E-mail goes into space without privacy file Open letters: Electronic mail writers have practically no privacy, and their lack of legal protection is opening the way for punishment in courts and workplaces.

April 27, 1996|By David Folkenflik | David Folkenflik,SUN STAFF

You dash off an angry electronic message to a friend about your unreasonable boss. No big deal: you're just blowing off steam.

Big deal: you're fired.

Even if your friend believes she has erased the message, that note can be read or reproduced legally by your boss, or your friend's boss, or by anyone working for the computer services that generate, process or receive electronic mail.

Despite privacy concerns, there is little federal law protecting electronic mail. Policies concerning privacy vary greatly among the companies and universities that provide access to the Internet. Increasingly, people in Maryland and elsewhere are finding that they can be held responsible for their often hastily created messages.

"It's become a cliche that e-mail is more like a postcard than a letter in a sealed envelope," said David Sobel, an attorney with the private Electronic Privacy Information Center in Washington. In fact, he suggested, e-mail is "like a postcard that might be getting xeroxed in every post office it might pass through."

And electronic mailings are becoming more commonly used as evidence in courtrooms and corporate boardrooms.

Prosecutors, for example, are likely to draw upon the pleading electronic messages of Johns Hopkins University senior Robert J. Harwood during his trial for the shooting death of Hopkins sophomore Rex T. Chao earlier this month. Excerpts from those messages, provided by a confidential source, were published in The Sun this week.

University officials, who were given printed copies of messages from Mr. Harwood by Mr. Chao weeks before his death, said they did not search Mr. Harwood's computer mailbox or other files before the shooting April 10. A campus spokesman would not comment about what subsequent measures have been taken by the university.

In the last six months:

A federal court in Pennsylvania held that the Pillsbury Co. was entitled to fire a woman who had sent e-mail critical of a superior, even though the company had explicitly promised that it would not monitor its employees' messages.

A San Diego supercomputing company running a federally sponsored research center retrieved the electronic mail of three company executives, two of whom had recently resigned. The company sought to learn more about the relationship of the two departing officials, who joined a rival research group.

A librarian at the University of California at Irvine refused to tell her supervisor her computer password when she took a personal leave of absence. So he had all e-mail addressed to her routed to his electronic mailbox. A draft for a new University of California System policy would generally consider e-mailings private but notes that they are potentially disclosable under state law.

A private Washington research group published a book based on 500 electronic mailings taken from the Reagan White House, after court battles forced each presidential administration to record and ultimately release such correspondence.

"The White House e-mail should be a shot across the bow for e-mail users," said Tom Blanton, director of the National Security Archive in Washington and editor of the published e-mail collection.

It's well accepted that people accused of computer-based crimes -- such as breaking into someone else's files or harassing through electronic messages -- are likely to have their computer files investigated.

Public property

Less well known, however, is that your e-mailings are not your own and can live on past your ability to see them. "I wouldn't send anything you don't want public," said Bruce Schneier, a Minneapolis computer consultant who is the author of the 1995 book "E-mail Security."

"E-mail is not private," Mr. Schneier said. "E-mail is private most .. of the time. But it can be made public, especially if you're using a company computer."

When you send your e-mail, you are first forwarding it to the network of the company, campus or agency that is your "host" -- that provides you with your computer account. That host typically saves your message on computer tape or disks, then transmits a copy out to the Internet itself.

The Internet was initially created as a communications network to link university, government and military contractor researchers. The message you send is transmitted through this network, which sends it by any of a seemingly infinite number of routes to the organization through which your friend has access to the Internet.

Generally, that company holds onto the message in its data banks and informs the recipient that an e-mail awaits. The message usually is held in the memory of the firm's system -- not the files of the recipient. When you delete your e-mail, it doesn't actually disappear; it goes into a hidden location.

The record lasts anywhere from several days to several years, depending on the policy of the company, campus or agency involved. Copies are also made of similar communications, such as postings on electronic bulletin boards or Web sites.

Baltimore Sun Articles
Please note the green-lined linked article text has been applied commercially without any involvement from our newsroom editors, reporters or any other editorial staff.