[nycbug-talk] wiretap act re change sendmail port from 25 to something else

[george at rob.us.to]

"Jerry B. Altzman" <jbaltz at omnipod.com> writes:
> 2) Have you considered why optimumonline might be blocking inbound
> port 25? (Like, they don't want people running "servers" on the end of
> "residential"/"noncommercial" lines, or they don't want to run spam
> reflectors on the end of their broadband connections?)

Here is one reason I don't like going through the ISP smtp server:
It's not a violation of the wiretap act for the isp to read it "pending
delivery to its customers" - and it probably works the other way.

from State Bar News, Technology Issue 2004
Copyright, and with permission of, the author:

By David P. Miranda

An e-mail service provider?s practice
of viewing e-mails temporarily
stored on its computers, pending
delivery to its customers, does not constitute
an interception within the
meaning of the federal Wiretap Act.
United States v. Councilman, 2004 WL
1453032, (1st Circ. 2004). Although the
Councilman decision only addresses the
issue of whether the defendant?s conduct
was a criminal violation under
the Wiretap Act, it calls into question
the confidentiality of e-mails that are
sent via service providers that engage
in similar conduct. The decision
should be considered by attorneys that
exchange confidential information
with clients by e-mail.
In United States v. Councilman,
defendant Bradford C. Councilman
was vice-president of Interloc, an
online rare and out-of-print book listing
service, which provided certain
customers with an e-mail address and
acted as their e-mail service provider.
The defendant directed Interloc?s
employees to intercept, copy, and store
e-mails originating from Amazon.com
before reaching its customers. The
defendant did this in order to review
the intercepted e-mail to learn about
its competitor Amazon.com for commercial
purposes. After an e-mail
message is composed, the message is
sent to a Mail Transfer Agent (MTA)
where it is temporarily stored before
being sent to the recipient?s mail serv-
er. The mail server accepts the message
and stores it in a location accessible
to the recipient. Often, a separate
Mail Delivery Agent (MDA) retrieves
the message from the MTA in order to
determine which user should receive
the e-mail and delivers the message to
that user?s mailbox. The defendant
programmed Interloc?s MDA to intercept
and copy all incoming communications
from Amazon.com to Interloc
customers while the e-mails were temporarily
stored on Interloc?s computers.
The defendant was charged with
conspiracy to intercept electronic communications
and intentionally disclose
their contents under 18 U.S.C.
?2511(1)(a); conspiracy to use the contents
of the unlawfully obtained electronic
communication in violation of
?2511(1)(c); and conspiracy to cause a
person to divulge the content of the
communications while in transmission
to persons other than the addressees of
the communications in violation of
?2511(3)(a). The issue before the court
was whether there was an ?intercept?
of a communication within the meaning
of the Electronic Communications
Privacy Act (ECPA), commonly known
as the Wiretap Act.
The Decision
The First Circuit Court of Appeals
held that no ?interception? occurred
under the Act because the defendant
acquired the e-mails while they were
in ?electronic storage? and not during
?electronic communication.?
?Intercept? as defined under the
Wiretap Act refers only to acquisition
of ?electronic communications? and
not data in ?electronic storage.? The
court found that without requisite
interception, the Wiretap Act was not
violated.
?Intercept,? as defined in ?2510(4)
of the Wiretap Act, refers to ?the aural
or other acquisition of the contents of
any wire, electronic, or oral communication??
The e-mails at issue in this
case are ?electronic communications?
within the meaning of ?2510(12) of the
Wiretap Act. No mention is made in
?2510(12) that an electronic communication
includes electronic storage of
such communication. On the other
hand, ?2510(1) defines ?wire communication?
and expressly includes in the
definition any electronic storage of
such communication. The court noted
that under general rules of statutory
construction, when Congress includes
particular language in one section of a
statute but omits it in another, it is presumed
that Congress acts intentionally
and purposely in the disparate treatment.
Because the messages, at the
time of interception, were in electronic
storage under ?2510(17)(A), which is
not included in the definition of electronic
communication, the messages
were outside the scope of ?interception?
under ?2511(1)(a).
The Dissent
A dissent by Judge Lipez states that
the defendant?s approach to the
Wiretap Act undoes decades of practice
and precedent regarding the scope
of the Wiretap Act and essentially renders
the Act irrelevant to the protection
of wire and electronic privacy.
Judge Lipez found it inconceivable
that Congress could have intended
such a result merely by omitting ?electronic
storage? from its definition of
electronic communication.
Potential Implications
The New York Code of Professional
Responsibility not only prohibits an
attorney from knowingly revealing the
confidences and secrets of a client, but
also requires attorneys to exercise reasonable
care to prevent law firm
employees and others whose services
are utilized by the lawyer from disclosing
clients? confidences or secrets.
DR 4-101(B), (D). In 1999 New York?s
CPLR was amended to permit privileged
communications to be sent by
electronic means. CPLR ?4548 states
that ?no communication privileged
under this article shall lose its privileged
character for the sole reason that
it is communicated by electronic
means, or because persons necessary
for the delivery or facilitation of such
electronic communication might have
access to the content of the communication.?
CPLR ?4548.
Ethical Implications
The NYSBA Committee on
Professional Ethics, in its first ethics
opinion specifically addressing the use
of Internet e-mail to communicate with
clients, stated that ?whether the use of
Internet e-mail is consistent with [the
duty to use reasonable care to protect
client confidences and secrets]
depends upon the likelihood of interception.?
NYSBA Op. 709 (1998).
Concluding that lawyers may ethically
use e-mail to transmit confidential
information to and from clients, the
committee relied heavily upon the fact
that unauthorized interception of email
is a criminal offense under the
ECPA, stating: ?we believe that the
criminalization of unauthorized interception
of e-mail certainly enhances
the reasonableness of an expectation
that e-mails will be as private as other
forms of telecommunication.? NYSBA
Op. 709 (1998). The First Circuit?s
holding in Councilman, finding interception
of e-mail legal at certain stages
of electronic transmission, calls into
question the foundation of reasoning
upon which the committee relied
when holding that a lawyer may use email
to communicate with clients
without breaching the duty of confidentiality
under DR 4-101.
In its 1998 opinion, the NYSBA committee
warned that due to the rapidly
evolving nature of the technology,
lawyers must remain vigilant, and be
cognizant of any changes in the likelihood
of interception. If a lawyer is
aware of a specific reason that a particular
client?s e-mail system is at an
increased risk of interception, the
lawyer should choose a more secure
means of communication.
The Councilman decision may
cause attorneys to refrain from using email
as a method of exchanging confidential
information with clients that
have e-mail systems which are not
secure. This may be difficult because
e-mail is so commonly used, and is
sometimes a client?s preferred method
of communication. An attorney with a
client who prefers to exchange communications
via e-mail may wish to
inquire as to the security and confidentiality
provided by the client?s e-mail
service provider.

Miranda is a partner in the Albany law
firm of Heslin Rothenberg Farley & Mesiti
P.C., dedicated exclusively to intellectual
property law. He can be reached at (518)
452-5600 or at dpm at hrfmlaw.com.
Shanna K. O'Brien, a law clerk with the
firm, assisted with this article.