Vail Daily column: Privacy in the Internet age
November 20, 2012
Yikes. Here we go again.
Just when we thought we had recovered from Congressman Anthony Weiner’s … eh-hem … weiner, Washington has kicked up its heels again. The latest in the seemingly endless can-can saga of powerful men falling from high places, of course, involves now-former CIA Director General David Petraeus and his cohort, Gen. John Allen. Lest we forget, there are leading ladies in this soap opera as well: General Petraeus’ biographer and love interest, Paula Broadwell, and the Miami socialite, Jill Kelley. Of course, the web weaves out from there, including shirtless FBI agents, Benghazi, and a host of other titillating tidbits. I’ll leave that to your reading of the news and your own conclusions. Suffice it to say, there was a certain eyebrow-arching ebb and flow across the Internet.
What concerns us here, however, is the Stored Communications Act and its sibling, the Electronic Communications Privacy Act. What they say and what they do bears (no, not “bares,” although the temptation is certainly there) upon not only what are alleged to be the salacious details of the present scandal, but upon how each of us “exists” upon and navigates through the brave new worlds of social media and cyberspace.
The Stored Communications Act (“SCA”) was enacted by the United States Congress way back in the Dark Ages, when Mark Zuckerberg was still in swaddlings. It came into being in 1986. It forms a part of the larger Electronics Communications Privacy Act (“ECPA”). The SCA addresses voluntary and compelled disclosure of “stored wire and electronic communications and transactional records” held by third-party Internet service providers (ISPs).
As you may recall from high school civics, the 4th Amendment to the U.S. Constitution protects the right of we the people to ” … be secure in their persons, houses, papers and effects, against unreasonable searches and seizures … ” In a modern context, what this bears upon then is the question of “what is a ‘paper’ or ‘effect'”?
What complicates matters further is the fact that in cyberspace (where, presumably, no one can hear your indignant scream), your private stuff – meant only for you and your BFFs – is not held in your possession. Instead, your private stuff is entrusted to, and held by a third party, your trusty ISP. This is qualitatively different than caching your private papers on your own. The SCA, though, comes, at least partially to the rescue. It provides 4th Amendment-like privacy protection for email and other digital communications stored on the Internet. It limits the ability of the government to compel an ISP to turn over information.
As provided under both, “electronic communication” means any transfer of writing, images and/or data of any nature transmitted by wire, radio, electromagnetic, photo-electronic or photo-optical means that affects interstate or foreign commerce but does not include electronic funds transfer information stored by a financial institution.
The SCA provides criminal penalties for persons who intentionally access electronic communications without authorization or who prevent authorized access to such communications. The Act provides that, in some instances at least, the government may compel an ISP to disclose “customer or subscriber” information.
Provisions of the act also describe conditions under which a public ISP can voluntarily disclose customer communications or records. In general, ISPs are forbidden to divulge the contents of communications which are carried or maintained on that service. ISPs are, however, allowed to share “non-content” information, such as log data and the name and email address of the recipient. What’s more, ISPs who do not offer services to the public, such as businesses and universities, can freely disclose content and non-content information. Yikes!
The SCA’s big brother, the Electronic Communications Privacy Act, was also enacted in 1986. Its original intent was to extend government restrictions on wire taps from telephone calls to include transmissions of electronic data by computer. The, ECPA was, in fact, an amendment to Title III of the Omnibus Crime Control and Safe Streets Act of 1968 (known as the “Wiretap Statute”), which was primarily designed to prevent unauthorized government access to private electronic communications. Title II of the ECPA, which is, in fact, the SCA, protects communications held in electronic storage, most notably messages stored on computers.
Throw into this evolving mix Section 2709 of the USA PATRIOT Act which allows the FBI to issue National Security Letters (NSLs) to ISPs ordering them to disclose records about their customers, and the countervailing 2004 case of the ACLU v. Ashcroft which ruled those provisions unconstitutional under the 1st (and possibly 4th) Amendments, and you have, to say the least, a confusing, evolving soup of laws.
While the acts offer at least some guidance, social media and the Internet are morphing at astounding speed. And the law churns slowly. Until the two are fully reconciled and the protections intended under the Constitution are dragged into the 21st century, conflicts and differing interpretations will almost certainly continue to be the norm. Only when the law is shaped about the new technology will there be a clear and reliable blueprint. But, by then, everything is sure to morph again.
One thing is sure; the age of privacy – true privacy – has been forever altered. And one is wise to sheath one’s privates. It is, alas, an age where your amorous purrings, with the mere click of a finger click, can become everyone else’s biz.
Rohn K. Robbins is an attorney licensed before the bars of Colorado and California who practices in the Vail Valley with the law firm of Stevens, Littman, Biddision, Tharp and Weinberg LLC. His practice areas include business and commercial transactions, real estate and development, family law, custody, divorce and civil litigation. He may be heard on Wednesdays at 7 p.m. on KZYR radio (97.7 FM) and seen on ECOTV 18 as host of “Community Focus.” Robbins may be reached at 970-926-4461 or at either of his e-mail addresses, firstname.lastname@example.org or email@example.com.