Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!sol.ctr.columbia.edu!ucselx!bionet!turbo.bio.net!lear From: lear@turbo.bio.net (Eliot) Newsgroups: comp.org.eff.talk Subject: Re: Student suspended for distributing /etc/passwd Message-ID: Date: 25 Jun 91 00:35:46 GMT References: <31124@hydra.gatech.EDU> <1991Jun24.214045.14965@athena.mit.edu> Organization: GenBank Computing Resource for Mol. Biology Lines: 17 purdon@athena.mit.edu (James R. Purdon III) writes: >If it includes incoming messages, then is the reasonable expectation >of privacy assumed by external senders of email being violated, as >you have neglected to inform the net (at least within the United >States, where such regulations hold) of your monitoring? I presume you are talking about ECPA. Those regulations were written so that service providers could snoop all they want. Service providers and their employees are specifically allowed to snoop, so long as [1] they do not disclose the information they learn, and [2] they found the information in the course of their duties. As I recall ECPA goes on to further allow that same group of people to disclose to law enforcement officials any evidence that might be involved in a criminal proceeding. Don't rely on ECPA. -- Eliot Lear [lear@turbo.bio.net]