Email Privacy

If you want privacy, don't count on email. Here's why.

Email may feel like a private, one-to-one conversation safe from prying eyes, but email is about as confidential as whispering at the White House. Your messages can be intercepted and read anywhere in transit, or reconstructed and read off of backup devices, for a potentially infinite period of time.

If you're sending email at work, your boss can legally monitor it, and if your company becomes involved in a lawsuit, your adversary has the legal right to review it. If you send email from home, anonymous hackers can intercept it, and if you are suspected of a crime, law enforcement officials with a warrant can seize your electronic correspondence. Even your Internet service provider may legally be able to scrutinize your email.

What all this amounts to is simple: Unless you take affirmative steps to encrypt your messages -- a process that uses sophisticated software to garble your words and then allow the recipient to unscramble and read them -- don't count on email as a confidential method of transmitting information.

Email at Work

On your first day of a new job, you may be asked to sign and acknowledge some form of employer email policy. This policy will probably inform you that email is to be used only for everyday business purposes, that the computer systems at work are the property of your employer, that email may be monitored, and that you have no reasonable expectation of privacy in your use of email.

A written statement like this, signed by an employee, creates a contract upon which an employer can rely if they want to snoop. Equally important, if a dispute arises over monitoring of email, the employer can point to the signed statement to show that it was unreasonable for the employee to think that email was private.

Even if there is no signed agreement or written policy, an employer can still peek into email (or your desk for that matter) -- assuming, as is usually the case, that you have no reasonable expectation of privacy as to the contents. Determining an employee's reasonable privacy expectations is based upon the custom and practice in each particular workplace. What this amounts to is that courts may find that an employee's personal email is private only if the employer has acted in a way that supports this conclusion.

Court Decisions

In an unpublished decision, a Texas court ruled that searching email stored in an employee's private computer folder is not the same as searching an employee locker, for which courts have held an employee does have a reasonable expectation of privacy. The difference is that the material in an employee's locker is personal and the employer knows that. Email folders stored on an employer's computer -- even if protected by an employee password -- are not personal property but "merely an inherent part of the office environment."

A Pennsylvania company assured its employees that email would not be intercepted or used against employees as grounds for termination or reprimand. Despite this assurance, the company later reviewed emails from an employee to a supervisor and used it as the basis for termination. That was perfectly legal, according to a federal court in Pennsylvania. The court ruled that regardless of the company's statements, it was not reasonable for an employee to expect privacy in email sent to a supervisor over a company email system. According to the court, the company's interest in preventing inappropriate comments or illegal activity over its email system outweighed any privacy interest the employee may have.

Government employees may have even less privacy when it comes to email. In some cases, the public can obtain access to government employee email under "public record" laws. In one case, a California newspaper was able to obtain all email relating to city business in Menlo Park written over a six-week period under California's Public Record Act. In another matter, an Arizona newspaper was able to obtain backup tapes of a computer server containing email from a local county assessor's office.

The Employer's Perspective

Employers have several legitimate concerns in monitoring email. Employers pay employees for doing work, not sending personal messages. Monitoring may alert the employer to who is sending lots of email and even who is sending messages with "resume attached." Employers also want to make sure that their investment in office computing is being used effectively, not siphoned off to support employees who overload the system's communication capacity or "bandwidth."

Employers are also worried that email will be used within the workplace to harass or offend other employees. For that reason, most of the monitoring software available to employers -- and more than one-third of employers reportedly use such software -- allow employers to locate email with offensive language.

But the biggest concern that many businesses have is that archived email will come back to haunt them in court. Unlike a conversation around the water cooler, the email statements of employees can live indefinitely on in backup tapes of corporate systems. Unless a company has a plan to purge old backups -- and most don't -- archived email can be a gold mine for lawyers representing anyone that sues the business. For example, when government lawyers sued Microsoft over antitrust issues, some of the most incendiary evidence came from archived emails that documented statements by Microsoft executives about its strategy against competitors such as Netscape.

Similarly, in lawsuits alleging sexual harassment or discrimination, judges have permitted into evidence inflammatory emails of a racist or sexual nature as well as email requests to a human resources director on how to avoid a wrongful termination claim when firing an older employee.

By placing employees on notice that email isn't private, employers can try to avoid the creation of such incriminating emails in the first place.

Email on the Internet

While adopting a policy of sending personal email only from home is an obvious step towards protecting your privacy at work, it doesn't guarantee that your messages will be fully protected from prying eyes. After your email leaves your home it travels over multiple online services and open networks to reach its destination. Although interception of email transmission -- that is, snooping while an email is in "real-time" transmission between sender and receiver -- is a federal crime under the Electronic Communications Protection Act (ECPA) (18 U.S.C.A 2517(4)), it has been accomplished by hackers.

The ECPA also permits an ISP to look through all stored messages, including email awaiting you in your mailbox or recently sent and received mail. Some ISPs temporarily store all messages that pass through the system. The ECPA normally prevents the ISP from disclosing the messages to others, but even here there are exceptions. Law enforcement officials, when armed with proper warrants or administrative subpoenas, can gather basic information about users from ISPs, including their names, and also gain access to the content of stored messages. Also, once the email reaches its destination, the ECPA does not protect against snooping at the recipient's mailbox.

Some ISPs, worried about their own liability for the email content, require subscribers to conform to an End User Service Agreement that further reduces the user's expectation of privacy with ISP-favorable terms. For example, the service agreement for one popular ISP states: "Service Provider has no obligation to monitor the Service, but may do so and disclose the information regarding the use of the Service for any reason if Service Provider in its sole discretion believes that it is reasonable to do so, including to satisfy governmental or legal requests."

Keeping Email Secret

Ultimately, the only way to ensure a high degree of privacy for your messages on the Internet is to encrypt them. Encryption is a system in which sophisticated software using cryptographic algorithms garbles your message, sends it across the networks as gibberish and then -- assuming the recipient has the correct digital "key" -- reconstitutes it, or "decrypts" it.

Commonly used public key technology uses two keys: one that is unique and private and one that is public and freely distributed to all users of a particular system. These keys only work when matched -- what one scrambles, only the other can undo. These techniques can also verify the integrity of the data (that it wasn't altered along the way) and authenticate it (check to make sure the stated creator is the person who sent the message).

But successfully using encryption requires some foresight, because the person receiving the message has to be able to decode it. Two popular encryption standards are Secure Multipurpose Internet Mail Extension ("S/MIME") and Open Pretty Good Privacy ("OpenPGP"). Neither of these software products can decode the other's algorithms.

In the end, email's speed and convenience outweighs its non-private nature for most every day discussions. But you should think of it like a postcard, not a letter -- a message open to every eye along the way.

More Information About Email Privacy

The following resources will help you learn more about email privacy issues:

For general rules about online privacy, check the resources at the Privacy Rights Clearinghouse at www.privacyrights.org.

For an online guide to Practical Privacy Tools, go to www.epic.org/privacy/tools.html.

For a copy of PGP encryption software go to http://philzimmermann.com/EN/findpgp

To read a copy of the ECPA, visit http://nsi.org/Library/Comm/ecpa.htm.

Contact Us