The bill also provides greater legal protections for Internet providers, such as AOL or Microsoft Network, to turn over information about their subscribers to government officials during computer emergencies. If companies believe "in good faith" that there is risk of death or injury to any person, they can turn over details about customers — even their e-mails — without a warrant.The problem here is the same as the problem with any sort of legislation like this... mission creep and the slippery slope. Right now it's just being applied to terrorism, but it doesn't take much of a stretch of the imagination to imagine that the "injury" aspect could be defined any which way. Indeed, depending on the definition of terrorism here- and the one being used right now is pretty expansive- this could include not just real terrorist groups but NGOs, protest groups, and even (in the nightmare scenario) enemies and critics of whichever regime happens to be running the show right now, whether left or right.
Another part of the Homeland Security bill gives U.S. authorities new power to trace e-mails and other Internet traffic during cyber-attacks without first obtaining even perfunctory court approval. That could only happen during "an immediate threat to national security," or during an attack against a "protected computer." Prosecutors would need to obtain a judge's approval within 48 hours.Again, the problem is definition of what is a "protected computer" or "a threat to national security". That latter category has been used as a blanket to cover up all sorts of awfulness all around the world, including in the U.S... who's to say that an unscrupulous prosecutor and a pliant judge couldn't get at all the email they wish?
Experts have noted that U.S. law considers as "protected" nearly any computer logged onto the Internet
PGP is starting to look real good right about now.