Now Available:

line

Featured Resources:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Rebecca.

« On The Internet, If It Looks, Quacks and Walks Like a Duck, Is It *REALLY* a Duck? | Main | Laws, Standards, Mapping, and HIPAA »

Norwich University Residency Week & Thoughts On the Court Ruling on Email Searches

I'm a professor for the Norwich University MSIA program, and since Sunday I've been here in Vermont for their residency week, culminating in graduation on Friday. It has been a great week! It kicked off with a wonderfully thought-provoking discussion led by Karen Worstell, former CISO for Microsoft, as well as former CEO at AtomicTangerine, and many other high-profile positions.

We've also had great lectures and discussions led by Dr. Peter Stephenson, , Padgett Peterson, and Dr. Mich Kabay, just to name a few.

I love being on a college campus again. And I am happy I had the opportunity to also give a lecture (which I will post in the next couple of weeks on my personal website) along with an all afternoon workshop on Tuesday on the need to partner information security and privacy efforts, with a focus on training and awareness activities.

I did see that a couple of days ago there was a ruling made that the government must have a search warrant to obtain email records:

"The government must have a search warrant before it can secretly seize and search emails stored by email service providers, according to a landmark ruling Monday in the 6th U.S. Circuit Court of Appeals. The court found that email users have the same reasonable expectation of privacy in their stored email as they do in their telephone calls -- the first circuit court ever to make that finding. Over the last 20 years, the government has routinely used the federal Stored Communications Act (SCA) to secretly obtain stored email from email service providers without a warrant. But today's ruling -- closely following the reasoning in an amicus brief filed the by the Electronic Frontier Foundation (EFF) and other civil liberties groups -- found that the SCA violates the Fourth Amendment."

I have not had a chance to look at the details of this case or the ruling, but I was surprised to see that in the few news reports that I read about this that there was no mention of the USA PATRIOT Act in any of them. The USA PATRIOT Act changed the surveillance and monitoring requirements and allowances within at least 35 specifically named laws. I have heard of instances of email messages being obtained without a warrant using it.

Tags:                  
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold on June 21, 2007 1:00 AM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-itcompliance.com/type/mt-tb.cgi/442

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Rebecca Herold's Bio:

Rebecca Herold,CISSP, CIPP, CISM, CISA, FLMI, has been providing information security, privacy and regulatory assistance and services to organizations from a wide range of industries for over 18 years. Rebecca was instrumental in building the information security and privacy program while at Principal Financial Group, which was awarded the CSI Information Security Program of the Year Award in 1998. IT Security ranked Rebecca as one of the top 59 IT security influencers, and Computerworld put Rebecca their list of the 25 top privacy experts and on their list of the 9 best privacy consulting firms. Rebecca has been CPO for two consulting organizations, and has had her own information privacy, security and compliance business since 2004. Rebecca has written chapters for several books, dozens of articles, and has been writing a monthly privacy column for the CSI Alert newsletter since the beginning of 2001, and is working on her 11th book. Some of her other books include The Privacy Papers, Managing an Information Security and Privacy Awareness and Training Program, The Definitive Guide to Security Inside the Perimeter (Realtime Publishers), The Shortcut Guide to Improving IT Service Support through ITIL (Realtime Publishers), and The Practical Guide to HIPAA Privacy and Security Compliance. In addition, Rebecca is the leader of The Realtime IT Compliance Community where she posts to her IT Compliance weblog. You can contact Rebecca at: rebecca_herold@realtimepublishers.net.