they could entrust their letters to – essentially – a complete stranger and still be confident that the letter would arrive intact.

There was, then, a clear expectation that a universal postal service should demonstrate great integrity in the handling of the correspondence put into its care – and sure enough, most such services are protected by specific laws to deal with ‘interference with the mails’. In other words, and not to overburden the word “confidence”, a letter from Sandra to Reece is entrusted to Pat as an intermediary. The contents of the letter are intended to be confidential between Sandra and Reece. Pat has no legitimate expectation of reading the letter for himself, because Sandra’s clear intent and expectation is that she is communicating only with Reece.

Now, what happens once Reece receives and opens the letter? Does that act somehow revise Sandra’s intention in sending it – so that, onceit is opened, she intends it to be read by people other than Reece? I don’t see why we should make that assumption. But just for the sake of it, let’s imagine that what Reece finds when he opens the envelope is another envelope: this one has written on it “Confidential: for Reece only”. So in this instance Sandra has made her intention and expectations explicit.

Reece opens the second envelope and finds inside a message which says “Dear Reece, I don’t want you to tell anyone else this, but I have discovered that I have a fatal disease, and probably only months to live”. Again, I don’t see anything in the act of Reece opening the inner envelope which revises Sandra’s intention and expectations in writing to him and him alone. She even says, in the contents, that she wants Reece to keep this information to himself… and that seems to me to be a legitimate expectation.

Of course, merely by disclosing the fact of her illness to Reece, Sandra is making it possible for Reece to disclose it to someone else – but I think there’s a clear difference between making that disclosure possible, and expecting or intending it to take place.

That is why I think it’s so perverse to rule that the act of opening a letter changes the sender’s legitimate expectation of the confidentiality of the contents. It’s also why I wonder whether initiatives like the Privicons plug-in – while doubtless well-intentioned – might have preverse consequences. After all, if there’s a button you can click which says “don’t share this email”, won’t that be taken to imply that – if the email has no such icon attached – you don’t mind it being shared? All in all, I think I’d be happier if we start with no “this email is sent in confidence” button – because I think the fundamental assumption should be that emails are confidential unless it’s explicitly stated otherwise.

It’s possible that that assumption is broken; but if so, that argues in favour of mending it, not discarding it.

With that in mind, I wish you a happy Data Privacy Day for tomorrow, Jan 28th.. I encourage you to spend it considering what digital footprints you leave in the course of the day, and to what extent they involve any consent and control on your part.

The Privacy of Emails

A colleague has alerted me to a December 2010 ruling on email privacy, in the US 6th Circuit court. There’s a brief article here from DC law firm K&L Gates.

The 6th Circuit delivers a welcome reversal of the July 2010 ruling in Rehberg v Hodges, in which the 11th Circuit court somewhat bizarrely concluded that Mr Rehberg’s “privacy interest in emails held by his ISP was not clearly established”. Even in that case, although the ruling itself denied Mr Rehberg’s right to privacy, the court did amend previous statements as follows:

“The Court had written that a “person also loses a reasonable expectation of privacy in emails, at least after the email is sent to and received by a third party” and that “Rehberg’s voluntary delivery of emails to third parties constituted a voluntary relinquishment of the right to privacy in that information.” This is not the law, and the incorrect statements are no longer precedent.”

Article here on the EFF site.

Note the court’s use of the phrase “third party”. I would be interested to know if this ruling has any effect on a law enforcement request for access to received emails still in the possession of the intended recipient (as opposed to an intermediary). The reason for my interest will be clear in a moment…

Broadening the context beyond email: the legal implications of disclosures via online networking sites are still, in my view, a long way from being conclusively worked out in case law. There was the ruling in Romano v Steelcase Furniture, in which Mrs Romano’s Facebook photo showed her apparently happy and smiling in front of her home. Steelcase’s lawyers argued that that was prima facie evidence she was not suffering as badly as she had maintained in an injury suit against them, and successfully got a ruling that Mrs Romano’s private Facebook pages should be disclosed in case they revealed further incriminating evidence.

The twist in that latter part was that not only had Mrs Romano obviously decided that she wanted some of her Facebook disclosures to be more private than others, she had in fact also deleted some of her private pages. At least, she thought she had. In fact, they were still on disk somewhere in Facebook’s storage, and as a result, they were disclosed in evidence. I blogged about that in October, here.

So, in the social networking case, it seems the law still has to catch up with the notion that disclosure is not a binary thing. I keep quoting danah boyd on this, because I can’t improve on her way of putting it:

“Making something that is public more public is a violation of privacy”

(Making Sense of Privacy and Publicity, SXSW 2010; text available here)

In the email case, I’d argue that the same gap still needs to be bridged. US case law seems to be taking the following line: an email from Sandra to Reece embodies an expectation that it is sent in confidence by the sender to the recipient. It is intended to be kept confidential from the ISP who conveys it. (As an aside, that’s interesting if you reflect that an unencrypted email is much more like a postcard than a letter sealed into an envelope…).

That’s fine as far as it goes… but what about the non-binary shadings? Legally, what expectation can a sender have in the confidentiality of, for instance:

  • The contents of an email which the recipient has opened?
  • The contents of an email still unopened in the recipient’s inbox?
  • Copies of the email archived by the sender (for instance, in a “Sent Mail” folder) on the sender’s system, on an employer’s email system or on one operated by a third party, say, in the cloud?

There may be many instances of a single electronic disclosure, and I don’t think the legal privacy status of these instances has been fully explored yet in any single jurisdiction, let alone in cloud computing and multi-jurisdictional contexts. Of course, if you know different, let me know via the Comments field.

Anonymity on the Net

There’s an interesting piece on the New York Times site by Professor Stanley Fish, titled “Anonymity and the Dark Side of the Internet“.

A quick disclaimer to start with, though: bear in mind that what you’re reading here is my comment on an article in which Prof. Fish reviews a collection of essays by academics citing various principles and legal precedents. This discourse has more layers than Inception… and that’s before you get to the comments readers have left on Prof. Fish’s article itself.

The collection of essays is called “The Offensive Internet” – and based on Prof. Fish’s portrayal, the contributors are writing from the standpoint that anonymity online is a Bad Thing, about which Something Must Be Done. Second disclaimer: I haven’t actually read “The Offensive Internet”… but as much of the discussion apparently revolves around the dangers of unsubstantiated online gossip, it would be contrary to let a mere lack of factual knowledge stop me blogging about it, wouldn’t it?

The position of the anti-anonymists is (at least, as far as Prof. Fish represents it) riddled with arguments from the particular to the general – principally along the lines of “here is an instance where online anonymity has undesirable consequences – therefore all online anonymity is undesirable”. In part, the picture painted is of an ecosystem polluted by irresponsible comment, libel and misinformation, riding on the back of instant, mass publication with total immunity from being held to account.

Some of the quotations Prof. Fish includes are such gems I almost wonder if he isn’t part of some fiendishly cunning marketing ploy, designed to convince us that the only way to stem our incredulity it to read it for ourselves. Out of context or not, what are we to make of a statement like: “autonomy resides not in free choice per se but in choosing wisely”? So, I can have (or at least call it) autonomy, but only if I agree not to make foolish, capricious, ill-informed or simply bad decisions. And who decides which of my free’ choices qualifies as autonomous? Someone else, you say….? Hmm.

Even if we accept that the essays, Prof. Fish himself, or both, are being deliberately polemical, it does the argument against anonymity no credit to ignore valid counterexamples. For instance, The Times and The Economist both have a long tradition of anonymous publication (The Times for its leaders and The Economist in general). That has a number of consequences: it means that the credibility of what is written depends first (and foremost) on its content and second (and less) on the brand under which it appears. The second factor, the brand or reputation of the publication, is critically interdependent on the credibility of the content. This virtuous circle encourages the anonymous to write in such a way as to enhance the credibility of their host publication. It is not true, then, that anonymity necessarily means a lack of accountability or an immunity from the consequences of irresponsible writing.

Prohibition of online anonymity would also damage the interests of those whose identity – if disclosed – would expose them to various forms of abuse. Take the case of Harriet Jacobs (not her real name, QED…) whose personal safety depends at least in part to online pseudonymity. Presumably in the brave new world of enforced identifiability, those who fall victim to domestic violence, rape or persecution simply forfeit their entitlement to the means of online expression available to the smug majority. It is not true, then, that anonymity serves only the interests of those who have something libellous, shameful, malicious or just plain wrong to say.

The examples of journalists and Harriet Jacobs illustrate a principle which does not come across in Prof. Fish’s article – that the Internet is quite capable of supporting various levels of identifiability.

There is the relative anonymity of being ‘one of a number of journalists publishing under a given title’; of course the editor knows who wrote what, and who to hold responsible if the article turns out to be libellous. Second, there is the pseudonymity of publishing a blog under a pen name. Ultimately, through a combination of the registration process for the blog itself, the formalities of having a billable IPS account and so on, the author of most blogs could, ultimately, be identified by a third party able to correlate the right identifiers – and most legislation in this area makes provision for law enforcement access (ideally subject to justifying conditions and with some degree of oversight). The real issue, then, is not whether online anonymity can or should be banned, but how to maintain and manage these various levels of anonymity, pseudonymity and identifiability.

The bottom line is that, if the authors of “The Offensive Internet” were looking for an analogy, they could and should have done better than “cesspool” or “graffiti-filled bathroom wall”. The Internet is like electricity. It can be put to good purposes, bad purposes, trivial and misguided purposes, and indeed purposeless uses. You will find anonymity in all those categories, and ruling it out of all of them because of its occasional role in one of them is just perverse.

Speaking of electricity, it’s interesting how frequently writers (Prof. Fish included) quote Justice Brandeis’ comment that “Sunshine [sic] is the best disinfectant” without going on to complete the aphorism. When I give it in full, perhaps you will see why:

“Sunlight is said to be the best of disinfectants, electric light the most efficient policeman” (Other People’s Money – Chapter V: What Publicity Can Do)

Note the implicit characterisation of sunlight as clean, natural, healthy and life-giving. Who could object to that? By contrast, electricity may create an atmosphere in which people obey the law, but it does so by offering cut-rate panopticality. People will behave because they live under the floodlights. Not such a utopian image.

Mind you, Brandeis’ thesis certainly has its modern resonances; the problem he goes on to address in Chapter V? Excessive bankers’ commissions…