Email Privacy at the Center of Petraeus Scandal

Sunday, November 18, 2012, by Anu Madan

On November 9, 2012, the world watched in shock as decorated four-star Army general, David Petraeus, resigned from his post as the Director of the CIA, after confessing his extra-marital affair with his biographer, Paula Broadwell.

What led to these astounding events? As if right out of a soap opera, this scandal commenced when Jill Kelly, a Tampa socialite, started receiving harassing emails from an anonymous sender.  After sharing her concerns with a friend in the FBI, federal investigators traced the messages to Broadwell.  In an attempt to find the source of the harassing emails, investigators discovered sexually explicit emails that Petraeus and Broadwell had been exchanging

Although the two took some precautions to shield their identity and keep their illicit communications a secret, it wasn’t enough.  Despite using pseudonyms to set up separate Gmail accounts, they made the careless mistake of not deleting their emails and drafts.    

What this scandal reveals is that no one, not even the Director of the CIA, can hide behind a computer screen.  In a recent article, the ACLU asked: When the CIA director cannot hide his activities online, what hope is there for the rest of us?  Not many, it would seem.  Unlike letters stashed under a mattress, email communications are very difficult to conceal.  Efforts to hide communications trails have proved futile.  In an attempt to communicate discretely, Petraeus and Broadwell also reportedly opened a shared Gmail account, where they stored their sexually explicit messages in the draft folder, instead of transmitting them.  Law enforcement authorities are well aware of this technique, which, appeared in federal court documents nearly a decade ago. 

According to the ACLU, by “storing emails in a draft folder, rather than an inbox, individuals may be making it even easier for the government to intercept their communications.”  In previous cases, the Justice Department stated that because draft emails are not in “electronic storage,” police could access them without obtaining a search warrant from a judge. The Justice Department claims it only needs a subpoena to access the draft emails. 

It seems that Department of Justice has the statutory support to make that argument.  The Electronic Communications Privacy Act (ECPA), which was last updated in 1986, currently governs digital communications.  The ECPA contains a provision that permits authorities to access email messages more than six months old without a warrant.  Furthermore,
courts have not required police to notify account holders” when they monitor their email accounts.  According to at least one federal district judge, informing Internet and Web email providers is sufficient under the ECPA and is constitutionally valid under the Fourth Amendment.

Two months ago, Rep. Zoe Lofgren introduced a privacy bill backed by a coalition of corporate members (including Amazon.com, Google, and Apple, to name a few) that would require authorities to obtain a search warrant to access private digital communications.  Though the “ECPA 2.0 Act of 2012” has been deemed a “superb piece of legislation that would ensure Fourth Amendment protections remain meaningful in the information age,” it will face strong opposition from the Department of Justice and other law enforcement groups.

E-mail communication was at the heart of the Petraeus scandal.  Perhaps it is time that we modernize our privacy laws so we can keep our most confidential communications, confidential.