Email privacy

From Wikipedia, the free encyclopedia
  (Redirected from E-mail privacy)
Jump to: navigation, search

Email privacy is the broad topic dealing with issues of unauthorized access and inspection of electronic mail. This unauthorized access can happen while an email is in transit, as well as when it is stored on email servers or on a user computer. In countries with a constitutional guarantee of the secrecy of correspondence, whether email can be equated with letters and get legal protection from all forms of eavesdropping comes under question because of the very nature of email. This is especially important as more and more communication occurs via email compared to postal mail.

Email has to go through potentially untrusted intermediate computers (email servers, ISP's) before reaching it's destination, and there is no way to tell if it was accessed by an unauthorized entity. This is different from a letter sealed in an envelope, where by close inspection of the envelope, it might be possible to tell if someone opened it. In that sense, an email is much like a postcard whose contents are visible to everyone who handles it.

There are certain technological workarounds that make unauthorized access to email hard, if not impossible. However, since email messages frequently cross nation boundaries, and different countries have different rules and regulations governing who can access an email, email privacy is a complicated issue.

Technological workarounds[edit]

There are some technical workarounds to ensure better privacy of email communication. Although it is possible to secure of the content of the communication, protecting the metadata of (who sent email to whom) is fundamentally hard.[1] Even though certain technological measures exist, the widespread adoption is another issue because of reduced usability.


A significant fraction of email communication is still unencrypted. In general, encryption provides protection against malicious entities. However, a court order might force the responsible parties to hand over decryption keys; a notable example is Lavabit. Encryption can be performed at different levels, resulting in significantly different consequences.

Transport level encryption[edit]

With the original design of email protocol, the communication between email servers was plain text, which posed a huge security risk. Over the years, various mechanisms have been proposed to encrypt the communication between email servers. One of the most commonly used extension is STARTTLS. It is a TLS (SSL) layer over the plaintext communication, allowing email servers to upgrade their plaintext communication to encrypted communication. Assuming that the email servers on both the sender and the recipient side support encrypted communication, an eavesdropper snooping on the communication between the mail servers can not see the email contents. Similar extensions exist for the communication between an email client and the email server.

End to end encryption[edit]

OpenPGP is a data encryption standard that allows end-users to encrypt the email contents. There are various software and email-client plugins (FireGPG, Enigmail, GPGMail, etc.) that allow users to encrypt the message using the recipient's public key before sending it. At its core, OpenPGP uses a Public Key Cryptography scheme where each email address is associated with a public/private key pair.

OpenPGP provides a way for the end users to encrypt the email without any support from the server and be sure that only the intended recipient can read it. However, there are usability issues with OpenPGP — it requires users to set up public/private key pairs and make the public keys available widely. Also, it protects only the content of the email, and not metadata — an untrusted party can still observe who sent an email to whom. A general downside of end to end encryption schemes—where the server does not have decryption keys—is that it makes server side search almost impossible, thus impacting usability.

Architectural impact[edit]

The architecture of the system also affects the privacy guarantees and potential venues for information leakage. Traditional email protocol was designed for email clients — programs that periodically downloads email from a server and store it on the user's computer. However, in recent years, webmail usage has increased given the simplicity of usage and no need for the end users to install a program. Secure messaging is in use where an entity (hospitals, banks, etc.) wishes to control the dissemination of sensitive information. In case of secure messaging, the user is notified of a new message using some mechanism, and the user can log on to a website operated by such entity to read the message.

Both in case of secure messaging and webmail, all email data is stored on the email provider's servers and thus subject to unauthorized access, or access by government agencies. However, in case of email clients, it is possible to configure the client such that the client downloads a copy of the message as it arrives, which is deleted from the server. Although there is no way to guarantee whether a server has deleted the copy of email, it still provides protection against situations where a benign email server operator is served with a court order.

Other workarounds[edit]

Although encryption provides for a way to protect the contents of the metadata, it still fails to protect the metadata. Theoretically, mix networks can be used to protect the anonymity of communication (who contacted whom).

Another workaround that has been used [2] is to save a message as a draft in a webmail system, and share the webmail login credentials with an intended recipient. As an example of dead drop, this method defeats any kind of monitoring based on the actual email sent. However, this method infamously failed to protect the privacy of the participants in the Petraeus scandal; after coming under investigation for unrelated activities, communication between the parties was accessed by the FBI.[3][4]

Legal standing[edit]

United States[edit]

The real-time interception of contents of electronic communication is prohibited under the wiretap act,[5] while the Pen Register Act [5] provides protection for the interception of the non-content part of the electronic communication. The "From" and "To" fields along with the IP address of the sender/receiver have been considered as non-content information,[6] while the subject has been considered as the content.[7] Once the email is stored on a computer (email server/user computer), it is protected from unauthorized access under the Stored Communications Act (Title II of Electronic Communications Privacy Act).[8]

After 180 days in the U.S., email messages stored on a third party server lose their status as a protected communication under the Electronic Communications Privacy Act, and become just another database record.[5][9] After this time has passed, a government agency needs only a subpoena—instead of a warrant—in order to access email from a provider. However, if the emails are stored on a user's personal computer instead of a server, then that would require the police to still obtain a warrant first to seize the contents. This has been criticized to be an obsolete law; at the time this law was written, infinite storage at webmail servers was not available. In 2013 members of the U.S. Congress proposed to reform this procedure.[10]

There is, however, an important exception to these laws: provider exception.[5] Under the provider exception, these laws do not apply to "the person or entity providing a wire or electronic communications service.".[11] This exception, for example, allows various free email providers (Gmail, Yahoo Mail, etc.) to process user emails to display contextual advertising.

Another implication of the provider exception is access by employers. Email sent by employees through their employer's equipment has no expectation of privacy; the employer may monitor all communications through their equipment. According to a 2005 survey by the American Management Association, about 55% of US employers monitor and read their employees' email.[12] Even attorney–client privilege is not guaranteed through an employer's email system; US Courts have rendered contradictory verdicts on this issue.[13] Generally speaking, the factors courts use to determine whether companies can monitor and read personal emails in the workplace include: (i) the use of a company email account versus a personal email account and (ii) the presence of a clear company policy notifying employees that they should have no expectation of privacy when sending or reading emails at work, using company equipment, or when accessing personal accounts at work or on work equipment.[14]

European Union[edit]

The fifty-five article long Charter of Fundamental Rights of the European Union grants certain fundamental rights such as "right to be left alone" and "respect for private life" to both the European Union citizens and the residents.[15] According to article 7 of the charter, everyone has the right to respect for his or her private and family life, home, and communications. The charter came into full legal effect when Lisbon Treaty was signed on December 1, 2009.

The individual member states can not enforce contradictory local laws to what they have already agreed upon as a European Union member. This was established in Costa v ENEL that the European Union law is placed above the laws of its individual member states.

Global surveillance[edit]

From the documents leaked by ex-NSA contractor Edward Snowden, it became well known that various governments have been running programs to tap all kinds of communication at massive scales, including email. While the legality of this is still under question, it is certainly clear that the email of citizens with no ties to a terrorist organization have been intercepted and stored. Whistleblower and former National Security Agency (NSA) employee William Binney has reported that the NSA has collected over 20 trillion communications via interception,[16] including many email communications, representing one aspect of the NSA warrantless surveillance controversy.

A lawsuit filed by the American Civil Liberties Union and other organizations alleges that Verizon illegally gave the U.S. government unrestricted access to its entire internet traffic without a warrant and that AT&T had a similar arrangement with the National Security Agency.[17] While the FBI and NSA maintain that all their activities were and are legal, Congress passed the FISA Amendments Act of 2008 (FAA) granting AT&T and Verizon immunity from prosecution.[18]

See also[edit]


  1. ^ "Why Email Can’t Be Protected From Government Surveillance". 
  2. ^ "Terrorists and the Internet". 
  3. ^ Perlroth, Nicole (16 November 2012). "Trying to Keep Your E-Mails Secret When the C.I.A. Chief Couldn't". The New York Times. 
  4. ^
  5. ^ a b c d 18 U.S.C. § 2510-2522
  6. ^ United States v. Forrester, 495 F.3d 1041 (9th Circuit 2007).
  7. ^ "Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations". 
  8. ^ Burstein, Aaron. "Conducting Cybersecurity Research Legally and Ethically". 
  9. ^ Erin Fuchs, "No One Is Talking About The Insane Law That Lets Authorities Read Any Email Over 180 Days Old", Business Insider, 7 June 2013.
  10. ^ Andrea Peterson, "Privacy Protections for Cloud E-mail", Think Progress, March 20, 2013.
  11. ^ "You've Got Mail... and Your Boss Knows It: Rethinking the Scope of the Employer E-mail Monitoring Exceptions to the Electronic Communications Privacy Act". 
  12. ^ "2005 Electronic Monitoring & Surveillance Survey: Many Companies Monitoring, Recording, Videotaping--and Firing--Employees". 
  13. ^ Lisa Guerin (2011). Smart Policies for Workplace Technologies: Email, Blogs, Cell Phones & More. Nolo. pp. 47–49. ISBN 978-1-4133-1326-0. 
  14. ^ Hopkins, W. Chapman; McBrayer, McGinnis, Leslie and Kirkland, PLLC (September 19, 2012). "Are Personal Emails Private in the Workplace?". The National Law Review. Retrieved 17 April 2013. 
  15. ^ "The European Legal Context: the EU Privacy Law". 
  16. ^ "NSA is lying". Democracy Now. April 20, 2012. Retrieved May 1, 2012. 
  17. ^ ERIC LICHTBLAU, JAMES RISEN and SCOTT SHANE (16 December 2007). "Wider Spying Fuels Aid Plan for Telecom Industry". New York Times. Retrieved 30 October 2011. 
  18. ^ "Foreign Intelligence Surveillance Act (FISA)". American Civil Liberties Union. 5 February 2008. Retrieved 30 October 2011. 

External links[edit]