A book seller who provides e-mail service to his customers did not violate the law by copying and reading their private messages, an appeals court rules. By Kim Zetter.

[Via Wired News]

Mixed feelings on this. But I'm troubled. Basically, if you don't click through and read it, this online bookseller gave some of his customers access to email accounts on his system. Then he installed some software to read and copy their emails, so that he could see, say, emails they were getting from Amazon.com.

He was charged with violating the Wiretap Act, but was exonerated by the First Court of Appeals, their reasoning being that the emails were "already in the random access memor, or RAM, of the defendant's computer system" and that he did not intercept them in transit, and therefore was not afoul of the Wiretap Act.

Well, I don't know how this program he installed works, but I doubt that the emails were in RAM before accessed them. More likely is that they were on the hard drive (permanent storage) somewhere. While that may be beside the point, I think it's important to note that we have judges making decisions on technical situations that they do not fully understand...much like the Patent and Trademark Office often is asked to judge patentability on things they do not wholly understand, and that bothers me.

But the other thing is that this is a huge setback in online privacy. The thing is, I have email at work. Most of us do. And most of us also have been made aware of some sort of corporate network and email usage policy, all flavors of which will say something to the effect of "your email is in the company's system, and is the company's property, and we will do whatever we damn well please with it". I know that's the case. I also know that nobody ever reads my email, but if they did, well, that's their perogative. So -- and again we don't know the exact technical specifics -- if the email system was on this guy's personal server, that he owned, and not being served by a third-party hosting company somewhere, then all he had to do was disclose that it was in fact his system and that he reserves the right to access their email. Since he is providing the service in the first place, nobody can have a problem with it if they know ahead of time. But he did it surreptitiously. And if it isn't his system in the first place, then he has no business being in there.

But now, taking the extreme view for a minute to play Devil's Advocate, this decision marks a path for Google to start reading my GMail, my hosting provider to start reading my scottcreynolds.com email, and AT&T to start reading that email. I don't think that realistically will happen, not with bigger compaanies, or at least not as a matter of policy. But as we saw recently, internal people with the right access and nothing better to do may use their access priveleges for evil rather than good, and somehting like this decision is going to make it hard for there to be actual legal recourse when needed.

Incidentally, I think Justice Kermit V. Lipez is with me on not thinking the court's decision takes into account all the technical facts, and goes so far as to include a detailed description of how email works with his dissenting opinion.

I think Amazon.com needs to get ahold of this guy and have him rung up on corporate espionage and anticompetitive practices charges. This whole thing started because Johnny Smalltime thought, for some absurd reason, that he could get a competitive edge on Amazon.com...maybe with that in mind he could have got off on insanity.