On what authority did the FBI obtain and read their emails?
Largely its own. A senior FBI official or a federal prosecutor can
simply issue an administrative subpoena, without a judge’s
approval, requiring an Internet service provider to turn over
emails and other electronic records without notifying the user.
Unless charges are filed or information is artfully leaked to the
media as in the Petraeus affair, the user may never know that law
enforcement has been prying into their private data.
How can law enforcement get away with snooping into our emails
and other documents stored online? After all, the Fourth Amendment
guarantees the right of citizens “to be secure in their persons,
houses, papers, and effects,” against unreasonable searches and
seizures by government agents without a warrant based on probable
cause. It is long settled law that the police must get a warrant
approved by a judge based on probable cause to look at a citizen’s
personal mail or documents. But not if those documents are located
on third party servers in the “cloud,” argue the FBI and other law
enforcement agencies.
The FBI’s claim to be able to access your private emails and
documents rests on the agency's interpretation of the Electronic Communications Privacy
Act (ECPA) of 1986. When enacted more than 25 years ago, the
ECPA updated wiretap monitoring and data storage provisions to
protect against snooping by private third parties. The ECPA also
required that law enforcement obtain a probable cause warrant from
a judge to gain access to emails in transit, emails stored on a
home computer, and unopened email stored remotely for 180 days or
less.