Email becomes the electronic equivalent of DNA evidence

Most people wouldn’t be able to guess the true age of email in history. It’s astonishing to think that something resembling email was actually used as long ago as 1965. A brief look back at history lets us see that a very primitive version of email was used at MIT in a system called the Compatible Time-Sharing System (CTSS). The communication was used between users to communicate about research projects. It wasn’t until ARPANET that email became truly useful and networked without using archaic discs to store any message. ARPANET was the organization that actually established that little “@” sign in your email address in 1971. For more email history and a more in depth look you can always jump on over to Wikipedia for a lesson here. So to say the least, email has come a long way since it’s inception and has become much more prevalent in people’s lives and business than was ever thought possible. Now getting a real letter is an occasion to be reveled and remembered.

With the incredible usefulness of email and the growing use by everyone in the world, the grim sides of the advancement are becoming more clear. The fight to keep email private and personal will be an ongoing battle until a new technology takes over. Government regulations continue to pile up and drive the influence of laws and stipulations that companies and ISPs must archive all email communications.

Most people involved in business are probably already aware that emails that are associated with any company that is involved in stocks, money markets, banking and basically any type of financial service are required by the SEC to store all incoming and outgoing email and IMs. Unfortunately for the free world, these regulations are increasingly brought to the rest of email communications and instant messages through new laws and bills proposed by Congress all the time.

The volatile nature of regulations can be seen by looking at a highly read blog called, ARSTechnica.com. Within a 40 day period in June and July of 2007 this website which covers law, disorder and other information very well, posted similar stories with opposing headlines. The first story posted on June 19th, 2007 was titled, “Appeals court: Feds can’t secretly seize email without a warrant” which you can read here. The second story posted on July 15th, 2007 was titled, “Court: Feds can read email, IP addresses without warrant” which you can read here. As great as it is to get updated information from authoritative sources, it’s enough to make your head spin when trying to figure out what you can expect and what you should be worrying about. What was established in court in regards to email, is that emails are similar to what the government implements with telephone calls. The procedure is called a “pen register” and can be used to record any telephone number a person dials but does not allow the recording of a call. This can all be done without a warrant. The government has categorized emails and web surfing in the same category as phone calls. This makes it possible for the government or related agencies to capture to and from email addresses, IP addresses of visited websites, and the amount of data and bandwidth used when accessing emails and websites.

Needless to say, the EFF (Electronic Frontier Foundation) had a hay-day with this ruling in the courts and is not happy. The basic problem to this decision according to the EFF is that emails and website visits can give much more information than telephone numbers. By seeing where emails are going and what sites people are visiting you can find out a wealth of information on that person all without a warrant. A professor at the University of San Diego had his own bone to pick with this ruling on his blog here. Shaun Martin makes his point clear on his posting with this statement, “Even if a pen register isn’t a search (and I think that the dissent in Smith back in 1979 made a pretty good argument to the contrary), obtaining a list of all the IP addresses that someone visits gives you a lot more information than merely recording telephone numbers. …And my view is that footnote 6 of the Ninth Circuit’s opinion, in which Judge Fisher says that recording the actual URLs perhaps might be a search, is a distinction without a difference. Once the government records that I’m going to the IP addresses for NAMBLA and High Times and Bondage.com, the fact that they won’t (initially) know which particular page of those sites I choose to view hardly matters. They’ve already invaded my privacy, and know a boatload about me that I’d rather not reveal to the government, TYVM. And, yes, in theory, e-mail addresses arguably might be seen as the same as addresses on a snail mail envelope. But they’re viewed as more private, and rightly so, and I think the Fourth Amendment shouldn’t be (and isn’t) blind to that reality.”

If that information isn’t enough to concern you about your email happy habits, the repeated government attempts to force ISPs to retain all logs of emails, Instant Messages, websites visited and other data should perk up your interest. For the 2nd time, a Republican bill has been created that tries to get all information sent by U.S. citizens archived at the ISP level. The bill has been hidden in descriptions saying that it is for use to combat child pornography, you can find a copy of the bill here. The bill is labeled as the SAFETY ACT (Stopping Adults Facilitating the Exploitation of Today’s Youth) and even though targeting child pornographers remains so loose in it’s regulations, that it can be used to cover every single American citizen. An exact quote from SAFETY ACT of 2007 which can be found here can be read as follows, “…the Attorney General shall issue regulations governing the retention of records by Internet Service Providers. Such regulations shall, at a minimum, require retention of records, such as the name and address of the subscriber or registered user to whom an Internet Protocol address, user identification or telephone number was assigned, in order to permit compliance with court orders that may require production of such information.”

With bloggers abuzz with this new bill being submitted a website tried to generalize the text for easy consumption. The summary basically states, ” A bill introduced to the US House of Representatives would require ISPs to record all users’ surfing activity, IM conversations and email traffic indefinitely.” VNUnet.com brought out bloggers from the shadows passing this information on. Although not 100% accurate it does get the point across that the march is definitely towards complete archiving of most communications by the U.S. public.

Even though the government repeatedly attempts to pass legislation to entrap the American public into allowing all of their communications to be logged and filed away, the government itself continues to sidestep the same laws laid in place for them. The Bush administration has decided that the Freedom of Information Act does not apply to anyone in the administration that uses the White House serves for email and Internet communications. The Washington Post does a good cover of the story here and list citizen organizations opening lawsuits against the government due to this very blunt sidestepping of the law. What is more disturbing is not really the fact that the government is rejecting access to emails, but that it is already known that at least 5 million emails from March 2003 to October 2005 are completely missing.

With the White House deleting emails at every turn and rejecting Freedom of Information Act orders you would think corporations would be doing the same. The true fact is corporations are investing heavily in technology to archive all communications. A report released by IDC in June of 2007 says that companies will dump over $21.8 billion dollars into extensive services that help with legal research data mining, litigation-support infrastructure products, physical records and services for storage and long time archiving.

Small and large companies are quickly finding out that it is in their best interest to properly store and archive all information disseminated throughout their networks. Intel learned the hard way in an antitrust lawsuit between them and AMD. Intel has been forced to invest well over $20 million dollars to try and recover deleted and lost emails related to the case. Best Buy got stung when a major class action lawsuit was brought against them and MSN for fraudulently charging customers credit cards for MSN’s online services. MSN was able to provide emails to back up their claims but Best Buy came up empty handed. Without proof or any archived material lawsuits can end up being up in the air decisions.

Just recently, Qualcomm Inc. has been faced with not properly providing email communications Broadcom Corp. in litigation. The mess has grown from 21 messages on a laptop to over 300,000 pages of emails and documents that were never shared during a major trial. As quoted and talked about in this WSJ report, apologies were made profusely but the reality that the law was breached and corporations can alter rulings in the court of law is very troubling. Fines are the next step to force companies to properly archive all emails. In 2005, Morgan Stanley was ordered to pay $1.57 billion in penalties because of improper handing of tapes and electronic evidence. Even though this major judgement has been postponed due to an appeals court ruling, it was a major wakeup call for all major corporations.

The reality of the situation is that big money and big decisions are now becoming prevalent in the court of law and a lot of time proof and evidence hinges on emails and Internet activity. Whether it is your employer tracking every email, IM or website you visit or it’s your ISP that you’re using at home you should always be careful with whatever email you send. Before you hit the send button, you should think twice because there is always someone watching, archiving and logging your every move. In a report over at MarketWatch, Nancy Flynn, executive director of the ePolicy Institute said, “We’ve seen email become the electronic equivalent of DNA evidence. It’s standard evidence in litigation” If you ever run into legal problems, a big divorce or a major event at your company any and all of your communications could be used against you, even without a warrant.

If you’re company is logging all your computer activities or you’ve been forced to use your own personal electronic communications in the court of law we’d like to hear from you. What do you think should be done about ISP archiving of all communications? Should the White House have to follow the same laws as everyone else or is there a real security interest in keeping their communications private and sealed? We want to know if you are mad about email being compared to DNA evidence or think it’s about time.