The unfolding scandal that led to the resignation of Gen. David Petraeus, the Director of the Central Intelligence Agency, started with some purportedly harassing emails sent from pseudonymous email accounts to Jill Kelley. After the FBI kicked its investigation into high gear, it identified the sender as Paula Broadwell and, ultimately, read massive amounts of private email messages that uncovered an affair between Broadwell and Petraeus (and now, the investigation has expanded to include Gen. John Allen‘s emails with Kelley). We’ve received a lot of questions about how this works—what legal process the FBI needs to conduct its email investigation. The short answer? It’s complicated.
The Electronic Communications Privacy Act (ECPA) is a 1986 law that Congress enacted to protect your privacy in electronic communications, like email and instant messages. ECPA provides scant protection for your identifying information, such as the IP address used to access an account. While Paula Broadwell reportedly created a new, pseudonymous account for the allegedly harassing emails to Jill Kelley, she apparently did not take steps to disguise the IP number her messages were coming from. The FBI could have obtained this information with just a subpoena to the service provider. But obtaining the account’s IP address alone does not establish the identity of the emails’ sender.
Broadwell apparently accessed the emails from hotels and other locations, not her home. So the FBI cross-referenced the IP addresses of these Wi-Fi hotspots “against guest lists from other cities and hotels, looking for common names.” If Broadwell wanted to stay anonymous, a new email account combined with open Wi-Fi was not enough. The ACLU has an in-depth write-up of the surveillance and security lessons to be learned from this.
After the FBI identified Broadwell, they searched her email. According to news reports, the affair between Petraeus and Broadwell lasted from November 2011 to July 2012. The harassing emails sent by Broadwell to Jill Kelley started in May 2012, and Kelley notified the FBI shortly thereafter. Thus, in the summer of 2012, when the FBI was investigating, the bulk of the emails would be less than 180 days old. This 180 day old dividing line is important for determining how ECPA applies to email.
Compared to identifying information, ECPA provides more legal protection for the contents of your email, but with gaping exceptions. While a small but increasing number of federal courts have found that the Fourth Amendment requires a warrant for all email, the government claims ECPA only requires a warrant for email that is stored for 180 days or less.
But as the Department of Justice Manual for searching and seizing email makes clear, the government believes this only applies to unopened email.
MORE . . .
- When Will our Email Betray Us? An Email Privacy Primer in Light of the Petraeus Saga (eff.org)
- Should E-mail Privacy be the Real Issue in the Petraeus Affair? (activistpost.com)
- How metadata brought down CIA boss David Petraeus (newscientist.com)
- 5 Gmail lessons from Petraeus affair (politico.com)
How the FISA Amendments Act Allows for Warrantless Wiretapping, As Described By Supreme Court Justices
On [October 29, 2012] … the Supreme Court heard oral arguments in Clapper v. Amnesty, an important case that will decide if the ACLU’s challenge to the FISA Amendments Act—the law passed in the wake of the NSA warrantless wiretapping scandal—can go forward. The Court will essentially determine whether any court, short of a government admission, can rule on whether the NSA’s targeted warrantless surveillance of Americans’ international communications violates the Constitution.1
In Clapper, the plaintiffs — journalists, human rights workers, and lawyers — filed the lawsuit because the statute prevents them from doing their job without taking substantial measures when communicating to overseas witnesses, sources and clients. EFF has previously explained how the FISA Amendments Act gives the government an unconstitutional license to read any emails or other electronic communications coming into and out of the United States. So let’s hear the Supreme Court Justices, in their own words, explain how invasive the law really is.
Here is how Justice Ginsburg, with an assist from ACLU deputy director Jameel Jaffer, explained how the FISA Amendments Act (FAA) gutted the traditional warrant requirements in FISA, along with the Fourth Amendment:
JUSTICE GINSBURG: Mr. Jaffer, could you be clear on the expanded authority under the FAA? As I understood it, it’s not like in [FISA], where a target was identified and…the court decided whether there was probable cause. Under this new statute, the Government doesn’t say who is the particular person or the particular location. So, there isn’t that check. There isn’t that check.
MR. JAFFER: That’s absolutely right, Justice Ginsburg…The whole point of the statute was to remove those tests, to remove the probable cause requirement, and to remove the facilities requirement, the requirement that the Government identify to the court the facilities to be monitored. So those are gone.
That’s why we use the phrase “dragnet surveillance.” I know the Government doesn’t accept that label, but it concedes that the statute allows what it calls categorical surveillance, which…is essentially the surveillance that the plaintiffs here are concerned about.
As Justice Kagan stated succinctly, “this statute greatly expands the government’s surveillance power. Nobody denies that.”
MORE . . .
- How the FISA Amendments Act Allows for Warrantless Wiretapping, As Described By Supreme Court Justices (activistpost.com)
- Fight over FISA Amendments Act Moves to the Senate, as the House Passes the Broad, Warrantless Spying Bill (rubinoworld.com)
- How the FISA Amendments Act Allows for Warrantless Wiretapping, As Described By Supreme Court Justices (eff.org)
- Fact Checking Obama’s Misleading Answer About Warrantless Wiretapping on The Daily Show (eff.org)
- House approves another five years of warrantless wiretapping (rubinoworld.com)
The Supreme Court is scheduled to hear arguments today (October 28, 2012) in a case called Kirtsaeng v. Wiley, and their final decision could help shape the future of “first sale,” a legal doctrine that underpins the right to sell, lend, or give away the things you buy, even if those things contain copyrighted elements.
First sale provides the legal framework for marketplaces like used bookstores, flea markets, garage sales, and eBay. It’s crucial to making sure U.S. copyright holders can’t dictate, for decades, what you do with the books, CDs, DVDs, games, etc., that you buy. But book publisher Wiley says it doesn’t apply if the copyright holder is clever enough to ensure the product in question is manufactured outside of the United States.
The Kirtsaeng case specifically deals with textbooks, but the Court’s decision is likely to affect a range of markets and consumers. First, many of the goods that people purchase every day are manufactured overseas and have some components or logos on the packaging that are subject to copyright law. In fact, the Swiss watchmaker Omega successfully sued Costco for copyright infringement because the retailer was reselling genuine Omega watches, purchased abroad, that happened to have the Omega logo on them. Second, if the Supreme Court rules in Wiley’s favor, U.S. copyright holders will likely ensure that as many of their works as possible are manufactured outside the United States, so that they, too, can escape that pesky first sale doctrine.
This dispute, however, is still just a skirmish in a larger battle to protect your right to actually own the things you buy.
MORE . . .
First Sale, Why It Matters, Why We’re Fighting for It
By Fred von Lohmann via Electronic Frontier Foundation
The “first sale” doctrine expresses one of the most important limitations on the reach of copyright law. The idea, set out in Section 109 of the Copyright Act, is simple: once you’ve acquired a lawfully-made CD or book or DVD, you can lend, sell, or give it away without having to get permission from the copyright owner. In simpler terms, “you bought it, you own it” (and because first sale also applies to gifts, “they gave it to you, you own it” is also true).
Seems obvious, right? After all, without the “first sale” doctrine, libraries would be illegal, as would used bookstores, used record stores, and video rental shops (and their modern variants, like LaLa and other CD-swapping communities).
But the copyright industries have never liked first sale, since it creates competition for their titles (you could borrow it from a friend, pick it up at a library, or buy it from a used book seller on Amazon).
It also reduces their ability to impose restrictions on how you use the work after it is sold.
- Your Right to Own, Under Threat (eff.org)
- First Sale Doctrine Under Threat: Why You May Need Permission to Sell Your iPhone (rocketlawyer.com)
- You Bought It; You Own It … Or Do You? Supreme Court To Decide (forbes.com)
- Copyright on Imported Works (nytimes.com)
- Supreme Court to hear arguments in case of student who resold books (edition.cnn.com)
Government Shares Drones with Law Enforcement Agencies Across the Country
San Francisco – The Electronic Frontier Foundation (EFF) filed suit against the Department of Homeland Security (DHS) Tuesday, demanding answers about how and why it loans out its Predator drones to other law enforcement agencies across the country.
Customs and Border Protection (CBP) – a division of DHS – uses the unmanned drones inside the U.S. to patrol the borders with surveillance equipment like video cameras, infrared cameras, heat sensors, and radar. But recent news articles as well as a report from DHS itself show CBP is expanding its surveillance work, flying Predator drone missions on behalf of a diverse group of local, state, and federal law enforcement agencies – including a county sheriff’s department in North Dakota, the Texas Rangers, the Bureau of Land Management, and the Department of Defense.
EFF filed a Freedom of Information Act (FOIA) request asking for more information about these drone flights, but DHS has yet to respond to the request. EFF’s lawsuit asks for an immediate response, including records and logs of CBP drone flights conducted in conjunction with other agencies.
“We’ve seen bits and pieces of information on CBP’s Predator drones, but Americans deserve the full story,” said EFF Staff Attorney Jennifer Lynch. “Drones are a powerful surveillance tool that can be used to gather extensive data about you and your activities. The public needs to know more about how and why these Predator drones are being used to watch U.S. citizens.”
- EFF: Local Police Using Predator Drones (personalliberty.com)
- EFF Demands Answers About Predator Drone Flights in the U.S. (eff.org)
In less than 10 minutes, you can drastically improve your privacy online and protect yourself against unwanted and invisible tracking.
Note that these privacy safeguards will also be blocking some ads. EFF is working with online advertisers to try to convince them to provide real privacy protections for users, but until they agree to meaningful standards about online tracking, these steps will be necessary for users to safeguard their browsing privacy. Aside from removing ads, these changes won’t affect your browsing experience on the vast majority of websites. It’s possible, however, that a tiny fraction of websites may behave differently or break, in which case the easiest solution is to temporarily use a “private browsing” mode without the settings enabled, or a fresh browser profile/user with default settings.
MORE . . .
- Ubuntu pipes search queries to Amazon, worrying privacy experts (nakedsecurity.sophos.com)
- Electronic Frontier Foundation Demands Changes in Ubuntu 12.10 (news.softpedia.com)
- Privacy experts criticize moves to sidestep IE10′s default Do Not Track settings (networkworld.com)
- EFF Demands Answers About Predator Drone Flights in the U.S. (eff.org)