An employer's decision to dig through an employee's e-mails in computer storage does not violate any federal or state wiretap laws -- not even the "Stored Communications Act" -- since all of the laws are triggered only when the interception occurs "in the course of transmission," a federal judge has ruled.

In her 44-page opinion in Fraser v. Nationwide Mutual Insurance Co., U.S. District Judge Anita B. Brody found that wiretap laws do not cover retrieval of a person's e-mail from "post-transmission storage."

"The strong expectation of privacy with respect to communication in the course of transmission significantly diminishes once transmission is complete," Brody wrote.

"Nationwide's retrieval of Fraser's e-mail from the Nationwide file server may in fact be ethically 'questionable' ... but it is not legally actionable under the ECPA [Electronic Communications Privacy Act of 1986]," she wrote.

Wiretap laws are violated, Brody said, only when an e-mail is intercepted from "intermediate storage" or "back-up protection storage" -- both of which automatically occur during the course of transmission -- or if the e-mail is viewed before the intended recipient has a chance to open it.

Slashdot | Stored Email Not Protected by Law.

Paul Andrews H Y P O D E R M I A : Who Are Your Gatekeepers? Who decides what you read? Your natural response should be, "Why, I do -- of course." In reality what you read -- and hear, and view -- for the most part undergoes a highly engineered process of filtering, editing and packaging before it reaches your consciousness. Innumerable decisions are made along the way that affect not only what you read, but whether you get to read it at all. The process falls under the heading of "production value," and decisions about what to print are often termed "gatekeeping."

Content Wire - Internet Privacy Needs Standards. Privacy is an amorphous concept, say analysts. A combination of policy and technology could overcome some of the complexity

[ ... ]

CPExchange Network, a volunteer consortium made up of over 70 leading ebusiness organiza-tions, is offering a vendor-neutral, open-standard for exchanging privacy-enabled customer information across different businesses and computer systems. Chaired by IBM, it may increase transparency between both businesses and users to eliminate much of the uncertainty and turmoil surrounding online data exchange.

The CPExchange Network folks will 'eliminate much of the uncertainty' by setting up a system which pretty much makes sure that your data will be shared with almost everyone who wants it.

CNET NEWS.COM - Lawmakers voice spam concerns.

U.S. lawmakers said Wednesday that they have asked the Securities and Exchange Commission to immediately look into corporate practices of sending spam to consumers.

Democratic Reps. John Dingell and Edward Markey made the request in a March 26 letter to acting "SEC" Chairwoman Laura Unger. They want "slammed shut" a potential loophole in the privacy protections provisions of the landmark overhaul of the financial services industry under the Gramm-Leach-Bliley Act.

IT-Director.com - Personal databases: Who Owns The Data?.

The "personal database" of each individual consists of more than Microsoft is seeking to provide at the moment with Hailstorm. It consists of educational records, employment records, health records and much more. Such data is going to be very valuable to the individual and its origin is in identity that is conferred by government. Much of this information is also very valuable to government itself and also many organisations that would like to do business of various kinds with the individual. The individual has the right to control this - or will have as soon as it becomes a political matter.

So here's the problem. Government itself should be driving the agenda on this. Whether Microsoft or anyone else provides the software to manage it is irrelevant, because it is government that must ensure the privacy and legislate for the accessibility of such data and guarantee such a service. As time goes by, we are more and more defined by our personal data and more and more of it is held electronically. If government does not get wise to this then it will find itself in a difficult situation, because the software market and the Internet will gradually encroach on its territory. But there is no sign that any government anywhere is aware of this problem.

There is also another question here, which is: can you trust the government on this? This plunges us straight into a civil liberties debate. The more data we hold on ourselves (or is held on our behalf) the greater the possibility of abuse by the controlling body. Government not only has to set the agenda and control the evolution of the "personal database", but it has to act transparently in doing so for the sake of personal freedom.

EUbusiness - EU privacy standard 'burdensome' for US firms: Washington. The EU directive would require privacy guarantees in all business contracts that are much stricter than the US requires. EU standards compel, for example, that consumers have access to information collected about them and notice on how it is used.

FT.com | News and Analysis | World Article - US and EU clash on privacy.

The EU directive prohibits data transfers out of the EU to any company or subsidiary based in areas with "inadequate" privacy protection. It was adopted by the European Parliament in 1995, made effective by the European Commission in 1998, and was codified into national law in 11 of 15 EU member states.

The directive establishes privacy as a fundamental human right, requiring individual consent for the gathering and dissemination of personal data obtained, processed or transferred from or through the EU. It requires elimination of data no longer needed for the original purpose it was given and prohibits unauthorised transfers of such data to third parties.

B2B Markets and Exchanges - Europe and US Split On Customer Privacy.

CNET NEWS.COM - EU asked to tone down privacy standards. The Bush administration is pressing European regulators to weaken proposed privacy standards for consumers, saying that the current blueprint would make it difficult for U.S. financial institutions to conduct business abroad.

SiliconValley.com part of San Jose Mercury News - Web sites skirting children's privacy law, study says.

Common on other Web sites too, the researchers found the privacy policies were difficult to find, read and understand.

``We found that most of the 90 privacy policies were so long and complex that it took the coders an average of 9.4 minutes to read each policy in search of its COPPA statements,'' the report said.

The researchers spent 14 minutes reading the Applejacks.com policy, and were still confused by some portions. But the Chevroncars.com policy took about 16 minutes to read but featured pictures of ``Wally the Warning Squirrel'' cautioning children that their personal information would be used.