Basically, the law doesn’t protect mail left on Gmail’s or Hotmail’s servers as carefully as it protects email moved from a mail server to a mail client.
“A coalition of the net’s biggest online service providers, including Google and Microsoft, are joining with the top internet rights groups to demand Congress modernize the nation’s privacy laws.
…
“For instance, when the law was crafted, e-mail was almost always downloaded from a central server to a user’s computer. Any messages left after 180 days were considered abandoned, so the law allows police to obtain any e-mail older than six months simply by issuing a subpoena — meaning no judge is involved. If those e-mails had been downloaded to a user’s computer and removed from the server, the police would need a search warrant, based on probable cause, to get at them.
…
“With the announcement, Google and Microsoft are tacitly acknowledging that their services, combined with the deficiencies in the law, put their users at risk. However, there’s no mention of these problems in their respective privacy policies. There’s no option to delete all documents and e-mails older than 180 days. And there’s no reminders to users about the holes in the law.” –
Google, Microsoft Push Feds to Fix Privacy Laws
Gmail’s searchable archive is convenient, but I’ve wondered lately if email should be ephemeral by its nature. Don’t keep it forever – deal with it and delete it. Write a memorandum if necessary. Not that I’m prepared to start doing that, but it’s something to think about. If I am going to keep every email forever, it would be better protected (in some ways) if I download it to my own hard drive.
