Mistaken belief in privacy and security of email brings scandal to Washington

Washington is once again engulfed in scandal as an F.B.I. investigation lead to the resignation of the director of the C.I.A. The cloud continues to grow as the top general in Afghanistan and a powerful socialite in Tampa have been drawn into the fray. The case once again brings issues of internet privacy and security to the forefront.

The public is frequently reminded about such issues in the relatively new area of social networking. But unlike social networking, where information is intended for a wider audience of friends, family, or acquaintances this case involves communication intended to be totally private.

An email chain between the former general and director of the C.I.A. David Petraeus and his one-time biographer-turned-lover Paula Broadwell revealed the extramarital affair that forced Petraeus to resign. The F.B.I. investigation began after anonymous, threatening emails were sent to Jill Kelley, the Tampa socialite and friend of Petraeus. She referred the emails to the F.B.I., which found they originating from a Gmail account used by Petraeus.

The spy and the writer used several, ultimately ineffective strategies, to conceal their communications. They used anonymous accounts, not tied to their names. The F.B.I. spent weeks matching the IP addresses that were used to send the emails with physical locations and cross referencing those with Paula Broadwell’s known travels. From there, investigators were able to obtain a probable-cause warrant, which they used to actively monitor her email accounts.

Petraeus and Broadwell exchanged some messages by leaving unsent drafts in Gmail to avoid leaving a communications trail. Once investigators gained access to Broadwell’s email account, however, they apparently uncovered the ruse.

The American Civil Liberties Union believes the government overstepped. “There should be an investigation not of the personal behavior of General Petraeus and General Allen but of what surveillance powers the F.B.I. used to look into their private lives,” its executive director, Anthony Romero, told the New York Times. “This is a textbook example of the blurring of lines between the private and the public.”

The Electronic Communications Privacy Act gives the F.B.I. a lot of authority. The 1986 law says emails in transit to the recipient, or unopened messages, are highly protected. But law enforcement can get opened messages and emails older than six months with a subpoena or an order that requires only that they be relevant to an ongoing criminal investigation.

A bill under consideration by the Senate Judiciary Committee would amend the 1986 law to require the F.B.I. to obtain a search warrant, showing probable cause to a judge, before agents get email contents from an Internet service provider. The legislation sponsored by Sen. Patrick Leahy,(D-Vt.) would also force the F.B.I. to provide more detailed notice to the person whose email account is being reviewed.