Congress has passed some pretty good legislation, mostly in the form of the Digital Millenium Copyright Act, found in the United States Code here, although wiki has far more comprehesible coverage here (especially of the notice and take-down provisions), which protects people who own a site where others comment or leave messages from being vicariously liable for the torts of others. You can look at all the ins and outs of the law yourself, but the point is really that we don't make people liable for the actions of others unless 1) they knew (or had reason as to why they should have known) of the offending activity, and 2) they were able to stop it or remedy it in a timely fashion and did not do so. Some basic definitions on the concept of being liable for the acts of others generally are found here and here.

It seems like the statute I quoted above is fairly workable. Society moves on, the Internet fourishes, and if it doesn't work that's a pity, someone lost some money. So...end of post, right?

No. Because now we come to the Global War on Terror. Now we must consider that the consequences of a lack of action goes beyond someone being defamed or someone spending 6 months dealing with a credit card that they never actually opened. Now the possibilities of WMDs in briefcases, sarin in the subways, or enough conventional explosives in the right place in a nuclear reactor make us less sanguine about missing the data. Dead people can't post their opinion on a forum.

If terrorists are organizing their activities over the Internet, is that information public or private? Keep in mind the GWoT is different than any other large-scale conflict before it due to the ultimate importance of intelligence in military operations. In conventional warfare intelligence is an edge. In assymetrical warfare, you can't even fight without it, because you can't find the enemy.

If someone has something on their hard drive, that's their place, their home, their "reasonable expectation of privacy" (the key phrase for when probable cause is needed, usually met with a warrant but not necessarily), and thus the 4th Amendment says going in there without probable cause is unreasonable, and therefore not allowed.

Ah, but when you send something from your computer to your friend's computer, is there a reasonable expectation of privacy? It gets copied and broken up into packets and reassembled several times along the way. backups of your email or file exist as ghosts in cyberspace for a while. Is there a "reasonable expectation of privacy" for those electronic ghosts? Does it matter whose servers they are on?

I have no real conclusions to offer, just some food for thought. Here are some morsels.

A lawyer is subject to professional discipline which can include fines and loss of a license to rpactcie law for violating client confidentiality. Is sending sensitive client information via email confidential enough? Some thoughts on the subject here, here, here, and also here

Canada has stricter legsilation and a stronger constitutional basis for privacy issues than does our Federal Constitution, how are they dealing with internet surveillance? With great trepidation.

If the IP address tells me that someone in your building of thousands of computers tried to or did in fact damage me, can I sue you for all of your proprietary business information about shifts and locations of workers? Keep an eye on this case.

There's also a nicely detailed paper about how the DMCA was working in the pre-9/11 world here.