Two years ago, 40-year-old William Beebe sent a letter of apology and subsequent e-mails to then-38-year-old Liz Seccuro for a sexual encounter he had with her in 1984 when she was a 17-year-old UVA student. He was making penance per his Alcoholics Anonymous program. An already traumatized Seccuro eventually took one of his e-mails to police. Prosecutors cast it as an admission of rape. Eventually Beebe pleaded guilty to the lesser charge of aggravated sexual battery. He has started serving an 18-month prison sentence.
 |
Then there’s the case of Dena Bowers, a recruiter in UVA’s human resources department, who in 2005 sent a NAACP document criticizing the University’s “charter” proposal as an e-mail attachment from her work account to another co-worker. A month and a half later she was fired for supposedly having broken University e-mail policies (and for refusing to cooperate with the subsequent investigation). She is currently suing for $1 million in damages.
It seems safe to say that we now live in a world where Internet privacy is constantly at issue, from the current fracas over the firing of eight U.S. attorney generals (as revealed in department e-mails) to illegal NSA e-mail wiretaps to the astronaut arrested in February for attempted kidnapping. Remember space cadet Lisa Nowak? She drove more than 900 miles to confront a lover’s girlfriend and, police say, kill her. Guess what they found in her car: e-mails between the lover and his girlfriend that Nowak had surreptitiously retrieved from his office and home computer. “Will have to control myself when I see you,” the girlfriend wrote. “First urge will be to rip your clothes—”
 Would the current fracas over the firing of eight U.S. attorney generals exist without Justice Department e-mails? Four of the eight are pictured here, left to right: Carol Lam, David C. Iglesias, John McKay, and H.E. "Bud" Cummins III. |
If you factor instant messaging and texting, much of our daily existence is mapped out through perfunctory, sometimes garbled, language that is traded electronically. A recent ABC news report unsurprisingly found that “the volume of e-mails has exploded in recent years with over 170 billion now being sent daily around the globe…that’s two million every second.”
While the Internet is a great way to communicate, its invigorating liberty also makes us vulnerable to inspection. Many Internet Service Providers, for example, store copies of your e-mail messages on their servers before they are even delivered. The backups can stick around for several months.
Most of us sit all day in front of our computer at work, where e-mail has blurred our professional and private lives. What you want for dinner intermingles with the price of a contract, and consequently, many companies have enacted measures to protect their interests. As employees are “at will,” they can be fired for almost any reason. As a result, an employer can issue broad proscriptions like C-VILLE does in its employee handbook. “No Right to Privacy” it proclaims, and the section closes with a broad declaration that in “all times and in all locations,” the company “has the right to monitor, access, and disclose any and all documents, information, and materials contained on any of the newspapers’ electronic property, as permitted or required by law. We may engage in the following at any time—tracking Internet usage, recording phone calls, and reading emails.”
Advertisement—story continues below
According to Robert O’Neil (the founding director of the Thomas Jefferson Center for the Protection of Free Expression, located in Charlottesville), the major legal controversies so far have revolved around the scope and breadth of these types of institutional policies, which are common to both the private and public world. He also points to a couple of recent court cases where two federal circuits ruled on whether current wiretapping law extends to when a company stores an employee’s messages. “One court held that it was not a violation because it only applied to interception during the actual transmission,” says O’Neil. “You would literally have to know when the sender was sending it in order to be able to intercept, and it’s only a wiretap if it occurs in the moment of transfer.” A few years later, in August 2005, a federal court turned that ruling on its head, holding that the term “electronic communication”—which is the term in the wiretap law—does include stored e-mails, giving the law a broader interpretation. So which way is it? “The fact that they are in disagreement sometimes gets the Supreme Court interested,” says O’Neil. “I think this is an area in which they probably will not want to intervene.”
 Why is the law so murky on Internet privacy? “A lot of it is metaphysical,” says Robert O’Neil, founding director of the Thomas Jefferson Center for the Protection of Free Expression. |
Wire-tapping seems rather remote, perhaps, until you consider something like keystroke technology. Easily procured, so-called “key loggers” record everything typed on a keyboard, from the moment the computer is turned on until it is shut down. “That includes passwords, attempts to hack the system, bidding on Elvis memorabilia on eBay, and lots and lots of very normal business activity,” says an article on BankRate.com entitled “Computer keystroke logging: You can, but should you?” And it is all so attainable, with prices for the software starting at $29.95 and topping out at about $150 per computer.
Naturally, the federal government has recognized the potential for keystroke technology to safeguard its secrets. At the same time, the government anticipated the inherent privacy problems for public employees, who number 20 million in all. As far back as 1993, future FBI Director Robert Mueller issued a Department of Justice memo as an acting assistant attorney general of the United States. “It has come to our attention that keystroke monitoring, a process whereby computer system administrators monitor both the keystrokes entered by a computer user and the computer’s response, is being conducted by government agencies in an effort to protect their computer systems from intruders who access such systems without authority,” Mueller began, and proceeded to list its benefits.
“However, we have reviewed the legal propriety of such monitoring of the activities of intruders and…I wish to share our legal conclusions with you,” he continued. The legality of the monitoring was governed by the U.S. Code. “That statute was last amended in 1986, years before the words ‘virus’ and ‘worm’ became a part of our everyday vocabulary,” he duly noted. As a result, the Department of Justice recommended that federal employers take precautions before employing keystroke technology by simply notifying employees of the surveillance at the time they sign on to their system.
 Unsend! Unsend! Dena Bowers and William Beebe may well be wishing they’d never sent those e-mails. |
Mueller’s memo gave an example of what an appropriate banner might say: This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel. In the course of monitoring individuals improperly using this system, or in the course of system maintenance, the activities of authorized users may also be monitored. Anyone using this system expressly consents to such monitoring and is advised that if such monitoring reveals possible evidence of criminal activity, system personnel may provide the evidence of such monitoring to law enforcement officials.
The potential for keystroke-monitoring abuse was something DOJ clearly meant to preempt. Despite their efforts, a report surfaced in 2001 alleging that the National Ground Intelligence Center, located in Charlottesville, had engaged in illegal computer monitoring after an employee had filed a complaint with the Equal Employment Opportunity Commission. According to the September 2001 article in Insight magazine, internal records showed that five employees were placed under computer surveillance. When the employees turned on their computers every morning, they saw a warning—reminiscent of Mueller’s—telling them the computers were subject to lawful monitoring.
 E-mails found in astronaut Lisa Nowak’s car beefed up the attempted kidnapping case against her. |
Of course, e-mail is only part of a larger culture increasingly under surveillance. In the physical world, cameras watch over us when we walk into the 7-Eleven, take money out of the ATM or run a red light. The Internet is far more invasive—a predatory world where our every move is tracked. Consider that Google, which is preferred by just under half of all Internet users, stores search data indefinitely. Other popular search engines, including MSN, Ask, and Yahoo have similarly murky policies. To counter privacy concerns, Google recently announced that “it plans to alter its privacy policy and strip certain identifying information from archived Internet searches,” according to The Washington Post. The catch is it only applies to searches conducted from the Google home page, and will not protect “searches conducted from Google Calendar or correspondence sent through Google’s Web e-mail service.”
There is even less of an expectation of privacy with Instant Messaging, as the 2005 AOL Messenger Terms of Service reveal: “Although you or the owner of the Content retain ownership of all right, title and interest in Content that you post to any AIM Product, AOL owns all right, title and interest in any compilation, collective work or other derivative work created by AOL using or incorporating this Content. In addition, by posting Content on an AIM Product, you grant AOL, its parent, affiliates, subsidiaries, assigns, agents and licensees the irrevocable, perpetual, worldwide right to reproduce, display, perform, distribute, adapt and promote this Content in any medium. You waive any right to privacy. You waive any right to inspect or approve uses of the Content or to be compensated for any such uses.”
What about our government? A week before Google’s announcement, Homeland Security Chief Michael Chertoff was having to defend a new government program called ADVISE, short for Analysis, Dissemination, Visualization, Insight and Semantic Enhancement. Standing before a group of reporters, Chertoff explained that the program aims to analyze existing, legally collected computer data, not gather new personal information on U.S. citizens. “This is not a program that sucks up or collects information from out on the Internet or anything like that,” Chertoff told the AP. “It’s not data mining.”
In these times, vague assurances from the government and corporate sphere are insufficient to assuage a general unease that we’re being watched. Unfortunately, it’s a sacrifice we make to live online. So if you’re going to criticize your boss you might not want to do it through your work e-mail. The law, however murky it might be, is not on your side. “A lot of it is metaphysical and difficult to analogize to any other existing communications technology,” says O’Neill. “That’s part of the problem.”
