Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customise your settings, hit “Customise Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences

  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.
Sign in

Cloud computing lets Feds read your email

You have 'no expectation of privacy'

Mark Rasch Wed 20 Aug 2008 // 12:03 UTC

When the new iPhone 3G went on sale last week, I was sorely tempted to wait in line for one. (I didn't - no patience.)

One of the features of Apple's device that appeals to me is the new MobileMe service, where you can "access and manage your email, contacts, calendar, photos, and files at me.com," according to Apple. More companies, among them Microsoft and Google, already allow people to store information and use common services online - or "in the cloud" - leading analysts to refer to the entire trend as "cloud computing".

This iteration of "cloud computing" puts your personal data on an accessible server held by a third party, which you replicate on multiple machines and access from virtually anywhere. Putting aside the security, data storage, data retention, data destruction and other pesky issues associated with doing business in the cloud, one fundamental issue remains: Your data is being hosted, stored and transmitted through a third party. As far as the law is concerned then, that third party has control of your data and may therefore be subject to a subpoena for your data, often without your knowledge or ability to object.

On July 11, 2008, Steven Warshak, the president of a nutrition supplement company, learned the hard way (pdf) about the dangers of using web-based email. On May 6, 2005, the government got such an order for the contents of his emails.

Generally, the internet service provider (ISP) is required to give the subscriber notice of the subpoena, but the statute allows a delay of up to 90 days if the government just asks for the data and the court finds that "there is reason to believe that notification of the existence of the court order may have an adverse result", like endangering the life or physical safety of an individual, flight from prosecution, destruction of or tampering with evidence, intimidation of potential witnesses, or otherwise seriously jeopardizing an investigation or unduly delaying a trial. Using this provision the government got an order allowing it to delay telling Warshak of its access for 90 days, until early July 2006.

July came and went, as did August, September, October, November, December, January, February, March, April and May of 2007 before the government finally got around to telling Warshak that it had been reading his mail.

Warshak, like many others, used web-based or third-party provided email services like Yahoo! mail and NuVox communications. Thus, his inbox and outbox were literally out of his hands. If Warshak had used an internal email service that he controlled and the government wanted to get access to the contents of his email, they would have had to do it the old-fashioned way: Obtain a search warrant supported by probable cause, issued by a neutral and detached magistrate, specifying the place to be searched and the items to be seized. In fact, those are the precise words of the Fourth Amendment.

Now the government could have issued a grand jury subpoena to Warshak ordering him to pony up his emails. Warshak could then have challenged the scope and breadth of the subpoena, argued that it called for production of irrelevant or privileged materials, challenged the jurisdiction of the grand jury to issue the subpoena, or raised a series of other defenses to the subpoena itself.

But the government didn't want Warshak to know it was investigating him and his company. It wanted to be able to read his emails without him knowing about it. So it used a statute called the Stored Communications Act, which allows the government to require an ISP to hand over the contents of your emails that have been in storage for more than 180 days even without a warrant, as long as it has a court order showing "reasonable grounds to believe that the contents of a wire or electronic communication, or the records or other information sought, are relevant and material to an ongoing criminal investigation".

Page:
26 Comments

Similar topics

Broader topics

Narrower topics

Other stories you might like

  • Atlassian outage lingers, sparking data loss fears
    Microsoft OneDrive: Missing documents? Hold my beer
    Thomas Claburn in San Francisco Fri 8 Apr 2022 // 23:55 UTC

    Atlassian is still scrambling to recover from a recent software script fiasco and is hoping no customer data gets lost, which may be more than Microsoft can manage if OneDrive, as some have reported, has been intermittently corrupting large uploads for at least two months.

    Four days after some Atlassian customers began encountering problems with the cloud giant's collaboration software, recovery efforts continue and a few folks are worried they may not get their data back.

    One wrote to The Register wondering about that possibility after the company, via Twitter, responded to a request to confirm that customer data is backed up and failed to actually do so.

    Continue reading
  • SpaceX launches first totally private mission to the International Space Station
    Saturday rendezvous planned for historic commercial orbit ride
    Katyanna Quach Fri 8 Apr 2022 // 23:12 UTC

    A retired NASA astronaut and three space tourists are right now tucked inside a SpaceX Dragon capsule above Earth for the first-ever purely commercial mission to the International Space Station.

    Flames billowed from the sky as the four-person crew were carried into space by a Falcon 9 rocket lifting off from NASA's Kennedy Space Center in Florida on April 8 at 1117 ET (1517 UTC). They are expected to arrive at their destination on Saturday at 1054 ET (1454 UTC) if all goes to plan.

    Michael Lopéz-Alegría, vice president of business development at Axiom Space and a former NASA astronaut, is flying on the first private flight. He is accompanied by Larry Connor, an American real estate magnate; Eytan Stibbe, an Israeli businessman and former fighter pilot; and Mark Pathy, Canadian CEO of investment firm Maverick.

    Continue reading
  • Google to sell replacement Pixel phone parts via iFixit
    Batteries, displays, cameras and more, apparently
    Brandon Vigliarolo Fri 8 Apr 2022 // 22:12 UTC

    In a nod to right-to-repair efforts, Google is partnering with iFixit to offer spare parts for its Pixel smartphones dating all the way back to 2017.

    Genuine Pixel parts will be in stock for iFixit customers in the US, UK, Canada, Australia, and EU countries that sell Pixels "later this year." Parts will be available for devices as old as the Pixel 2 through 2021's Pixel 6 Pro, "as well as future Pixel models," Google said today. 

    Available parts include "everything you need for the most common Google Pixel Repairs – batteries, displays, cameras and more," iFixit said. The repair howto site will be selling parts individually, and as part of its Fix Kits that include necessary pieces and tools needed to perform specific repair processes. 

    Continue reading
  • Apple iOS privacy clampdown 'did little' to reduce tracking
    Double-standard rules have strengthened iGiant's gatekeeper power
    Thomas Claburn in San Francisco Fri 8 Apr 2022 // 21:06 UTC

    Apple's ramp up in iOS privacy measures has affected small data brokers, yet apps can still collect group-oriented data and identify users via device fingerprinting, according to a study out of Oxford.

    What's more, the researchers claim, Apple itself engages in and allows some forms of tracking, which serve to strengthen its control over the iOS market.

    In a paper titled, "Goodbye Tracking? Impact of iOS App Tracking Transparency and Privacy Labels," due to be published in June for the ACM Conference on Fairness, Accountability, and Transparency 2022, Oxford academics Konrad Kollnig, Max Van Kleek, Reuben Binns, and Nigel Shadbolt, with independent US-based researcher Anastasia Shuba, describe what they found after analyzing 1,759 iOS apps from the UK App Store, both before and after the introduction of iOS 14.

    Continue reading
  • Microsoft dogs Strontium domains to stop attacks on Ukraine
    Software giant sinkholes systems used by Russian gang
    Jeff Burt Fri 8 Apr 2022 // 20:29 UTC

    Microsoft this week seized seven internet domains run by Russia-linked threat group Strontium, which was using the infrastructure to target Ukrainian institutions as well as think tanks in the US and EU, apparently to support Russian's invasion of its neighbor.

    The seizure is also part of a long-running legal and technical hunt by Microsoft to disrupt the work of Strontium – aka APT28 and FancyBear, among other names – via an expedited court process that enables the company to quickly get judicial approval for such actions, according to Tom Burt, corporate vice president of customer security and trust at Microsoft.

    Before the latest seizures, Microsoft had used this process 15 times to take over more than 100 domains controlled by Strontium, which is thought to be run by the GRU, Russia's foreign military intelligence agency. Microsoft obtained a court order for the most recent operation on April 6 and acted immediately.

    Continue reading
  • Newly released Space Force data could save life on Earth
    Goodness, gracious, lots of insights on great balls of fire
    Brandon Vigliarolo Fri 8 Apr 2022 // 20:04 UTC

    The US Space Force is publicly releasing nearly 30 years of data on fireball meteors in the hopes it can improve the detection and impact prediction of near-Earth objects (NEOs).

    The data contains information on bolides, classified as any meteor that has enough mass to become a fireball but not enough to cause a ground impact, several dozen of which happen each year.

    Data from NASA on bolides is publicly available, but the Space Force is adding light curve data to the mix, which the agency said has been greatly sought by the scientific community.

    Continue reading

Biting the hand that feeds IT © 1998–2022

Your Consent Options Cookies Privacy Ts&Cs