Have you ever written an important message, submitted your resume, or complained about your roommate over e-mail? Would you have handled it differently if you knew that strangers, administrators, or your roommate could read your message? Once a tool for only the most computer literate, today e-mail is a standard means of communication for millions of people. Many users, however, incorrectly assume that only those who are intended to read their correspondence have access to its content. With an illusion of privacy, people e-mail personal letters that they would never want anyone else to read, or send confidential information that could be compromising if it fell into the wrong hands.
On its path from sender to recipient, e-mail travels from server to server and can be read more easily than a postcard. E-mail security has become the center of many debates that search for a common ground between individual rights, corporate rights, and computer technology.
Many companies who rely on e-mail for much of their communication now have policies that outline where e-mail privacy ends and e-mail monitoring begins. Supporters of e-mail monitoring state that all correspondence through a company's server belongs to the company and therefore the company has the right to access it at will. They argue that surveillance prevents employees from abusing their e-mail access and allows the employer more control over correspondences for which the company could be held liable. Opponents explain that e-mail monitoring creates an atmosphere of mistrust and disrespect, and that surveillance is an unnecessary obstruction of employee autonomy.
The privacy issues that surround e-mail extend beyond company policies. For example, in July of 2000 the United Kingdom passed the Regulation of Investigatory Powers bill, giving the government access to all Internet correspondence. Internet Service Providers must route all e-mail through governmental headquarters, and government officials have access to all encryption keys that are used to protect and secure e-mails.
Even after an e-mail has reached its destination an unintended audience can read its contents. The forwarding feature provided by most e-mail services gives the recipient the ability to pass on e-mail without the author's knowledge. Research shows that people consider reading someone else's e-mail as less of an invasion of privacy than reading someone's ordinary mail. This belief, along with eavesdropping and monitoring, compromises the security of e-mail correspondence.