Tag Archive for 'email'

Delaware Now Allows Social Media Accounts to Be Inherited

A new law enacted in Delaware this year allows executors and heirs to obtain the social media passwords to decedents’ social media accounts. Prior to the passage of this law, social media accounts expired upon the death of the account-holder. This was the case even in those instances where the decedent’s friends and family members knew the passwords to those accounts. They were prevented from accessing the accounts by the terms of use of social media companies, including Facebook, which have restrictions regarding the sharing of accounts.

social media accountsWhat Are the Provisions of the New Law?

The new law, which is the first of its kind, is called the Uniform Fiduciary Access to Digital Assets Act (UFADAA). In addition to acknowledging social media accounts as property, the law grants to guardians who are caring for disabled persons, the right to manage their social media accounts. It also gives this right to executors, agents under powers-of-attorney, and trustees in the same way that fiduciary trustees can gain access to bank accounts, financial and tax documents, and medical records, contingent upon a will, trust, or power-of-attorney. Another right possessed by the decedent is the right to prevent the heirs from ever opening or modifying their online accounts.

Furthermore, the new law allows title to digital assets to be held by a trust. Referred to as a digital asset trust, this type of trust may well become an integral part of the estate planning for those individuals who possess digital photography , artwork, or manuscripts, or computer code, and who would like these assets to be managed in such a way that their family members and friends can benefit.

How Will the Law Be Applied?

The law applies solely to residents of Delaware, and it will be interesting to see if other states will follow its lead. While some states already have laws in place permitting the decedent’s personal representative to access online accounts, these laws are far more limited than the one enacted in Delaware. Those states with a limited version of the law are: Connecticut, Idaho, Indiana, Nevada, Oklahoma, Rhode Island, and Virginia.

A decedent whose will or trust is governed by Delaware law will be able to have his or her online accounts accessed by the personal representative of the estate. However, a decedent whose will or trust is governed by any other state will be unable to have the same access granted to the personal representative. It is irrelevant that several technology companies, including Facebook, Twitter, and Google, are incorporated in Delaware.

Potential Invasion of Privacy

Despite the benefits of the law, there is some opposition due to the potential invasion of privacy of third parties who maintained contact with the decedent. Such communications to the decedent include those that are considered to be highly confidential from people who are still living, including patients of deceased physicians, psychiatrists, and members of the clergy. These individuals would likely be understandably upset upon learning that a personal representative was reading their emails.

Nevertheless, the benefits of the law appear to far outweigh the disadvantages in that the decedent’s heirs and beneficiaries will have access to online accounts that were previously beyond their reach. Although many of these accounts may not have much in the way of monetary value, the heirs may attach some emotional value to them.

Don’t Worry NSA, Google Has E-mail Surveillance Covered

It shouldn’t be surprising that Google monitors Gmail for child pornography. After all, this is the same company that scans e-mails and bombards uers with advertising for legal services. However, the scans of John Skillern’s Gmail will likely result in a lengthy prison sentence rather than annoying advertisements.

gmail surveillanceIn 2008, Google applied new software to its e-mail system. The software consists of a “database” of child abuse images (only data, no actual pictures!) which is compared to Gmail attachments. If there is a match, child protection agencies are alerted, who then send tips to local police.

The system is automatic, so Google employees aren’t involved in the process. Since Google’s e-mail system is the world’s largest web-based e-mail service, with about 425 million users worldwide, this system is one of the largest surveillance systems in human history.

A few weeks ago, Google’s new software led to the arrest of John Skillern. Skillern is a registered sex offender, convicted of sexually assaulting an eight year old boy in 1994. After Google scanned Skillern’s Gmail, police obtained a search warrant and allegedly found child pornography on his phone and tablet. The 41 year old Houston City restaurant cook was charged with one count of possession of child pornography and one count of the promotion of child pornography.

“Those Who Sacrifice Liberty for Security Deserve Neither”

Pedophiles who thought the “right to be forgotten” could shield their evil online are in for a rude awakening. There is no doubt that child pornography and the child abuse it promotes is profoundly wrong and people like Skillern deserve to rot in the deepest prison cells.

However, this type of surveillance is morally ambiguous at best and outright dangerous at worst. First, there’s the slippery slope argument. If Google can monitor private communications for child pornography, could they also monitor Gmail for drug use or criminal conspiracies? Can the software scan for politically sensitive issues like religion or terrorism? How about activists’ movements like Occupy or Tea Party? Surveillance always starts with good intentions. If the NSA has proven anything, it’s that employees of massive surveillance technology abuse it at the first opportunity.

Of course, slippery slopes are an easy argument, even if America’s legal system tends to ride slippery slopes all the way to crazy town. Google currently has little potential for employee abuse since Google’s system is automatic, with almost no human control. The software automatically compares data, not even actual photos, for a match. When Detective David Nettles said “I can’t see that photo, but Google can,” he was misleading reporters.

So what could go wrong when a computer system does all the surveillance? Ignoring the obvious Terminator reference, machines don’t understand context. Many child pornography laws require that the defendant have a certain state of mind, a criminal intent, for the defendant to be convicted. Suppose a defendant’s Gmail was hacked. Or a virus spread images of child pornography across random computers. Or if a child protection agency employee Gmailed a district attorney the photos as evidence. Google would pick out the transmissions, even though none of these cases would result in a conviction. Skillern looks like he possessed child pornography for the purpose of looking at and selling young children, but with 425 million users, there could easily be grey area cases.

Want to Search My Email? Court Says You Need a Warrant

Back in the day (way, way back) the Founding Fathers recognized a great need that Americans still face today: the need to protect citizen’s privacy rights.  In the Constitution, the Fourth Amendment guarantees that, “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated…”

I recently learned that when creating this Amendment, the drafters placed very, very special importance on one word: “papers”.  That’s right, more than anything else, they loved their documents.  After all, they chose to specifically include the word papers, even though they also mention the word “effects” (personal belongings, as in, “My effects, please“).

But what about today?  What if the documents are not in paper form?  What if they aren’t in your house?  What if they aren’t even near your house or on your person?  Is a warrant required in those situations?

If you haven’t guessed by now, I’m talking about our rights to e-mail privacy.  Recently, a landmark court decision has finally shed some light on the ongoing debate as to whether the government needs a warrant in order to search and seize e-mails stored by an internet service provider.  In U.S. v. Warshak, the Sixth Circuit Court of Appeals held that private emails are protected from warrantless searches.  (For a full view of the opinion, click here).

As we all know, the government must first obtain a warrant to search items wherein a person has a “reasonable expectation of privacy”.  In the Warshak case, the court basically concluded that the expectation of privacy is overwhelmingly great with respect to emails.  They even went so far as to state that it would “defy common sense” not to apply Fourth Amendment protections to email messages.

Personally I am very pleased with the ruling.  After all, papers are papers, regardless of whether they’re actually on paper or not (I’m sure the FF’s would agree on that).  What surprises me however, is that this is just now being firmly addressed in court.  What?  You mean our e-mails haven’t been protected from search and seizure this whole time?  And email has been around since as early as 1965!  Looks like another case of the courts-struggling-to-keep-up-with-technology theme that makes its appearance so often here.

Prior to the Warshak ruling, e-mail privacy rules were murky at best.  Courts tended to rely on the language provided by electronic communications legislation, often neglecting to enforce constitutional standards.  For example, the Stored Communications Act states that the government must obtain a search warrant for unopened emails that have been in storage for not more than 180 days.  As you might expect, the Act leaves it unclear as to what happens to opened e-mails, as well as messages stored longer than 180 days.

The lack of solid guidelines for email search warrant requirements has led to a pattern of questionable discovery practices by the government.  What typically happens is that the government makes overbroad requests for copious amounts of email data, knowing that the court might easily rule either for or against the person’s privacy interests.  The case might then be dropped as soon as it appears that the privacy interests would prevail.  In addition to invasions of privacy, such practices have constituted a poor use of judicial resources.

The degree to which courts favor an individual’s email privacy has depended largely on the context in which the email is used.  For example, in corporate settings like that involved in a previous Yahoo! warrantless email search case, courts are likely to favor corporate interests over personal email privacy.  On the other hand, in a school setting, courts tend to enforce stricter Fourth Amendment standards for school administrators trying to view student’s emails.  This lack of uniformity has further confounded the email privacy issue.

The Warshak case signals a much needed reform in the area of email privacy laws.  To me, reform in this setting does not so much mean that new laws have to be passed.  Instead, I’d favor a return to the consistent application of good ol’ Fourth Amendment constitutional principles, much like what happened in U.S. v. Warshak.

And it’s not only the basic warrant requirement and privacy expectation standards I’m talking about either.  There should also be a push to make sure that warrants are more specific in describing which emails are to be seized.  The Fourth Amendment also states that “warrants shall not be issued” unless they are “particularly describing the place to be searched and the persons or things to be seized”.  This means no more overbroad discovery requests asking for tons of unnecessary emails in hopes of finding scraps of evidence.

Personally, in this era I can think of no more personal, private arena of life than our beloved electronic messages.  Whether it is email, instant or text messages, we absolutely cherish our paperless trail of communications.  And so to me, this recent ruling is very good news indeed, although it’s just a tad bit overdue.  Maybe Gmail will start requiring a username, password, and…warrant number please?

How Cyberlaw Differentiates Legal Spam from Illegal Spam

We’ve come a long way as a society.  It’s amazing when one looks back and reflects upon all the technological advances humans have discovered.  From humble barbaric cavemen (or cave people if you prefer the politically correct wording) who figured out how to light a fire, to the revolutionary discovery that draining someone’s blood wasn’t the best way to cure them, and of course, all the wonderful modern marvels of our current age.  Yes, it’s a great time to be alive and experience all that our society has to offer.

And without a doubt, the king of all these human creations has got to be the internet.  It’s our generation’s game changer – what with it being a source of constant information, a social networking system, and a perpetual time waster/addiction, all rolled in one.  Not to mention the fact that the internet has not only changed the way our world’s legal systems work, but that we’ve viewed this change as so important that we’ve dedicated an entire area of law to it.

Cyber space law or “cyberlaw” are words I’d never thought I would hear someone say with a straight-face outside of Gattaca.  Though to many, the general perception of cyberlaw is that it remains an exclusive concern of giant record and movie corporations.  While it’s true that usually the biggest news stories originate from these corporate legal battles, cyberlaw affects everyone, from small business owners to the average internet-using citizen.

How so?  Well there are a lot of ways, such as cybersquatting and privacy laws, but today let’s just take spam as our “for instance.”  Now if you’re reading this in a web browser and not on a printout like some kind of weirdo, you already know that I’m not talking about this kind of Spam, but rather this kind.  Spam emails abound on the internet and many users simply take it as a cost of using the net and getting to enjoy the convenience of email.  However, you may be surprised to hear that there are actually a set of laws to guide this area of the internet.

The passage of the CAN-SPAM Act of 2003 dictates the guidelines for spam advertisement emails; everything from the content of the email to who may be sent it.  Repeated violations of the Act can lead to fines and even imprisonment, not to mention that violators are also open to civil lawsuits (meaning regular people can sue under the Act).  It’s a very long document, I know.  But here are three interesting highlights:

1) Who Can Send and Receive Spam

Small business owners and entrepreneurs take note: all those funny and creative emails you’ve been sending out about your business to new potential clients on that email list your friend gave you – yeah, you just broke the law.  That’s because under the Act you can’t send unsolicited spam emails to people just because you have their address; you need their permission or have had a previous business relationship with the email recipient.  A previous business relationship is pretty broad; the customer just needs to have done business with you at some point in the past, such as buying something from you or consulting you on a matter related to your business.

2) Unsubscribing Recipients

Just like those public service announcements on unwanted sexual advances, when someone says no spam, they mean no spam and you have to respect that.  If a recipient says they no longer want emails from you, then you can’t send them any more emails.  Furthermore, spam emails have to have a link or description stating the process for unsubscribing from your email list.  And any such request must be complied within 10 days.

3) Truthful and Accurate Subject Headers and Emails

Shocking, huh?  But yes, spam emails must be honest.  The time of Mad Men is gone.  We now fortunately live in an age where lying in advertisements has been outlawed.  And this extends to spam as well.  Under the Act, subject lines have to be accurate to what the body of the email actually contains, meaning you can’t send an email with a subject header claiming the recipient won a million dollars but the email itself is trying to get the reader to buy your shoes.  The term “accurate” is very subjective, especially in the legal world, but as any trial attorney will tell you, judges can get pretty angry when someone tries to pull a blatant fast one on the court.  Furthermore, adult content (aka porno), must be explicitly labeled as such in the subject header.

Like every law, there are of course exceptions.  Emails that are religious, political, involve national security, or that generally can be considered fair marketing in nature are allowed to be sent.  But the first and last of these email forms must still comply with unsubscribe requests.

Filing a civil lawsuit and actually succeeding can be tough due to the very high standard of proof.  In this case, potential plaintiffs must actually show they’ve been harmed in some way and that the spammer did so intentionally or by some form of fraud.  However, criminal prosecution is generally much easier.  If you keep up on the news, you might think only large offenders who conduct big time email spam fraud, such as to steal identities or spread viruses, are the only ones caught, but you’d be very wrong.  Many local district attorney offices nowadays have whole divisions dedicated to prosecuting cyber crimes.

So what’s the best way to make sure you comply with this Act?  Read up on your local state laws and use your common sense because if something seems illegal, then chances are that it probably is.  And if you can’t make if through a statute without falling asleep, then you can always get a lawyer to help you through it.  Cyberlaw is a new and complex area, so some legal expertise isn’t such a crazy idea.

Email – It’s Fast, Easy, And Now Unprotected From Unlawful Searches

It’s official – we’re now taking our legal cues on privacy from China and South Korea.  Not literally of course; though like every American court we can still look to another country’s legal statutes and cases for inspiration… though that’s going away from the point of my post today.

You remember email, right?  That thing you’ve been using as your main source of written communication since the last decade?  The major form of correspondence that has surpassed old-fashioned snail mail and which is relied upon by everyone from business titans to celebrities, the president, and your aging grandmother (who floods your inbox with those funny grammatically incorrect cat pictures)?  Yeah, that email – it’s no longer protected against searches from the police.

privacy email“No, that can’t be right!  Right?  Email?  They are no different than letters you received in the mail; how can they not be afforded the same protection?” Well, apparently if you think like that you’ve been preempted by a federal judge, my friend.

Specifically, this ruling comes down from and Oregon Federal Judge Michael Mosman (I almost typed Michael Madsen; if he gave the ruling I might’ve been less outraged).  Judge Mosman argues that unlike regular snail mail which is handled by postal employees, e-mail should not be afforded the same protection against unlawful searches and seizures under the Fourth Amendment because when an email is sent, it goes through various Internet service providers.  By traveling through these different providers, each email leaves a digital image of itself with each ISP.  And apparently this fact is enough to distinguish email from regular land mail because by leaving a digital copy of itself, emails are in essence open to the ISP to read and monitor and therefore people who send emails cannot expect to have the same level of privacy as when one sends a regular piece of mail through the post office.  Judge Mosman’s full opinion can be read here (please note that the link is to a PDF).

Sound mental?  Yeah, well it should.  Judge Mosman seems to hang his ruling on the notion that because emails aren’t sealed in envelopes like a written letters, people should expect it to be read.  Now to be fair, police would still need a warrant to search through your email.  However, they’ll just need to submit the warrant to an ISP that has your emails to get access to them, thereby completely bypassing you and giving you no notice before invading your private emails.

Now on one hand, Judge Mosman’s argument makes some sense.  Junk mail in the form of post cards and brochures are almost never sealed and the courts have generally viewed these as forms of advertisement and therefore not protected under the Fourth Amendment since it’s argued that junk mail is meant to be seen by as many people as possible.  However, this is also where Judge Mosman’s argument breaks down because private emails aren’t advertisements, but are actual private communications between parties.

“But Andrew, what about the whole issue of emails leaving digital copies of themselves on ISPs and not being sealed like normal letters?”  Well let me answer that question, too, and thank you for asking so kindly.  Though emails are not physical sealed, they are often digitally encrypted to prevent prying eyes from seeing its contents.  Therefore, an analogy can be drawn between sealing and encryption since they both show the sender’s intent to keep their communication private.  Furthermore, like postal workers who we trust not to open our mail, similarly we trust our ISPs not to read our emails.

Anyway, all my ranting is meaningless until someone challenges Judge Mosman’s ruling or the legislature passes a law that gives emails the same protection against unlawful searches and seizures that physical mail enjoys.

So get started people, write your senators and congressmen, just don’t email them – for now.