[nhaehnle]

I can't even fathom how it can be illegal. Those are Microsoft owned servers.

How would you feel about the postal service opening the letters it transports in a similar scenario? Do you think it's morally a-okay for them to unilaterally decide to read your mail without a court order?

I suspect that most people would say "no", even though it all happens on the postal services own premises, using their own resources. At the same time, I wouldn't be surprised if most people would think like you expressed when it comes to e-mail.

Clearly, more thought needs to go into this to determine in a reasoned and consistent way whether Microsoft's action were morally right in this particular instance. Value judgments are going to play a role, too. Still, I think it's fairly clear that the answer must be the same for physical and electronic mail.

Edit: I know you were talking more about legality than morality. However, as the physical mail scenario shows, there is already a legal precedent for an actor being prohibited by law from acting in a way that is analogous to what Microsoft has done; and ultimately, the law should follow moral considerations, so those are the more interesting questions anyway.

[Domenic_S]

I always hate when folks make comparisons like this to the USPS for the simple reason that the USPS has reams of laws, codes, and statutes it is bound to follow, full-stop.

These codes explicitly outline how I should expect my mail to be handled by the USPS. They also explicitly define how 3rd parties are handled when they violate your mail. It's all very clear in black & white.

We have expectations of the USPS because of a codified standard. Breaking those expectations is a totally different scenario than the MS scenario.

[_delirium]

In some countries, email also has laws around it. My employer cannot read my email, even the email that sits on their servers in my employer-provided email account, except under specific circumstances dictated by law, with an oversight process dictated by law. YMMV. (There are exceptions for incidental access of email by technical staff for the purpose of making the email itself work, filtering spam, etc., vs. searching the contents and giving your boss a printout.)

There's an interesting intersection-of-laws issue. Our email is actually hosted by Microsoft Office 365. When Microsoft performs searches like this, do they touch multiple email accounts? If they ran the equivalent of a grep across their whole email infrastructure, they might violate Danish law in doing so, if their grep touched our mailboxes. So how they access email inboxes in general is something they ought to be pretty careful of. At the very least I hope they're making sure only to search Americans' inboxes, hosted on American servers.

[rfrank]

Earlier in this thread someone said, "Once your data is in someone else's cloud, you have no recourse."

As a more general matter, do you think that's the way it should be? Do you feel that your information no longer being yours once it touches someone else's server is the right way to do things?

[wetafur]

I don't think that should be the case, but the solution should be more awareness rather than regulation. People should realize that they're giving up something to get a free service or subsidized products like Chromebooks rather than government interfering. Restricting people from searching their own servers will solve nothing.

[esrauch]

It seems like it would solve at least one thing.

[anigbrowl]

Edit: I know you were talking more about legality than morality. However, as the physical mail scenario shows, there is already a legal precedent for an actor being prohibited by law from acting in a way that is analogous to what Microsoft has done;

You don't enter into a contractual relationship with the USPS when you mail or receive a letter. When you sign up for a webmail account, you're doing so on the providing party's terms, and you can't really complain if said webmail provider chooses to enforce the contract that you signed up to.

and ultimately, the law should follow moral considerations, so those are the more interesting questions anyway.

Whose moral considerations would these be?

[nhaehnle]

You don't enter into a contractual relationship with the USPS when you mail or receive a letter.

I would argue that that's a historical accident and in any case subject to change, especially in places where the mail system has been deregulated to allow mail service by private companies. For example, in Germany such companies could potentially have terms similar to a contractual agreement (called AGB) that apply as soon as you post a letter.

The underlying point is really this: the current status quo (good protection for physical mail, no protection for electronic mail) is not something that makes sense if you start reasoning from first principles. It simply developed this way for historical reasons (mainly: webmail providers were created in much more lawyer-happy times, and the rules for physical mail developed over a longer time, during which respect for privacy was valued higher for whatever reason).

I believe that it is a fairly safe bet that, if the internet still exists 100 years from now, most places that will be considered civilized in that future will have laws to protect their citizens' privacy no matter what companies would like to write in their contracts.

Whose moral considerations would these be?

In a democratic society? Everybody's. Yes, a consensus needs to be found, blah blah. The fact that you even felt the need the ask this question is a bit disturbing.

[Guvante]

Physical mail is much simpler than electronic mail. Telegrams are more akin to email that an actual piece of mail.

How do I guarantee I don't look at it when I literally have to look at it to provide the service?

There are services which avoid this by using thinner servers, but they are in the minority.

[nhaehnle]

True. Though the comparison I would make is with postcards, and there is still an expectation of privacy there. If somebody in the postal service were found to be reading postcards on purpose, there would be consequences. Intent matters.

[loup-vaillant]

> Do you think it's morally a-okay for [whoever] to [whatever]?

Morality is not legality. As a webmail provider, spying on your users is obviously very wrong. Thanks to a number of technicalities and loopholes however, it is also perfectly legal.