In 2005 the U.S. government was investigating Steven Warshak, a pusher of penis enlargement pills and diet drugs, for wire fraud and other crimes. Invoking the Stored Communications Act, it ordered Yahoo and NuVox, two Internet service providers that Warshak was using, to hand over his stored email. The order prohibited the ISPs from telling Warshak his email had been seized.
Nearly a year later, Warshak was finally notified that the feds were reading his mail. He sued to stop further seizure of his messages, citing the Fourth Amendment’s prohibition of unreasonable searches and seizures. The U.S. District Court for the Southern District of Ohio granted the injunction, saying Warshak should have been informed more promptly. The government appealed, but in June it lost: Since his ISP agreement did not include giving the ISPs access to his email content as an everyday matter of business, the U.S. Court of Appeals for the 6th Circuit concluded that Warshak had a reasonable expectation of privacy.
The upshot of the ruling is that under most circumstances your stored email is safe from the government’s eyes. It’s fair game for searches only 1) with a traditional warrant, if there’s probable cause; 2) via a subpoena or subpoena-like method, if there’s reasonable suspicion, where the email writer knows beforehand and has an opportunity to challenge the subpoena; or 3) if the ISP’s typical business practices or agreements show that the target has waived any normal expectation of privacy.