Save a Chatlog... Go to Prison? 486
Alien54 writes "You are engaged in a chat session with some friends and colleagues, when one of them makes a witty remark or imparts a pithy bit of information. You hit CTRL-A and select the conversation, then copy it to a document that you save. Under a little-noticed decision in a New Hampshire Superior Court in late February, these actions may just land you in jail. New Hampshire is "two-party consent state" -- one of those jurisdictions that requires all parties to a conversation to consent before the conversation can be intercepted or recorded. The decision is the first of its kind to apply that standard to online chats, and the ruling is clearly supported by the text of the law. But it marks a blow to an investigative technique that has been routinely used by law enforcement, employers, ISPs and others, who often use video tape or othermeans to track criminals in chat rooms. This also has troublesome implications [for employers] monitoring of email and other forms of electronic communications."
Trillian Pro (Score:4, Insightful)
Easy... (Score:2, Insightful)
IM too? (Score:3, Insightful)
Logs are presumed (Score:3, Insightful)
A blow to an investigative technique? (Score:5, Insightful)
This is Science? (Score:4, Insightful)
This sounds an awful lot like a Your Rights Online topic.
Online games logging features (Score:3, Insightful)
I know people that have logged to text files and then to data base everything they have said and had said to them for 5+ years in some of these games. Considering that
Also considering that techsupport often asks for logs when reporting bugs/unusual behavior or cheating, would that make them accomplices after the fact?
Standard Internet Usage Policies (Score:2, Insightful)
Re:Troublesome how? (Score:3, Insightful)
It doesn't affect law enforcement... (Score:5, Insightful)
Interestingly enough, what about programs that log the chats automatically? I would have an easy time (I think) defending that trillian was logging without my knowledge as opposed to me physically copying a conversation without the other party's consent.
Chat logging as wiretapping? (Score:5, Insightful)
They are missing one crucial point here I think. A chat log is (usually) just a plain text file of the contents of a chat session. A file like this could easily be created by hand by anyone, at any time. Even when it's something more sophisticated than a text file, it can still be faked pretty easily.
So wouldn't a log like this be completely inadmissable in any court anyway? Wiretaps have been used for years on the premise that audio analysis can be used to unerringly establish the identity of the speaker. Chatlogs are simply a whole other kettle of fish.
Re:Inefficient (Score:3, Insightful)
What does "record" mean? (Score:5, Insightful)
The law needs clear definitions to work well... I don't think it's a blow to privacy rights for participants to assume that anyone party to a text conversation can record it.
Spoken conversations are by definition transient--the sound is gone as soon as it happens. The law makes sense for those. But for text conversations, with backscroll and long buffers, it quickly becomes silly.
Re:Good luck stopping it. (Score:3, Insightful)
Re:Easy... (Score:5, Insightful)
Remember all the ire about clickthrough agreements? Yeah.
Re:Logs are presumed (Score:5, Insightful)
But once we start throwing compatible and cross-network IM clients around, who knows what the rulings would be. Plantiff: "My client does NOT log by default, so there is no implied consent" Defendant: "Your doesn't but my client DOES log by default, therefore, the system implies consent."
frob
Re:A blow to an investigative technique? (Score:4, Insightful)
Re:Inefficient (Score:5, Insightful)
Re:Troublesome how? (Score:2, Insightful)
Technically, if you are at work and being paid, you shouldn't be doing anything personal. They're paying for you to be there, and they can demand / expect you to do what you are being paid for, not personal stuff. In fact, if you spend too much time doing personal things, they have the right to discipline, or even dismiss you.
Most companies I've worked for have a clause about "reasonable" personal business during work hours. It is okay to get a few calls from family or friends, but if you spend too much time, they have the right to tell you to curtail personal business. It is personally reasonable for an employer to expect you to be engaged in whatever activity they are paying you for while you are "on the clock"
Similarly, they are free to open your desk when you are not around. After all, the desk is theirs, not yours. (There was a court case about this several years ago, and the employee lost.)
Employers have the right to control what you do with the computers and phones they provide for you to do the work they are paying you for. You have no right to expect that you can use their equipment, bandwidth, office supplies, etc. for personal use.
Having said this, most employers realize that happy employees make better employees, which is why they allow "reasonable" personal use during working hours. At the same time, however, they need to monitor personal use to make sure this privilige is not being abused.
All I can saw is bullshit (Score:3, Insightful)
I live in NYS and have my IM client set up to log ALL conversations. I consider it no different than saving an email.
People need to learn that ANYTHING they put on the internet might become public and/or stay there forever.
Of course it sounds like NH is screwed up anyways. Being able to record a conversation without someone else's knowedge is a standard CYA procedure. If it was easy, I would set it up so that all my phone conversations are automatically recorded as well.
It would be really useful, especially when a certain cellphone provider keeps sending you bills for an account AFTER you cancelled their service. How the hell is one supposed to bust jerks like that without recording the conversation?
Laws like this only encourage criminal conduct.
What's "recording"? (Score:5, Insightful)
The answer is important, since chat software "saves" conversations in RAM, at least as long as the chat window is open. I can preserve a record of a chat session for as long as I want by simply not closing the window. Given that fact, I would expect that all chat sessions are recorded, and therefore use of chat software implies consent by all parties to record the session.
I suppose that if you're really concerned about this, you could strengthen that case by transmitting a statement immediately after starting a chat session along the lines of "This chat session may be recorded. If you do not consent to the recording of this session, disconnect from this session now."
apple ichat (Score:3, Insightful)
<ranting>
seriously now, what are govt officials thinking? more recently about the gmail privacy issue (which is only made an issue by folks who dont understand it) and now this sillyness? and why is this post under the science section? yro maybe?
argh!
</ranting>
from the article: " Why should e-mail be any different? Why should VOIP? Why should IM? IRC? SMS? Either communications are private, or they are not. To the Internet, packets is packets. Maybe its time for the law to make up its mind."
IMO these mediums -should- be different bc they have different acuisition(sp?) methods.
lets take email and snailmail for example
to open another person mail is a crime. it involves using your hands or some tool to break the paper/cardboard that the item arrived in and view its contents.
to open another persons email is an invasion of privacy which may involve simply turning the computer on. (auto email checking that puts a cute icon on teh screen, grandma clicks it and voila)
IMO we need laws that accomodate and understand the technology, not make some half arsed RL relation to it.
besides, if you think that your plaintext sent IM messages are ensured to be private to only you and your intended recipient then you really need to learn about el interneto. if ppl want that then use encryption!
Re:Logs are presumed (Score:1, Insightful)
This is on the same level as laws against blackmail. Why is it wrong to threaten to do something that it isn't wrong to do? It's just absurd, yet people don't like it happening to them, so the response is just to make it illegal. When we have a totally unprincipled legal system, these things will just keep happening.
Re:Logs are presumed (Score:3, Insightful)
When chatting, especially with multiple parties, but via computer systems, it's common practice and common knowledge that network activity (and hence the chat itself) may be logged, sometimes without the explicit intention of the user (example: a firewall log may record the date/time, IP address and other sorts of information about the sender and the conversation.) Similarly, the data may remain in temporary files, again without the explicit intent of the receiver. All of these sorts of inadvertent logging and data retention are, I believe, arguably necessary to the standard operation various portions of the computer system being used to chat and as those sorts of things are fairly well known, it opens the door for an argument of implied consent.
Now, there's another angle to this... Voice conversations are temporally limited by their ephemeral existence in a medium that will quickly return to a "normal" state and leave little or no persistent evidence of the existence of the (attempt at) communication. As such, voice communications rely on the temporal coexistence of all parties to the conversation. Recording, therefore differs from normal conversation by a transformation across mediums (from sound waves to whatever relatively permanent medium of recording is used, such as digital sampling or the grooves of a record). Thus, recordings also differ from the original conversation by their temporal stability -- they'll persist across time much more readily than the original conversation. Neither of these is as clearly true in the case of digital text chats. It is common practice to IM someone when they're away and *rely* on the temporal persistence of the IM itself to allow the recipient to read the IM whenever they're able...and to re-read it as many times as they like (presumably with the IM/chat text remaining open. on-screen). Indeed, IM's in their natural state function, effectively, as a short-term logging system by design and intended function. Therefore, arguing that IM's and text chats should be subject to the same rules as fundamentally different communication mediums threatens the very existence of the textual chat medium, if the ramifications are fully considered.
Chatting is consent. (Score:4, Insightful)
What we have here.... (Score:3, Insightful)
This really only applies to police making logs of chats and then whether or not those logs hold up in court.
You aren't going to be prosecuted for keeping logs of all your online chat sessions. That is not what is in question here. Only time it matters is if your chat log could somehow be admissible as evidence in a criminal or civil court case.
I also doubt you'd get in trouble for posting bits and pieces of a chat log on the web somewhere either. Anyway, I wouldn't go posting "private" conversations online without all parties' consent. It's rude to do otherwise.
Also note, the article isn't about IRC here, but ICQ and AOL which are one on one chat clients for the most part. The law is talking about "private" conversations.
Re:Trillian Pro (Score:2, Insightful)
---
Ahh, but here is where the lawyers can make money. (Score:2, Insightful)
is it in the jurisdiction of the server, or the chat client, if in the client side, which client? the operator of the IRC channel for instance.
If its the operator, which one?
as is said, the devil is in the details.
Re:Trillian Pro (Score:5, Insightful)
Let's say I'm using ICQ, and I take the extra step to turn off the logging. Does that mean that I don't consent to the conversation being recorded?
This seems pretty important.
I think this falls into the legal area concerning (Score:5, Insightful)
In a public forum, there is no expectation of privacy. People may record what you say. Get over it.
Sarbanes Oxley requres this (Score:1, Insightful)
New Footer Blurb . . . (Score:4, Insightful)
By viewing contents on [your website here], you consent to monitoring and logging.
Looks like a universal EULA similar to the above is needed just to not find oneself in violation of the law for logging anything.
Re:Easy... (Score:4, Insightful)
The law is not meaningless as long as you sign an agreement. The law requires that you agree. You are missing the point or did not even read the topic.
Re:Too late. (Score:5, Insightful)
When you're on the telephone you have no presumption that your conversation is being recorded.
Unless maybe you're talking into an answering machine or voicemail box, or have otherwise been informed that you are being recorded.
When you're sending data on the computer, you know, because you've been told again and again that THE INTERNET IS NOT SECURE, that anything you transmit may be intercepted, recorded, retransmitted, stored, parsed, decrypted, or otherwise coopted. Your rights in this regard can be presumed to be limited to those you would have if you know someone has a legal copy of a document. Anything else the law has done to expand those rights is based on a fundamental failure to understand the fact that THE INTERNET IS NOT SECURE.
I.e., it's not the copying and storing that's a problem. It's the uncopyrighted duplication to repeat to others that's a problem. Original copies are, as always, free to be transferred to others (and if they are, by law, not, then the law is, as always, a ass). But here's a hint for all the lawyers out there: the act of transferring a copy from hard disk to floppy disk is copying, and copying more than once, in the various hardware in the machine; destroying the copy on the hard disk doesn't change that; so you might have an out.
Re:A blow to an investigative technique? (Score:3, Insightful)
Re:Relevance (Score:5, Insightful)
How do you get around the fact that the IM chat is immediately recorded (by definition) when it appears in your IM application?
What about implied consent? Since you know by using the IM application that your conversation is automatically being recorded in the other party(or parties) IM application, doesn't that necessarily mean that you have consented to its recording?
I think so, and I think this decision is just one that will be dismissed or criticised when this issue is briefed before the majority of courts in other jurisdictions. It is a NH state decision - it has no force anywhere else.....
Re:Trillian Pro (Score:3, Insightful)
Re:Does... (Score:5, Insightful)
That means that even if it is a conversation, permission has already been given to Slashdot, at least, to copy and record it.
So, for example, I can't sue Slashdot for reproducing my words here, because my post is indication of my consent to have them reproduced.
But if you save a copy, I could potentially accuse you of copyright infringment, because I have only granted Slashdot a right to reproduce.
But fair use would cover that, probably, and I license this post under the Creative Commons Attribution-ShareAlike License [creativecommons.org]
But do note that copyright is a separate issue from the chat logging issue.
(Dang, I sound like a stinkin' lawyer!) IANAL.
um... (Score:2, Insightful)
Re:Easy... (Score:3, Insightful)
Spoken like someone who has never used AIM, et. al. at work...
Instant messaging can be very useful at work. I'm in a new job right now that doesn't allow it, and I'm really missing it. It is especially useful when your team is scattered across multiple buildings and you have a quick question. It's also handy for asking friends/previous co-workers things like "what was that command to view all the disks in Veritas VM again?" Yes, you could use the phone or e-mail for these, but it is suboptimal.
Stupid law - here's why (Score:4, Insightful)
So how is this different from a physical letter, in which the consent of the sender is presumed?
So what you're doing isn't copying their conversaiont - you're making another copy of a pre-existing copy which they consented to.
Re:Relevance (Score:4, Insightful)
I believe this is the logic used in reference to voice mail/answering machines, where it was by nature recorded and it had to be supposed that a third party could hear it.
What confuses me is that this is listed under a "wiretap" law; my understanding (common understanding?) is that a wiretap is a "man in the middle" attack where a third party "eavesdrops" on a conversation. In this case, they are applying it to one party recording their conversation with a second party. While they may want to prohibit this (two party consent) it really is separate from wiretapping.
In a situation like that.... (Score:2, Insightful)
I've worked in an environment where we were pretty scattered and reliant on IM too. But we had a private IRC server set up on-site, and behind our firewall. AIM, YIM, and so on, route their messages through the 'net at large, and through servers owned by AOL, Yahoo, and so on. That's a very BAD thing if there's even a CHANCE that you'll pass along code snippets or discuss confidential company information.
cya,
john
medium blurring (Score:3, Insightful)
What do appeals courts generally do to convictions based on laws that weren't written with the circumstances of the alleged crime in mind? They generally throw them out. Lets hope this holds, and also badger our legislators to allow recording of communications by those known by the speaker to be receiving them. Two-party consent lets the powerful screw over the little people and not be held accountable for it. It's arguably a first amendment violation, though apparently nobody has argued that lately, or at least not convincingly.
Re:What we have here.... (Score:3, Insightful)
I also doubt you'd get in trouble for posting bits and pieces of a chat log on the web somewhere either.
Citizen # 4317980A, your faith that your government will play by the rules has been noted. And believe me, we appreciate it.
Re:Easy... (Score:5, Insightful)
The point is to keep people from being caught by such things as "Can you please read the following document?" where the document seems to be a fictional passage but when replayed in court later, it sounds like you are admitting some crime. Other examples exist as well (e.g. orally agreeing to something and changing one's mind later; with the recording, the oral agreement is a contract; without it, it's just air).
A written record of what happened is different. It does not bear the same weight as the recording in someone's own voice (although modern audio edit facilities may make this overblown, i.e. a recording might be faked almost as easily as a written transcript).
I'm no scholar (Score:2, Insightful)
Re:Easy... (Score:4, Insightful)
When I call an organization that records all conversations, I know that not only am *I* being recorded but that they are as well. Thus, I am protected from them misrepresenting my statements or their own.
That's not to say that there are not abuses. I'm sure that there are. However, there would be abuses if the information was missing as well. Consider the case of an unrecorded conversation that would explicitly clear me of something and reveal that the other party did it. Or a revised agreement that could have been recorded but wasn't; offer withdrawn before signing. So on and so forth. There are a lot of babies flying out with that bathwater.
I keep all my email and chat transcripts. Partly for the record and partly so that I have access to that info for future conversations (I have emailed someone an excerpt from a chat to save reformulating the info after they forgot). I do a lot of my work to spec, so I spend a lot of time with printouts of email marking off things that are done, making notes, etc.
Re:Relevance (Score:5, Insightful)
Re:Easy... (Score:2, Insightful)
However, I don't understand the legality of a recorded chat session anyways. Unless there is a certificate that gaurantees that the text has not been altered from what was originally transmitted, I would not trust a chat session log if I was a juror or jurist. With a voice recording, there can be a modest amount of verification through voice analysis which is then reinforced by the witness of the conversation giving authenticity through testimony. The two together (testimony and recording) provide a very reliable source of evidence. However, a text log is not verifiable. If I change the text as it is recorded and then testify that it represents the conversation, it is really just my word against theirs. In that sense a text log is not really any additional authentication of a text conversation. Sure any "recording" could be forged, but the ease of forging chat logs makes them completely useless in my opinion. The testimony of the participant is not authenticated in any way and no extra weight should be given to the testimony by means of the chat log. It should be treated in the same way as if the participant had scribbled it on a sheet of paper moments after it was said. And in that case you could not exclude it, since documenting a conversation is not illegal of you participated in it in any state. (Eavesdropping on a chat session without the knowledge of participants would be a different situation.)
-Jacob
Re:Easy... (Score:1, Insightful)
Those are two different situations. To illustrate, allow me to reduce the exchange to an abstraction.
Let A be the husband, B the wife, C the employer, and D the employee.
A makes a proposal to B. B refuses. A proceeds without B's consent.
C makes a proposal to D. D refuses. C ends its relationship with D.
Do you see now that a husband forcing himself on his wife is not at all like a company firing an employee? It would be a better analogy if either the husband divorced his wife or the company forced the employee to work under the new agreement without the employee's consent.
That said, what could really be more fair than ending a relationship when a disagreement comes up and negotiations either fail or are not possible? To force the employer to continue employing someone in this situation would be unfair not only to the employer, but to all the employees who did sign the agreement as well! So if not terminating the employee would be unfair, how can the termination be wrongful?
Re:Relevance - freedom! (Score:3, Insightful)
Like Scalia barring reporters from recording his speeches [cnn.com]?
Re:What does "record" mean? (Score:3, Insightful)
I agree completely. Most of the disagreements that I've had with people about management of "their" information that I have is a result of us having different perceptions of what's going on.
I get strange looks from some people when I mention in-passing to them that I rarely delete email. (From my perspective, disk space is cheap.) For the majority of techie people who I know, this is completely ordinary. But for other people who are used to deleting email soon after they've read it and not keeping it around, it seems weird. Sometimes they even express discomfort that I keep their email permanently, but from my point of view it's just keeping records of correspondence in the same way that many people don't throw away old letters.
I often get the same reaction when I look at the source code of someone's website. If someone's watching me they often consider it equivalent to hacking the site. I've had a few reactions like "how dare you look at my code?" and so on. From my perspective it's completely normal, since I just view HTML of a web page as open information that's not encoded any more than it is, and viewin the HTML directly is merely a different view of the same information. But from their point of view, it was never imagined that anyone would be able to see it.
I don't use IRC a lot, but if I did it would be completely natural for me to treat it as something that could be logged and saved. After all, from my perspective it's written communication and I like to be able to keep records of my written correspondence.
I think one of the main problems with this type of law is that it's based on an incorrect mental model of how something works. People don't expect something might happen because they've never used the service that way themselves, and so they assume that anyone who uses it differently must be up to something suspicious.
So should there be a law that you have to delete old emails unless you have permission from the people who sent them? Should there be a law that you have to throw out old letters that people have posted to you? Should there be a law against viewing the http transmissions of raw HTML text that are coming through your connection for your web browser to display? Should there be a law against keeping logs of IRC discussions? My personal beleif is that none of these laws would make sense.
Personally I live somewhere (New Zealand) that allows for correspondence to be recorded as long as at least one party knows about it. It nicely fits my mental model of information propagation, and I hope that law stays as it is.
Re:It doesn't affect law enforcement... (Score:3, Insightful)
Re:Easy... (Score:2, Insightful)