The Electronic Communications Privacy Act (ECPA) is a Federal statute intended to provide the same security for electronic mail as users of the U. S. Postal Service enjoy. It forbids, under most circumstances, the reading of electronic mail without the consent of the recipient or the sender. In what follows, assume neither party has given consent.
A company allows its employees to send and receive personal (non-business related) electronic mail using its computers. One day, the system administrators notice that an attacker has broken into the system from another site on the Internet. In order to establish what the intruder is doing, they tap the network and read the traffic between the intruder and the attacked host. In doing this, they discover the intruder is reading users' mail.
Department of Computer Science
University of California at Davis
Davis, CA 95616-8562