Rules and Regulations for Private Email Providers

As digital communications continue to increasingly power the world, the number of regulations guiding that messaging are multiplying. However, email regulation laws don’t necessarily apply across the board, as public email services are often exempt—leaving the legalities surrounding email privacy murky, and potentially opening users’ systems up for intrusion.

Email laws vary state to state but, at the federal level, email privacy is considered to be a constitutional protection. Federal law prohibits the real-time interception of email messages, while the Pen Register Act has been interpreted to prevent the interception of certain identifying elements of an email, such as the sender’s and receiver’s email addresses and IP addresses. The Stored Communications Act further protects emails that are stored on a server.

However, there is a significant caveat to all of these email privacy laws: Most contain loopholes for public email providers. The so-called “provider exception” enables large, free services such as Yahoo and Gmail to circumvent some of the basic email privacy laws, giving them a level of entry into users’ email system for the purposes of display advertising. The easing of such rules gives public email providers more leeway when it comes to how they manage and store messages, which can put email privacy at risk. Many of these nuances are buried in a company’s email privacy statement, which most users commonly overlook.

What is the best way then of how to protect email privacy? For those who are using a public email service, reading the email privacy disclaimer line by line is a start. However, recognizing the risks associated with public email, users who want to enhance their email privacy should turn to private email. Private email providers comply with the rules and regulations regarding email privacy that public services are able to avoid, giving users more control over and confidence in the safeguarding of their email messages.