Another Federal Court Rules that Opened Emails are Not in “Electronic Storage” Under the Stored Communications Act

Published On June 20, 2013 | By Dan Sachs | General

EMAILEarlier this month, the U.S. District Court for the Northern District of Ohio ruled that emails stored by a provider that an intended recipient has opened and not deleted are not in “electronic storage” as defined in the Stored Communications Act (“SCA”).  Lazette v. Kulmatycki, No. 12-02416, 2013 WL 2455937 (N.D. Ohio Jun. 5, 2013).  As a result, the Court held that the SCA does not protect them against unauthorized access (18 U.S.C. § 2701). In doing so, the District Court deepens a split between courts regarding whether opened email is in “electronic storage” under the SCA, and increases the need for the Supreme Court (or ECPA reform) to resolve the split and provide certainty for ISPs.  While such a decision is probably limited to unauthorized access cases under § 2701 in the Sixth Circuit, given its ruling in United States v. Warshak, 631 F.3d 266 (6th Cir. 2010), finding that a warrant is required to compel disclosure of all email content, Courts outside the Sixth Circuit that follow Lazette may not only remove protections against unauthorized access, but also against warrantless disclosure to law enforcement.

Lazette involved allegations that a Verizon Wireless manager accessed a former employee’s Gmail account without authorization and viewed 48,000 emails over 18 months.  The plaintiff brought a claim against Verizon Wireless and the manager under § 2701 of the SCA, which prohibits unauthorized access to a facility through which an electronic communication service is provided to obtain access to a wire or electronic communication while it is in electronic storage in that system.

The defendants filed a motion to dismiss, arguing in part that opened emails in the plaintiff’s Gmail account are not in “electronic storage,” because they are not in “temporary, intermediate storage” or stored “for the purposes of backup protection.”  18 U.S.C. § 2510(17). Some courts have held that this definition includes only emails the intended recipient has not yet opened.  But other courts have taken a contrary approach, including the Ninth Circuit in Theofel v. Farey-Jones, 359 F.3d 1066 (9th Cir. 2004) (“An obvious purpose for storing a message on an ISP’s server after delivery is to provide a second copy of the message in the event that the user needs to download it again.”).  Because many national service providers are based in the Ninth Circuit, Theofel has effectively been the law of the land for many years.

Here, however, the  district court declined to follow Theofel.  It noted that its reviewing court—the Sixth Circuit—had occasion to consider Theofel in the well-known case United States v. Warshak, 631 F.3d 266 (6th Cir. 2010).  In Warshak, the Sixth Circuit held the SCA is unconstitutional to the extent that it allows the government to compel disclosure of email communications without a warrant.  The Sixth Circuit, however, refused to exclude the emails from evidence, finding that the government’s interpretation of “electronic storage” was reasonable and citing an article by Professor Orin Kerr describing Theofel as “quite implausible and hard to square with the statutory text.”  The district court thus concluded that opened, undeleted emails stored by an ECS “are not being kept ‘for the purposes of backup protection,’” and thus are not in electronic storage.

In a post last year about another case departing from Theofel, Marc Zwillinger described the uncertainty for ISPs caused by the split among authorities and the need for the Supreme Court (or ECPA reform) to resolve it.  These issues are just as pressing today.  The applicability of this particular decision is likely limited to 18 U.S.C. § 2701 unauthorized access cases because of Warshak’s warrant requirement for compelled disclosure of all emails (opened or unopened, and old or new) in the Sixth Circuit.

About The Author

Dan Sachs, ZwillGen’s inaugural Fellow, assists ZwillGen attorneys on a broad range of matters, including litigation, investigations, product counseling, regulatory compliance, and policy.

Prior to joining the firm, Dan worked at Facebook, where he assisted the Chief Privacy Officer for Policy in responding to federal, state, and international policy developments, engaging with regulators and stakeholders, and advising business units on privacy issues.

During law school, Dan was a member of the George Washington Law Review and served as a research assistant to Professor Jeffrey Rosen, focusing on U.S. and international consumer privacy and surveillance issues. He was a legal intern with ZwillGen in the summer of 2012.

Dan also worked as a legal intern with the U.S. Attorney’s Office for the District of Columbia.

Comments