[rayiner]

A safety deposit box at a bank is a great example. You have 4th amendment protections for your property in one, because you're essentially renting a private space (you also have a 4th amendment interest in a rented apartment).

But compare a safety deposit box to the kind of digital communications the NSA is collecting. The bank cannot open your safety deposit box. You have the key. Hundreds of strangers might work at the bank (just as hundreds of strangers might live in your apartment building), but none of them can access the contents of your box (obviously you have no privacy interest in the box itself, e.g. anything on the outside). It would be illegal for anyone at the bank to access that box. Generally the bank doesn't know whats in your box. You put it in there directly, you don't hand it to a bank employee to store. Certainly, they don't rummage through the box as a basic part of the service they provide to you. Compare that to an email in a gmail account or a Facebook profile or even a phone call made over a cell network. Your information is exposed, unprotected, to potentially hundreds of employees at those companies. And they rummage through that data as a matter of course, whether to target advertising or to do traffic shaping, etc. You have no property interest in that data. You can't sue the company for losing it, you can't sue the company for accessing it, etc.

I can certainly conceive of a digital equivalent of a safety deposit box. It would involve a provider hosting encrypted data that they themselves cannot decrypt or access in unencrypted form. But the services cooperating with PRISM are nothing like that.

[nooneelse]

So if the bank weighed each box before and after our access, and wrote the weight of what we stored there on the outside, made some guesses about what might be in there, and/or maybe sold some ad-space next to that info on the box to offset their costs... that would make the contents less ours, or we in some other way have less right to privacy about them?

[rayiner]

You're dancing around the heart of the issue, because none of your examples involve the bank looking at the contents. Google doesn't just "make some guesses about what might be in" your e-mail. It reads your e-mail to figure out what kind of ads to target to you. AT&T inspects your traffic to do traffic shaping. Facebook has full access to the contents of your profile. Numerous employees at all of these companies have access to the contents of your accounts, not just what's on the "outside."

Imagine if the bank had the lock to your lock box, and bank employees had access to the contents of your lock box, and bank employees regularly rifled through the contents of your lock box. Also, the bank had no obligations as to your lock box. You couldn't sue the bank if they lost the box, or if someone stole the contents, etc. To me, all that would make the box seem a lot less "private."

The 4th amendment doesn't extend to say the stuff you store in your friend's garage. Google, Facebook, etc, accounts resemble that a lot more than they resemble bank safe deposit boxes.

[nooneelse]

There is an important distinction to be made, though, between employees at Google having access to read the contents of emails and them being able to run text analysis on those contents for ad-able words and phrases (what I was trying to get at by having the bank-generated weight-log in the example). Most people know that Google does the latter, but it is dubious that many people at Google have access (especially the kind of unconstrained access connoted by the term "rifled" in your modification of the deposit box) to do the former.

Also, it is not like a friend's garage; they aren't hosting people's email as a favor. It is more like a rent-a-storage-room place with a peculiar method of paying the rent; there is a business relationship/transaction going on. We trade algorithmic-advertising access to our emails in exchange for them providing hosting.

[Dylan16807]

I think if you want to get the analogy right you need to have in-transit encryption, so employees can only see the destination of the data, but once it's stored away it should be decryptable. A key part of using the lockbox analogy to explore your rights is by having it still be physically penetrable, but never expected to be penetrated.

Let's look at Dropbox for a moment. If the system is working correctly the employees never have access to the contents of your files. The data flows past the employees in a TLS tunnel that only lets the destination server decrypt it. Employees are kept from accessing the contents via a mechanism similar in effectiveness to locks. Should this data be protected? I think it should.

Now let's move on to Email. Most of the time, with modern server configurations, it works in a very similar way. The messages are encrypted in transit, stored in plain text, and employees are kept out. Ignoring that obsolete rule about email 'abandonment' after a certain number of days, I see no reason email shouldn't need a warrant.

It comes down in part to how the data is stored in the first place. Why do you say that my email is 'unprotected'? Are there not locks on it, barriers keeping away employees in the typical case? What makes it less secure than a box with a lock that can be broken with a hammer?

[rayiner]

I think there is a big difference between a safe deposit box, where a bank employee would have to break the law and break a lock to access the contents of an account, and something like a gmail account where there are numerous employees authorized to access the contents of the accounts (see the recent story about the Google employee that stalked teenagers), and where the "bank" scans through the contents of the accounts in the regular course of business (to target ads). A bank typically has no idea what you store in a safe deposit box. Google and Facebook know exactly what you store in your accounts with them, and their business model depends on their knowing the contents of your supposedly "private" accounts.