Temple Environmental Law and Technology
Journal
Spring 1999
Article
*97 PROTECTION OF PRIVACY IN THE SEARCH AND
SEIZURE OF E-MAIL: IS THE UNITED
STATES DOOMED TO AN ORWELLIAN FUTURE? [FNa1]
Darla W. Jackson [FNd1]
Copyright ©
1999 Temple Environmental Law and Technology Journal; Darla W.
Jackson
Big Brother is watching.
. . . A party member lives from birth
to death under the eye of the Thought Police . . . . Wherever he may be . . . he can be inspected without warning and
without knowing that he is being inspected.
George Orwell, Nineteen
Eighty Four
INTRODUCTION
While we have not reached a world such as George Orwell envisioned in
his novel Nineteen Eighty-Four, in which there are no constitutional
limitations on governmental intrusions into personal privacy, some believe that
without change, we may be doomed to such a future. At the very least, the development of modern communications
technology, such as electronic mail, necessitates a reexamination of the
balance between an individual's right to privacy and society's need for
information. Nowhere is this struggle
more apparent than in the inherent conflict between the "right" to
privacy and law enforcement efforts to gather evidence in criminal
investigations. [FN1]
*98 In 1986, the
United States Congress passed the Electronic Communications Privacy Act of 1986
(ECPA). [FN2] Although the law provides some protection of
electronic communications from private interception, electronic communications
receive less protection from government interception. [FN3]As currently applied,
Fourth Amendment principles are also insufficient to protect privacy interests
against government interference with electronic communications. [FN4] This is primarily because U.S. courts have
utilized risk analysis and ill-fitting analogies to determine if an objective
expectation of privacy exists. [FN5] As will be discussed
infra, courts must determine that an *99
objective expectation of privacy exists before Fourth Amendment protections
will be applied.
While the use of
ill-suited analogies [FN6] is problematic, the difficulties
arising from the use of analogies are often further complicated by the fact
that the cases relied upon for analogy also involve risk analysis. When a court
engages in risk analysis, it determines privacy interests by focusing on the
risk of interception of the message. If
the communication is vulnerable to inference or interception, either by the
government or by another entity, the court may conclude that an objective
expectation of privacy is not present. [FN7] As a result, e-mail,
which is a less secure form of communication, [FN8] will receive less protection from search and seizure than other
more secure forms of communication. One
of the criticisms of this his type of analysis is that it fails to balance
individual privacy rights with society's law enforcement interest. [FN9]
The European Court of
Human Rights (ECHR) has developed an approach which uniquely deals with the
balance between individual privacy rights and society's law enforcement
interest. Is it necessary to modify the
U.S. treatment of privacy rights in technology-based communications to more closely
resemble the approach taken by the ECHR in order to avoid an Orwellian future?
This paper will attempt to answer that question. It will do so by addressing, in Part I, the problems in applying
traditional Fourth Amendment analysis to situations involving the search and
seizure of *100 electronic mail, giving special emphasis to one of the
leading cases in this area, United States v. Maxwell, [FN10] to illustrate these
difficulties. Part II examines how the European Court of Human Rights has dealt with
privacy rights issues involving technological advances and compares the ECHR's
analysis with the approach taken by the U.S. courts. Part III concludes that treatment of privacy and electronic
communications in the United States would be improved by adopting a
European-style analysis.
SEARCH AND SEIZEURE OF E-MAIL IN THE UNITED
STATES
A. Reasonable Expectation of Privacy
The Fourth Amendment
protects against unreasonable searches and seizures, and prescribes criteria
for the granting of search warrants. [FN11] Whether the
Fourth Amendment's reasonableness and warrant requirements apply to a
communication depends upon whether the inspection of the communications
constitutes a search. A two-part test,
commonly known as the Katz [FN12] test, has been applied to determine whether a given
inspection is a search. First, the court determines if the government action
has violated an individual's subjective expectation of privacy. It then examines whether society recognizes
that expectation as reasonable, as an objective test. Only if the defendant can establish that subjective and objective
expectations of privacy exist, is Fourth Amendment protection deemed
applicable. [FN13]
United States v. Maxwell,
has been cited as support for the proposition that "traditional Fourth Amendment search and
seizure laws can be effectively applied to searches of electronic communications."
[FN14] However, an analysis of how the trial and
appellate courts dealt with the issue of whether society *101 recognizes
the expectation of privacy in e-mail as reasonable (the objective expectation
of privacy prong of the Katz test) illustrates the difficulties in dealing with
this issue.
In Maxwell, the
defendant, a colonel in the Air Force, was a subscriber to America Online
(AOL). Using AOL services, he established
four screen names. The screen names allowed him to communicate via e-mail or
bulletin boards. [FN15]
In 1991, another AOL subscriber, Roger Dietz, reported to AOL and the
Federal Bureau of Investigation (FBI) his belief that some AOL subscribers were
transmitting and receiving visual images portraying child pornography. [FN16] As evidence of
his assertions, Dietz provided a computer disc containing some of the images
transmitted on AOL, as well as a list of the screen names of people involved in
the transmissions. [FN17] The list
contained the screen name "Redde1," one of Maxwell's screen names. [FN18] Based on this
information the FBI sought a warrant to seize the electronic transmissions of
the subscribers with listed screen names. [FN19] In spite of a
policy not to read or disclose subscribers' e-mail to anyone (except authorized
users), unless pursuant to a court order, AOL, in anticipation of a warrant,
programmed software to extract information on subscribers who were assigned the screen names appearing on Dietz's
list. [FN20] As a result, the desired information had
been withdrawn from AOL's computers even before the warrant was executed. [FN21] When the actual warrant was presented, AOL
turned over the information it had already withdrawn. Maxwell's "Redde1" screen name was misspelled as
"REDDEL" on the warrant (a change of the last character from the
number "1" to the Letter "L"). [FN22] However, because AOL
had extracted the information based on Dietz's list and not the warrant, AOL
identified Maxwell as one of the subscribers involved. [FN23] AOL turned over transmissions under not only
the "Redde1" name, but also under three other screen names used by
Maxwell, which had not been listed on either the warrant or on Dietz's list but
which were identified by AOL as belonging to the same customer using the
"Redde1" screen name. [FN24]
Based on the evidence
obtained from AOL, Maxwell was charged with and convicted of violating Article
134 of the Uniform Code of Military Justice for communicating indecent language
and for violating federal law by knowingly receiving and transporting, for the
purposes of distribution, obscene material including child pornography. [FN25] At trial, the military judge, upon a motion
to *102 suppress, determined that Maxwell had no objective expectation
of privacy and admitted the evidence obtained from AOL. [FN26] The judge's finding
was based on several factors including: 1) the fact that the e-mails could not
be recalled or erased once they were dispatched; 2) the sender was powerless to keep them from being
forwarded; and 3) "the forwarding of messages to multiple individuals made
the situation analogous to bulk mail." [FN27]
Emphasizing that both
Maxwell and the intended recipients had individually assigned passwords, the
Air Force Court of Criminal Appeals (AFCCA) reversed the finding that no
objective expectation of privacy existed. [FN28] AFCCA went on to
explain, "[I]n the modern age of communications, society must recognize
such expectations of privacy as reasonable.
We believe such recognition is implicit in the Electronic Communications
Privacy Act." (emphasis added). [FN29]
On appeal of the AFCCA
decision, the Court of Appeals for the Armed Forces (CAAF), also found that an expectation of privacy did exist in
the electronic mail stored on AOL. [FN30] However, CAAF
made no mention of the ECPA in making its finding. Rather, CAAF stated that e-mail transmissions were not unlike
other forms of modern communication, such as the first-class mail and telephone
conversations, and attempted to draw parallels from these other forms of
communication. CAAF stated:
For example, if a sender
of first-class mail seals an envelope and addresses it to another person, the
sender can reasonably expect the contents to remain private and free from the
eyes of the police absent a search warrant founded upon probable cause.
[citation omitted] However, once the letter is received and opened, the destiny of the letter then lies
in the control of the recipient of the letter, not the sender, absent some
legal privilege.[citations omitted] Similarly, the maker of a telephone call
has a reasonable expectation of privacy that police officials will not
intercept and listen to the conversation; however, the conversation itself is
held with the risk that one of the participants may reveal what is said to others
[citations omitted]. . . . Thus, while a user of an e-mail network may enjoy a
reasonable expectation that his or her e-mail will not be revealed to police,
there is the *103 risk that an employee or other person with direct
access to the network service will access the e-mail, despite any company
promises to the contrary. . . .
However, this is not the same as the police commanding an individual to
intercept the message. [FN31]
CAAF also concluded,
"[e]xpectations of privacy in e-mail transmissions depend in large part on
the type of e-mail involved and the intended recipient." [FN32] Therefore, messages sent to chat rooms
"lose any semblance of privacy." [FN33] Additionally, when messages are forwarded to additional
individuals, the "subsequent expectation of privacy incrementally
diminishes." [FN34]
In dealing with judgments
regarding the reasonableness of expectations of privacy in electronic
communications, courts may not have sufficient technical knowledge to aid in
informed decisions. [FN35] As discussed
infra, the courts may as a result, ill
advisedly compare electronic communications, such as e-mail, with other forms
of communication. An alternative
approach is for the courts to look to legislative enactment to establish an
expectation of privacy. The courts
involved in deciding and reviewing Maxwell used both of these methods. [FN36] However, as that case illustrates, each of
these methods presents difficulties. [FN37]
In Maxwell, AFCCA relied
on the existence of the ECPA as an implicit indication that a reasonable
expectation of privacy existed in such communications. [FN38] However, one review suggests, "[t]his
view is clearly mistaken . . . as the statute at issue [the ECPA] declines to
enact an exclusionary rule for electronic communication seized in violation of
its terms . . . and refers to remedies provided as the only remedies available
for nonconstitutional violations." [FN39] [emphasis
added]. Interpretation of complex and
technical statutes regarding electronic communications is often difficult because
statutes dealing with new technologies, such as the ECPA, are often
"patchwork legislation" resulting from additions to existing laws. [FN40] In fact, *104
these statutes are "famous (if not
infamous)" for a "lack of clarity." [FN41] Given this lack of clarity, it is not
surprising that AFCCA relied on the EPCA despite the indication, in some provisions,
that Congress did not intend to provide extensive protection from government
interception and seizure of electronic communications. [FN42]
An alternative to relying on statutory provisions to determine whether a
reasonable expectation of privacy exists is for the court to use analogy. In Maxwell, both the trial judge and CAAF
did so. [FN43] However, one of the problems with this type
of analysis, when applied to e-mail, is that none of the analogies provide a
"convincing analytical framework." [FN44] For example,
traditional first class postal mail is sealed.
As a result, the sender can relay it through the mail system without
fear that someone will read it. It
would thus be reasonable to rely on the privacy of such communications. However, a large amount of the e-mail
transmitted may be accessed on intermediate computers between the sender and
the recipient. It could therefore be
analogized to a postcard communication that does not enjoy a reasonable
expectation of privacy. [FN45] However, other
technological differences create problems with using the postcard analogy. As illustrated in Maxwell, issues concerning
the type of route a particular e-mail travels (e.g., Is the route of the
message not accessible by intermediate computers?) and the agreements service
providers have with customers (e.g., Have system administrators with access
agreed not to read or disclose the e-mails?) further complicate the *105
analogy approach. [FN46]
Another, and perhaps the
most important, concern with the analogy approach is that the cases which the
courts rely on for the purpose of drawing the analogy have involved risk
analysis. [FN47] As previously noted, risk analysis concentrates on the susceptibility of
a communication to reception to determine the privacy protection to be provided
rather than on a balancing of individual and societal interest, as is done in
the context of judging the constitutionality of encroachments on other
guaranteed rights. [FN48] Thus, risk analysis
replaces a proper balancing of the individual's rights with society's need for
information. Risk analysis has been
fairly criticized in the area of electronic communication because of the
resultant lesser protection provided for electronic communications simply by
reason of the fact that they are more vulnerable to interception. [FN49] Leib explained:
Electronic
communication's vulnerability to interception is not a sound reason for giving
it less protection from government interception, especially since Congress
placed electronic communication in the same position as wire and oral
communication with respect to private interception. In fact, the OTA Report
prepared for Congress in 1985 stated that simply "because a communication
may be more readily overheard does not necessarily mean that investigative
authorities should be able to intercept it with less authorization." If
anything, the ease with which electronic communication may be intercepted
justifies strong protections against government intrusions. . . . In fact, the
Supreme Court has also acknowledged the comparatively greater danger posed by
government activity, writing: "[a]n agent acting--albeit unconstitutionally--in
the name of the United States possesses a far
greater capacity for harm than an individual trespasser exercising no authority
other than his own." [I]f and when users realize that e-mail is more
easily intercepted by the government--and that this power is being used--those
private citizens who fear *106 governmental intrusions will likely
reject electronic communication. [FN50]
Diminished use of e-mail technology based on privacy concerns
would be unfortunate given the social utilization and numerous benefits which
electronic communications can provide. [FN51]
B. Exceptions to Warrant Requirements [FN52] and the Judicially
Created Exclusionary Rule [FN53]
Even if a reasonable
expectation of privacy is found to exist, e-mail users' privacy may, under some
circumstances, still be impinged upon regardless of whether law enforcement
officials have obtained a warrant as required by the Fourth Amendment. This is
because traditional Fourth Amendment analysis allows numerous exceptions to the
warrant requirement. As Justice Scalia
opined in California v. Acevedo, "the 'warrant requirement' has become so
riddled with exceptions that it is basically unrecognizable." [FN54] This becomes more problematic when the
exceptions are applied to e-mail without proper consideration of the underlying
rationale for the exception. Thus, use
of traditional Fourth Amendment analysis, including the application of
exceptions to warrant requirements, faces
increasing criticism because the rationales supporting the exceptions may
"rarely come into play." [FN55]
One example of the lack
of applicability to e-mail situations can be seen in the operation of the
search and seizure incident to arrest exception. This exception allows the search
of an arrested person and the area within his immediate control. [FN56] The purpose of allowing such searches and
the seizure of evidence resulting from such searches is to protect law
enforcement officers *107 through the seizure of weapons. [FN57] While the computer itself could perhaps
serve as a weapon (if it was used to strike the officer), surely the messages
stored on it could not be classified as such.
The exception is also meant to prevent the destruction of evidence. [FN58] If a person were arrested while carrying a
portable computer, removal of the computer from the control of the individual
would prevent the destruction of any evidence that might be on the computer. Thus, a warrantless search of the computer
and seizure of messages contained in the memory of the computer would not
accomplish any of the purposes the exception was designed to meet. [FN59]
Neither is the exigent
circumstance exception normally applicable to investigating cyberspace
communications. [FN60] Like the search incident to arrest exception,
the most often cited purpose of the exigent circumstance exception is to
prevent the destruction of evidence. [FN61] Because most service providers back up systems, preventing
deletion of the messages is not a major concern in situations involving e-mail.
[FN62]
There have been
relatively few cases involving searches of e-mail which have reached the
appellate court level in the United States.
As a result, it is difficult to draw conclusions regarding whether
United States' courts will closely consider the public interests underlying the
exceptions to the warrant requirement before applying them. Nevertheless, the dangerous potential for
misapplication of these exceptions to e-mail searches is evident. [FN63]
In addition to the
possible exemption of searches and seizures of electronic communications from
warrant requirements, United States courts may also *108 adversely
affect individual privacy interests by failing to exclude improperly obtained
evidence at trial. In Maxwell I, AFCCA
held that probable cause was sufficiently established to identify Maxwell as
the user of the "Redde1" screen name and to seize the e-mails made
under that screen name, concluding that the misspelling of the screen name did
not invalidate the warrant. However,
the court did not find that probable cause was established with respect to
communications under any of the other screen names used by Maxwell. Rather, AFCCA found that the evidence seized
from Maxwell's other e- mail boxes was admissible under the good faith
exception to the exclusionary rule. [FN64] This is an
example of a court's failure to exclude improperly obtained evidence. On appeal of the AFCCA decision, CAAF
declined to uphold admission of the
Maxwell's transmission based on the 'good faith' exception. CAAF noted that AOL
had relied upon the list of names provided by Dietz in determining which
records were going to be released rather than upon the warrant. [FN65] While CAAF's decision is based on more
traditional good faith exception analysis, the AFCAA ruling nonetheless
illustrates the extra care that is needed when law enforcement officials are
identifying and seizing e-mail messages. [FN66] As the next
section of this paper will discuss in more depth, errors are often due in part
to the fact that currently many law enforcement personnel are not sufficiently
versed in the uses of computer technology to be able to adequately limit the
scope of the searches they are conducting.
Extreme care is
specifically needed in reviewing the particularity of the description of
messages that may be seized to guarantee that general searches, prohibited by
the Fourth Amendment, do not result. In
order to assure that law enforcement does not engage in general searches, one
suggestion is for officers applying for a search warrant involving e-mail
accounts to provide a description of the key word search they will use when
executing the warrant. The key word
search would be used to sift through the suspect's e- mail. This would ensure that "the common
abuse of telephone wiretaps i.e., listening to every conversation that passes
through the phone line [could] be avoided." [FN67] Another suggestion is that when
circumstances allow, based on available
information, law enforcement authorities be required to limit searches "to
*109 messages sent or received to or from particular individuals during
a particular time." [FN68] Combining these
restrictions on the search and seizure of e-mail would have the "effect of
protecting privacy of messages not relevant to the investigation while encouraging
police to educate themselves regarding searches of electronic
information." [FN69] Advocates of this approach argue:
[t]here should be no good
faith reliance on a warrant based on ignorance. Until law enforcement personnel are better versed in the uses of
computer technology and can limit adequately the scope of searches, disallowing
the good faith exception will encourage police to educate themselves and
exercise the appropriate restraint when searching computer information. [FN70]
C. Summary of Search and Seizure of E-mail in the United States
In summary, traditional
Fourth Amendment analysis fails to adequately protect privacy interests in
electronic mail because courts attempting to apply such analysis fail to
realize that analogy to other forms of communication is inapropos and because
the use of risk analysis in determining if there is an objective expectation of
privacy results in a lesser protection due to the greater susceptibility of
e-mail to interception. While at least
one court has suggested that the existence of the Electronic Communications
Privacy Act is indicative of an objective
expectation of privacy, such a position has not been widely followed. Furthermore, reliance on the ECPA may not be
justifiable given the legislative history and the level of protection set forth
in the ECPA. [FN71] Additionally, traditional Fourth Amendment
analysis as well as the ECPA allow encroachment on individual privacy without
warrant requirements under an unlimited number of exceptions, the rationale for
which is often not applicable to electronic mail situations. Perhaps, we can learn from the European
system of analysis. [FN72]
*110 PRIVACY IN THE EUROPEAN COURT OF HUMAN RIGHTS
[FN73]
The Council of Europe is
an international organization composed of forty member nations. The Council's essential goals are the
maintenance of political and economic stability in Europe. Preservation of individual rights is an
essential element to ensuring such stability.
As a result, the Statute of the Council of Europe provides that each
member state must ensure "the enjoyment by all persons within its
jurisdiction of human rights and fundamental freedoms." [FN74]
To effectuate this
provision, member states have ratified two human rights treaties, The European
Convention for the Protection of Human Rights and Fundamental Freedoms (EHR) [FN75] and the European
Social Charter [FN76].
The EHR will be the focus of this discussion. The primary means of
prosecuting a claim for a violation under the EHR is the European Court of
Human Rights (ECHR). The ECHR's
treatment of the EHR provisions dealing with privacy is instructive.
Article 8 of the European
Convention on Human Rights provides:1.
Everyone has the right to respect for his private and family life, his
home and his correspondence.2. There
shall be no interference by public authority with the exercise of this right
except as is in accordance with the law and is necessary in a democratic
society in the interests of national security, public safety or the economic
well-being of the country, for the prevention of disorder or crime, for the
protection of health or morals, or for the protection of the rights and
freedoms of others. [FN77]
Although somewhat dated,
the most often cited cases dealing with Article 8 of the EHR in the context of
communication technologies are Klass v. F.R.G., [FN78] Malone v. U.K. [FN79] and Kruslin v. Fr. [FN80] In these cases, the ECHR *111
analyzed whether wiretapping under national practices or under domestic
legislation violated Article 8.
In deciding the cases,
the ECHR analyzed privacy not through risk analysis, but as a balancing of the
interests between the needs of society and the need for privacy of the
individual, much like U.S. courts have done in analyzing Constitutional
provisions other than the Fourth Amendment.
The ECHR first examined whether there was an interference with the right
of privacy. If interference is found, the ECHR will find that
it contravenes Article 8 unless the interference is: 1) "in accordance
with the law"; 2) pursues one or more of the legitimate aims referred to
of Article 8; and 3) is "necessary in a democratic society' in order to
achieve them." [FN81] The following
discusses these elements of the ECHR's analysis and examines how the elements
are applicable to U.S. practice.
A. Interference
In determining if there
is interference, the ECHR has relied on the very existence of a law governing
surveillance measures to imply interference.
The ECHR has stated:
Clearly any of the
permitted surveillance measures, once applied to a given individual, would
result in an interference by a public authority with the exercise of that
individual's right to respect for his private and family life and his
correspondence. Furthermore, in the
mere existence of the legislation itself, there is involved, for all those whom
the legislation could be applied, a menace of surveillance; this menace
necessarily strikes at freedom of communication between users of the postal and
telecommunications services and the applicants' right to respect for private
and family life and for correspondence. [FN82]
Reliance on legislative
enactment to find interference is somewhat similar to the AFCCA's reliance on the ECPA to establish
an objective expectation of privacy in Maxwell. However, as discussed supra, AFCCA's reliance on the ECPA may be
unjustified. The U.S. approach to
determining if an expectation of privacy exists could be altered by amending
the ECPA in such a way as to justify reliance on the legislation as an
expression of Congress's *112 intent to create such an objective
expectation of privacy. U.S. courts
could also adopt an approach similar to that taken by the ECHR, which
establishes a rebuttable presumption that an intrusion is a search without
analyzing whether there is a subjective or objective expectation of privacy. [FN83]
B. In Accordance with Law
As described above, a
finding of interference by the ECHR will necessitate further examination of
whether sufficient safeguards of privacy exist and were followed. Similarly, a finding of a reasonable
expectation of privacy by the U.S. courts necessitates examination of whether a
warrant has been properly attained or whether an exception to the warrant
requirement exists under U.S. law (either statutory or common law). Though the steps of analysis appear somewhat
similar, the actual analysis of the separate court systems results in different
measure of protection for privacy.
Once the ECHR finds that
there is interference, the Court analyzes whether the interference is "in accordance with
the law." The Court, in Kruslin,
establishes a two-part test to determine if the intrusion is in accordance with
the law. "Firstly, the impugned
measure should have some basis in domestic law." [FN84] Second, the Court states that "in
accordance with the law" also refers to the "quality of the law . . .
requiring that it should be accessible to the person concerned, who must
moreover be able to foresee its consequences for him, and compatible with the
rule of law." [FN85] It is the
compatibility and foreseeability prongs of the test which will be the primary
concern of this discussion. [FN86]
1. Compatible with the Rule of Law
In Malone, the ECHR
stated:
[I]t would be contrary to
the rule of law for the legal discretion granted to the executive to be
expressed in terms of an unfettered power.
Consequently, the law . . . must indicate the scope of any such discretion
. . . with sufficient clarity, having regard to the legitimate aim of the
measure in question, to give the individual adequate protection against
arbitrary interference. [FN87] *113 The
Court in Kruslin provided examples of safeguards that would be needed for a law
to be deemed to adequately protect against arbitrary interference. These safeguards included: 1) definition of
the "categories of people liable to have their telephones tapped by
judicial order and the nature of the
offenses which may give rise to such an order," and 2) establishment of a
time period during which the "interference" could continue. [FN88]
U.S. law, specifically
the Omnibus Crime Control and Safe Streets Act of 1968 [FN89] (OCCSSA), the
precursor to the ECPA legislation, contains many of the safeguards set forth in
Kruslin. However, various measures
meant to protect against governmental interference with privacy have not been
fully extended to electronic communications in the OCCSSA as amended by the
ECPA . For example, OCCSSA allows for the surveillance of wire and oral
communications only if the communications are expected to produce evidence of
certain enumerated crimes such as treason, bribery, and jury tampering. [FN90] However, intercept
orders for electronic communications may be authorized to obtain evidence of
any federal felony. [FN91] Thus, like the
French law in Kruslin, the ECPA inadequately defines the "nature of the
offences which may give rise" to an order to intercept. [FN92] As a result, the ECHR, if asked to judge the
adequacy of the U.S. law dealing with electronic communications, would likely
determine that the "interferences," while authorized by national law,
would not meet the requirement of being "consistent with the rule of law."
*114 2. Foreseeable as to the Consequences
In attempting to clarify
what foreseeability requires, the ECHR, in Malone, stated that the foreseeability does not require
that an individual be able to "foresee when the authorities are likely to
intercept his communications so that he can adapt his conduct." [FN93] Rather, the law must be "sufficiently
clear in its terms to give citizens an adequate indication as to the
circumstances in which and the conditions on which public authorities are
empowered to resort to this secret and potentially dangerous interference with
the right to respect for private life and correspondence." [FN94]
In Kruslin, the ECHR also
commented that while some safeguards against arbitrary interference did exist
in French statutory law, others had been laid down "piecemeal in judgments
given over the years," [FN95] or inferred by the government from "general
enactments or principles or else from analogical interpretations of legislative
provisions - or court decisions - concerning
investigative measures different from telephone tapping." [FN96] The court concluded that such
"'extrapolation' does not provide sufficient legal certainty in the
present context." [FN97] Thus, the Court
concluded that French law did not meet the foreseeability [FN98] and "in
accordance with the law" requirements. [FN99]
The foreseeability
requirement under U.S. law might also be questioned. For instance, many of the exceptions to the Fourth Amendment
warrant requirement have been established through court decisions involving
factual circumstances very different from those involved with the interception
or seizure of electronic mail
communications. Individuals are
therefore unable to predict how the exceptions would be applied to electronic
messages. Thus, like the interception
in Kruslin, U.S. practice, which would include the application of court created
exceptions to the warrant requirements, would most likely fail scrutiny under
the European foreseeability requirement.
It may be argued that
reliance on analogy and risk analysis by U.S. courts may also cause a lack of
foreseeability. As previously discussed
in Part I, use of analogy and risk analysis to determine the existence of an
objective expectation of privacy makes it difficult to anticipate future U.S.
courts' holdings. [FN100] The resulting
uncertainty regarding whether an expectation of privacy exists in a given
situation would likely lead the ECHR to conclude that as currently applied,
U.S. law does not provide sufficient foreseeability.
*115 C. Necessary to a Democratic Society
Finally, the ECHR determines
whether it is "necessary in a democratic society" to achieve the
legitimate aims set forth in Article 8. [FN101] This is sometimes referred to as the necessity standard. In Klass, the ECHR stressed the importance of
a "strict necessity" standard stating, "[p]owers of secret
surveillance of citizens, characterizing as they do the police state, are
tolerable under the Convention only in so far as strictly necessary for safeguarding democratic institutions." [FN102] The European Court has also interpreted the
necessity standard as requiring intrusions to be accomplished by the
"least intrusive alternative." [FN103] For example, in Klass, the ECHR upheld the surveillance
measures (telephonic interception) because the interference had been reduced to
an "unavoidable minimum." [FN104]
In contrast, U.S. courts
do not apply a strict necessity [FN105] the Court upheld the seizure of a pager and the
subsequent retrieval of information from the pager on the basis that both the
seizure of the pager and the seizure of the information were done incident to
arrest. [FN106] The seizure and the subsequent search
without a warrant were not necessary to promote a national interest. The national interest would have been
protected in precisely the same way had the officers obtained a warrant prior
to retrieving the information from the pager. [FN107] As previously pointed out, the rationale for
the search incident to an arrest exception often does not apply in electronic
communication cases.
Because there is no
comparative test, less intrusive alternatives are also not required. In Maxwell, all of the messages of the
defendant were provided to the government. [FN108] Maxwell argued
that the warrant authorizing the search was a general warrant because it:
1) included names of individuals
"merely receiving obscenity and unknowingly receiving child
pornography" as opposed to only those transmitting and knowingly receiving
child pornography, and 2) "lacked an
identifiable 'e-mail chain' to conclusively link" the graphic files *116
presented to the magistrate with the list of screen names provided." [FN109] CAAF rejected the argument on two
grounds. First, citing the case of
Scott v. United States, [FN110] in which an interception was found reasonable even though
60 percent of the calls were irrelevant to the investigation, the court
reasoned that an advance search would have been necessary to further limit the
search and that inclusion of the names was "entirely reasonable." [FN111] Second, CAAF stated, "the standard for
establishing probable cause is just that - 'probable.' [FN112] We will not raise the level of persuasion to
'beyond a reasonable doubt." ' [FN113] The tenor of that
portion of the opinion suggests that had Maxwell objected on the grounds that a
key word search was not used to provide a less intrusive search, the court
would have rejected this argument on the grounds that the search was
reasonable. [FN114]
D. Summary
Article 8 of the EHR, as
applied by the ECHR, provides a greater measure of protection for privacy than
the U.S. law for a number of reasons. First, the ECHR's inquiry presumes that there is an
interference with privacy unless certain criteria are met, rather than assuming
thatthere is no interference unless the defendant can establish both a subjective
and objective reasonable *117
expectation of privacy as U.S. courts do. [FN115] Secondly, the European approach requires that the
individual be able to foresee the consequences of national measures which may
interfere with his privacy. As
discussed above, foreseeabilty and
sufficient safeguards against arbitrary interference are absent in U.S.
law. Finally, U.S. law has not applied
a strict necessity standard. As a
result, the least intrusive means of meeting law enforcement aims are not
required. In contrast, Europe has
guarded against any interference with privacy which is not accomplished in the
least intrusive manner.
CONCLUSION
It is unlikely that the
method of evaluating searches and seizures developed in Katz and firmly
entrenched in the American legal system will be rejected in the near future. [FN116] As a result, the approach suggested herein
recommends working within the existing U.S. procedures with select changes. [FN117]
The primary change
suggested is adoption by U.S. courts of the approach followed by AFCCA in
United States v. Maxwell. AFCCA relied
on the ECPA to find that an objective expectation of privacy existed. As previously discussed, the AFCCA approach
resembles that taken by the ECHR in determining if there has been an
interference with the right to privacy under Article 8 of the EHR. Such an analysis encourages a
balancing of the individual privacy rights with society's interest and is
preferable to the current risk analysis approach, which bases the expectation
of privacy on the susceptibility of the electronic mail to interception. [FN118] However, reliance on *118 the ECPA,
it may be argued, can only be justified if the act is amended to provide
additional protection from government interference. [FN119] Revision of the statutory exclusionary rule
to include protection for electronic communications has been suggested as an
example of such an amendment. [FN120] Such a measure
would not only provide additional legislative protection, but would also expand
Fourth Amendment protection of e-mail by further supporting a finding that
e-mail users have a reasonable (objective) expectation of privacy.
A second recommendation
is for courts to more closely examine situations before applying exceptions to
the Fourth Amendment warrant requirement or the court-created exclusionary
rule. As stated previously, the
rationale supporting the exceptions to the warrant requirement do not often
apply in e- mail situations and do not encourage vigilance by law
enforcement. The ECHR has applied the
strict necessity test to demand that a search, of the type being examined, not
only be necessary to a democratic society [FN121] but also that the search be carried out by the least
intrusive method available. [FN122] Following such an analysis would ensure that
an exception would be applied only in situations where the rationale supporting
the exception was applicable to the
situation. Amendment of the ECPA's
statutory exclusionary rule to disallow the application of certain traditional
exceptions, such as good faith, would also accomplish this goal. [FN123] However, recent legislation has been less,
rather than more, protective of personal privacy. [FN124] Thus, while legislation is preferable, it
seems unlikely to be forthcoming.
Therefore, it is imperative that the U.S. courts, similar to the stance
of the ECHR in Europe, take the lead in *119 protecting privacy
interest. [FN125]
These changes will
address many of the difficult issues illustrated in the Maxwell case. Although such an approach does not provide
unlimited protection from government searches, allowing the inclusion of
additional e- mail protections in the ECPA to be probative of a reasonable
expectation of privacy will strengthen privacy rights. It will also allow the government to
accomplish its goal of combating crime, while protecting individual privacy, by
allowing its agents to search electronic communications only after they have
obtained a warrant. [FN126] Increasing the
privacy afforded to electronic communications will allow society to benefit to
the greatest extent from development of new technologies. Additionally, it will encourage
transnational flow of information by adjusting the U.S. approach to privacy and
search and seizure so that it more resembles the approach taken by the
international community and states with which the United States acts abroad. [FN127]
It is ironic that George Orwell selected Europe as the setting for the
totalitarian state in which the individual has no privacy, because it is a *120
European example that the U.S. may rely on to better protect privacy interests
of those utilizing e-mail. For only
when protection is given to forms of communication such as e-mail can we escape
the eyes of "big brother" as so clearly imagined by Orwell.
[FNa1]. The views expressed
in this article are those of the author and do not necessarily reflect the
official policy or position of the Department of the Air Force, the Department
of Defense or any other Agency of the US Government.
[FNd1]. Major Darla Jackson
is a member of the Faculty of the Department of Law at the United States Air
Force Academy. She received her J.D.
from the University of Oklahoma in 1989.
She is a 1999 International Law LL.M. Candidate, University of Georgia
College of Law. The author would like
to thank her colleagues in the USAFA Department of Law, particularly Lieutenant
Colonel Michael Schmitt, Major Richard Desmond, Major Donna Verchio, Professor
David Fitzkee, Captain T.J. McGrath, and Captain Paula McCarron for their
invaluable comments and suggestions during the revision of this article.
[FN1]. Brian J. Serr, in
his article, Great Expectations of Privacy: A New Model for Fourth Amendment
Protections, 73 Minn. L. Rev. 583, 584 (1989), also draws on the
Orwellian predictions to show a need for examining the balance between individual
privacy and government surveillance. He
not only states that there is a need for re-examination, but goes further to
say that the Supreme Court has recently allowed the balance to tip
"unnecessarily further and further away from individual freedom,
significantly diminishing the realm of personal privacy." Id.
[FN2]. Pub. L. No. 99-508,
100 Stat. 1848 (1986) (codified in various sections of 18 U.S.C.)
[FN3]. Michael S. Leib,
E-mail and the Wiretap Laws: Why Congress Should Add Electronic Communication
To Title III's Statutory Exclusionary Rule and Expressly Reject A "Good
Faith" Exception, 34 Harv. J. on Legis. 393, 406 (1997). Leib states that the drafters agreed not to
add electronic communication to the statutory exclusionary rule in order to
"procure Department of Justice support and assure passage of the
ECPA." Id. at 396. Additionally,
stored electronic communications may get even less protection. For
communications stored more than 180 days, the government may obtain the
communication through a warrant, administrative subpoena, grand jury subpoena or court order. The latter three procedures do not require the government to
establish probable cause. Id. at
405-06, citing 18 U.S.C. 2703.
[FN4]. One example of such
a viewpoint can be found in Randolph S. Sergent, Note, A Fourth Amendment Model
For Computer Networks and Data Privacy, 81 Va. L. Rev. 1181 (1995).
[FN5]. As will be discussed infra in this paper, in United States v. Katz, 389 U.S. 347 (1967), a two prong test to determine whether a person is entitled to Fourth Amendment was included in a concurring opinion. The two- part test has been widely applied. It requires that the individual have a subjective expectation of privacy and that society recognizes this expectation as reasonable. This second prong is also known as the objective test. It is this second prong which is the primary concern of this paper. The primary focus will not be the application of the subjective prong of the test. As might be expected, many have questioned why the subjective prong is required stating that the government could diminish a person's subjective expectation of privacy merely through actions such as announcing that all citizens were to be instantaneously be placed under "comprehensive electronic surveillance." Anthony G. Amsterdam, Perspectives on the Fourth Amendment, 58 Minn. L. Rev. 349, 384 (1974). Jonathan T. Laba, in his comment, If You Can't Stand the Heat, Get Out of the Drug Business: Thermal Imagers, Emerging Technologies, and the Fourth Amendment, 84 Calif. L. Rev. 1437, 1445 (1996), indicates that the Supreme Court has accepted this criticism. Laba cites the following quote from