Cybertelecom
Cybertelecom
Federal Internet Law & Policy
An Educational Project

ECPA Reference

Fourth Amendment
- History
- - Colonial Roots
- - Olmstead
- - Katz

ECPA
- T1: Wiretap Act
- T2: Stored Comm Act
- T3: Pen Register Act
- Rule by Exception
- - Privacy
- - Consent
- - Court Order
- - Service Providers
- - - Network Ops
- - - Protection
- - - Accident
- - - Hackers
- - - Child Protection
- - Emergency
- - Law Enforcement
- - - Natl Sec Letters
- - - Preservation
- - - Carnivore
- - - CALEA
- - - FISA
- Stored Content
- Transactional
- Subscriber Info
- Enforcement
- Cost Recovery
- Definitions
- Reference
- Privacy

Cybersecurity
- Agencies
- - White House
- - DHS
- - NIST
- - NTIA
- - FCC
- Reference
- Cryptography

Crimes Against Network
- Worms, Viruses, Attacks
- Hackers
- DOS
- Wireless Malware
- WiFi Security
- Cyberwar
- Network Reliability
- Infrastructure Protection
- - Kill Switch

Crimes Over Network
- CyberStalking
- Fraud
- - Auctions
- - Phishing
- Gambling
- Hoaxes
- ID Theft
- Offensive Words

Info Gathering
- Wiretaps
- CALEA
- ECPA
- FISA
- Forensics
- Carnivore
- Patriot Act
- Data Retention
- Safe Web Act

Emergency
- EAS
- Assessment
- Reliability
- Vulnerabilities

Law

Electronic Communications Privacy Act (ECPA)

  • Legislative History
    • Electronic Communications Privacy Act of 1986, S. 2575, 99th Cong. (1986)
    • H.R. Rep. No. 103-827, at 10, 17, 31 (1994), reprinted in 1994 U.S.C.C.A.N. 3489, 3490, 3497, 3511
    • Electronic Communications Privacy Act of 1986, S. 2575, 99th Cong. (1986)
    • 132 Cong. Rec. S14,441 (Oct. 1, 1986).
    • 132 Cong. Rec. S7,991 (June 19, 1986).
    • 132 Cong. Rec. H4,039 (June 23, 1986).
    • House Comm. on the Judiciary, Electronic Communications Privacy Act of 1986, H.R. Rep. No. 99-647, 99th Cong., 2d Sess. (1986)
    • S Rep. 99--541 (1986) reprinted in 1986 USCCAN 3555 (referencing Brandeis dissent from Olmstead)
      • "A letter sent by first class mail is afforded a high level of protection against unauthorized opening by a combination of constitutional provisions, case law, and the US Postal Service statutes and regulations. Voice communications transmitted via common carrier are protected by title III of the Omnibus Crime Control and Safe Streets Act of 1969. But there are no comparable Federal statutory standares to protect privacy and security of communications transmitted by new noncommon carrier communications services or new forms of telecommunications and computer technology." p. 5 / p. 3559
    • S. 1667, 99th Cong. (1985), reprinted in 131 Cong. Rec. S11,795 (Sept. 19, 1985) (HR 3378 by Rep. Kastenmeier and Morehead - identical)
    • Federal Government Information Technology: Electronic Surveillance and Civil Libertiespdf (Washington, DC: U.S. Congress, Office of Technology Assessment, OTA- CIT-293, October 1985).
  • 18 U.S.C. § 2511(2)(g) : no expectation of privacy for public radio transmissions, ship or vehicle radio, distress radio transmissions, government radio, amateur or CB radio, radio transmissions causing harmful interference.

Caselaw

  • Supreme Court
    • City of Ontario v. Quon, 130 S. Ct. 2619, 2624 (2010) (considering whether the Fourth Amendment protects —text messages sent and received on a pager [an] employer owned and issued to an employee?)
      • "Rapid changes in the dynamics of communication and information transmission are evident not just in the technology itself but in what society accepts as proper behavior.. . . Cell phone and text message communications are so pervasive that some persons may consider them to be essential means or necessary instruments for self-expression, even self- identification. That might strengthen the case for an expectation of privacy. On the other hand, the ubiquity of those devices has made them generally affordable, so one could counter that employees who need cell phones or similar devices for personal matters can purchase and pay for their own. " Quon, 130 S. Ct. at 2629–30.
      • "The judiciary risks error by elaborating too fully on the Fourth Amendment implications of emerging technology before its role in society has become clear. In Katz, the Court relied on its own knowledge and experience to conclude that there is a reasonable expectation of privacy in a telephone booth. It is not so clear that courts at present are on so sure a ground. Prudence counsels caution before the facts in the instant case are used to establish far-reaching premises that define the existence, and extent, of privacy expectations enjoyed by employees when using employer-provided communication devices." at 2629
    • Kyllo v. United States, 533 U.S. 27, 29 (2001) (considering —whether the use of a thermal-imaging device aimed at a private home from a public street to detect relative amounts of heat within the home constitutes a ?search‘ within the meaning of the Fourth Amendment)
      • "obtaining by sense-enhancing technology any information regarding the interior of the home that could not otherwise have been obtained without physical —intrusion into a constitutionally protected area,? constitutes a search—at least where (as here) the technology in question is not in general public use. This assures preservation of that degree of privacy against government that existed when the Fourth Amendment was adopted." p. 34.
    • Richards v. Wisconsin, 520 U.S. 385, 391 (1997) (Fourth Amendment and exigent circumstances)
    • Wilson v. Arkansas, 514 U.S. 927, 936 (1995) (Fourth Amendment and exigent circumstances)
    • Ortega, 480 U.S. at 715 (“We have no talisman that determines in all cases those privacy expectations that society is prepared to accept as reasonable.”)
    • Oliver v. United States, 466 U.S. 170, 179 (1984) (a workplace computer simply “do[es] not provide the setting for those intimate activities that the [Fourth] Amendment is intended to shelter from government interference or surveillance.”)
    • United States v. Karo, 104 S. Ct. 3296 (1984)– "using a beeper to trail a container into a house and “to keep in touch with it inside the house” did violate the fourth amendment."
    • Illinois v. Andreas, 463 US 765 (1983)
    • United States v. Knotts, 103 S. Ct. 1081 (1983) "warrantless monitoring of a beeper is not a search and seizure under the fourth amendment because there is no reasonable expectation of privacy as the movements tracked are public."
    • Smith v. Maryland, 442 U.S. 735 (1979)
    • United States v. Caceres, 440 U.S. 741 (1979)
    • Smith v. Maryland, 442 U.S. 735 (1979) individuals do not have an expectation of privacy in phone numbers and therefore the Fourth Amendment does not apply.
    • United States v. New York Telephone Co., 434 U.S. 159 (1977) "Court held that to be covered by Title III, a communication must be capable of being overheard."
    • United States v. Miller, 425 U.S. 435 (1976) (no expectation of privacy in bank records of financial dealings)
    • United States v. White, 401 U.S. 745 (1971)
    • Berger v. New York, 388 U.S. 41 (1967)
    • Katz v. US, 389 US 347 (1967) (overturned Olmstead, Fourth Amendment applies to people, not places - Fourth Amendment applies to telephone calls where there is an expectation of privacy)
    • Silverman v. United States, 365 U.S. 505 (1961) ("the Fourth Amendment did reach the government’s physical intrusion upon private property during an investigation, as for example when they drove a “spike mike” into the common wall of a row house until it made contact with a heating duct for the home in which the conversation occurred")
    • Mapp v. Ohio, 367 U.S. 643 (1961)
    • On Lee v. United States, 343 U.S. 747 (1952) ("the absence of a physical trespass precluded Fourth Amendment coverage of the situation where a federal agent secretly recorded his conversation with a defendant held in a commercial laundry in an area open to the public")
    • Goldman v. United States, 316 U.S. 129, 62 S. Ct. 993, 86 L. Ed. 1322 (1942)
    • Olmstead v. United States, 277 U.S. 438 (1928) (telephone calls not protected by Fourth Amendment)
    • Ex parte  Jackson, 96 U.S. 727 (1877). (“the right of the people to be secure in their papers against unreasonable searches and seizures extends to their papers, thus closed against inspection, wherever they may be.  Whilst in the mail, they can only be opened and examined under like warrant, issued upon similar oath or affirmation, particularly describing the thing to be seized, as is required when papers are subjected to search in one's own household”)
    • Boyd v. U.S., 116 U.S. 616 (1886).
  • Appellate Court
    • Doe v Ashcroft, 334 F.Supp.2d 471 (S.D.N.Y. 2004), vac’d and remanded, 449 F.3d 415 (2d Cir. 2006), after remand, 500 F.Supp.2d 379 (S.D.N.Y. 2007), aff’d in part, rev’d in part and remanded, 549 F.3d 861 (2d Cir. 2008), after remand, ____ F.Supp.2d ____ (2009 WL 2432320)(S.D.N.Y. Aug. 5, 2009) (Patriot Act NSL Letters)
    • United States v. Perrine, 518 F.3d 1196, 1202 (10th Cir. 2008) the “specific and articulable facts” standard of 2703(d) “derives from the Supreme Court’s decision in [Terry v. Ohio, 392 U.S. 1 (1968)].”
    • Warshak v. USPDF, 532 F.3d 521 (6th Cir . 2008), rehearing en banc (reversing previous decision, the standard that applies to government access to email "will turn in part on the expectations of privacy that computer users have in their e-mails--an inquiry that may well shift over time, that assuredly shifts from internet-service agreement to internet-service agreement and that requires considerable knowledge about ever-evolving technologies"), 2007 WL 1730094 (6th Cir. June 18, 2007) (finding expectation of privacy in email and that disclosure of emails without a warrant violated Fourth Amendment; 2703(d) Order was not sufficient)
    • US v Forrester, (9th Cir July 6, 2007) (pen register that monitor's defendant's Internet and email activity, providing ip number and email address information, lawful as defendants "had no reasonable expectation that IP addresses and to/from lines of emails would remain private since such activity is transmitted through a third party")
    • US v. Ziegler, No. 05-30177 (9th Cir. Aug. 8, 2006)
    • Doe v Gonzales, 386 F.Supp.2d 66 (D.Conn. 2005), dism’d as moot, 449 F.3d 415 (2d Cir. 2006) (Patriot Act NSL Letters)
    • United States v. Gourde, 440 F.3d 1065, 1077 (9th Cir. 2006) (en banc) (Kleinfeld, J., dissenting)
    • United States v. Councilman
      , ___ F3d ___ (1st Cir. Aug 11, 2005) (rehearing en banc)
      • "the purpose of the broad definition of electronic storage was to enlarge privacy protections for stored data under the Wiretap Act, not to exclude e-mail messages stored during transmission from those strong protections. Moreover, Congress's sole purpose in adding electronic storage to the definition of "wire communication" was to protect voice mail, and not to affect e-mail at all." Slip at 18.
      • 373 F3d 197, 201-03 (1st Cir 2004) (holding that copying emails at the server level was not an interception and citing with approval circuit court decisions requiring interception to be contemporaneous with transmission. Relied on Konop)
      • United States v. Councilman , 245 F. Supp. 2d 319, 320 (D. Mass. 2003) (definition of electronic communications is “extraordinarily – indeed, almost breathtakingly – broad”).
      • Taking counsel from Councilman: E-mail message in transient electronic storage is an "electronic communication" under the ECPA, Internet Cases 9/2/2005
    • United States v. Caymen, 404 F.3d 1196, 1199 (9th Cir. 2005)
    • Biby v. Bd. of Regents, 419 F.3d 845, 850-51 (8th Cir. 2005) (holding that no reasonable expectation of privacy existed where a policy
      reserved the employer’s right to search an employee’s computer for a legitimate reason)
    • Hall v. EarthLink Network, Inc., 396 F.3d 500, 503 n.1 (2d Cir. 2005) (rejecting arguments that "communication over the Internet can only be electronic communication while it is in transit, not while it is in electronic storage").
    • Theofel v. Farey-Jones, 359 F.3d 1066 (9th Cir. 2004)
    • United States v. Thorn, 375 F.3d 679, 683 (8th Cir. 2004), cert. granted and judgment vacated on other grounds by 543 U.S. 1112 (2005) (holding that a public agency’s computer-use policy, which prohibited accessing sexual images, expressly denied employees any personal privacy rights in the use of the computer systems, and provided the employer the right to access any computer in order to audit its use, precluded any reasonable expectation of privacy);
    • United States v. Steiger, 318 F3d 1039, 1048-49 (11th Cir 2003), cert. denied, 538 U.S. 1051 (2003)
      • "[W]e hold that a contemporaneous interception—i.e., an acquisition during 'flight'—is required to implicate the Wiretap Act with respect to electronic communications."
    • Fraser v. Nationwide Mut. Ins. Co., 352 F. 3d 107 - Court of Appeals, 3rd Circuit 2003 ( email in storage is not in transit and therefore cannot be "intercepted" under the Wiretap Act; no liability under the Stored Communications Act, noting under 18 U.S.C. § 2701(c)(1) that an ECS is not barred from accessing stored communications).
      • Fraser v. Nationwide Mut. Ins. Co., 135 F.Supp.2d 623 (E.D.Pa 2001)
    • United States v. Shryock, 342 F.3d 948, 978 (9th Cir. 2003).
    • Blumofe v. Pharmatrak, Inc. (In re Pharmatrak Privacy Litig.), 329 F.3d 9, 21 (1st Cir. 2003) (a rigid "storage-transit dichotomy . . . may be less than apt to address current problems")
    • United States v. Angevine, 281 F.3d 1130, 1133-35 (10th Cir. 2002) (holding that the employer’s computer-use policy, which included monitoring and claimed a right of access to equipment, and the employer’s ownership of the computers defeated any reasonable expectation of privacy)
    • Konop v. Hawaiian Airlines, Inc., 302 F3d 868, 878 (9th Cir 2002), cert. denied, 537 U.S. 1193 (2003)("We therefore hold that for a website such as Konop's to be 'intercepted' in violation of the Wiretap Act, it must be acquired during transmission, not while it is in electronic storage.")
      • Reinhardt, J., concurring in part, dissenting in part) ("I dissent, however, from Part B of Section I, which holds that the term 'intercept' in the Wiretap Act, as applied to electronic communications, refers solely to contemporaneous acquisition.").
      • Konop v Hawaiian Airlines, No. 99-55106 9th Cir January 8, 2001
    • Muick v. Glenayre Electronics, 280 F.3d 741 (7th Cir. 2002)
      • 743 (“Glenayre had announced that it could inspect the laptops that it furnished for the use of its employees, and this destroyed any reasonable expectation of privacy . . . .”)
      • 743] “[T]he abuse of access to workplace computers is so common (workers being prone to use them as media of gossip, titillation, and other entertainment and distraction) that reserving a right of inspection is so far from being unreasonable that the failure to do so might well be thought irresponsible.”
    • United States v. Silva, 247 F.3d 1051, 1055 (9th Cir. 2001) (noting that “[t]he reasonableness of an expectation of privacy is evaluated . . . ‘[by reference] to understandings that are recognized and permitted by society’ ” (quoting Rakas v. Illinois, 439 U.S. 128, 143 n.12 (1978)))
    • Guest v. Leis, 255 F.3d 325 (6th Cir. 2001)
    • U.S. v. Smith, 155 F.3d 1051 (9th Cir. 1998)
    • Organizacion JD Ltda. v. United States Dep't of Justice, 124 F.3d 354, 359-61 (2d Cir. 1997) (discussing the scope of the word "customer" as used in the SCA)
    • United States v. Pervaz, 118 F.3d 1 (1st Cir. 1997).
    • Davis v. Gracey, 111 F.3d 1472 (10th Cir. 1997).
    • Reynolds v. Spears, 93 F.3d 428, 432-33 (9th Cir. 1996)
    • Tucker v. Waddell, 83 F.3d 688, 693 (4th Cir. 1996) ("[T]he language of § 2703(c) does not prohibit any governmental conduct, and thus a governmental entity may not violate that subsection by simply accessing information improperly")
    • United States v. Gaytan, 74 F.3d 545 (5th Cir. 1996)
    • United States v. Fregoso, 60 F.3d 1314, 1320 (8th Cir. 1995) ("The judicial role in approving use of trap and trace devices is ministerial in nature.").”
    • Steve Jackson Games v. U.S. Secret Service, 36 F.3d 457 (5th Cir. 1994) (ECPA is "famous (if not infamous for its lack of clarity.")
    • United States v. Bianco, 998 F.2d 1112 (2d Cir. 1993), cert. denied, 114 S. Ct. 1644 (1994)
    • United States v. Herring, 993 F.2d 784 (11th Cir. 1993) (en banc)
    • United States v. Mullins, 992 F.2d 1472, 1478 (9th Cir. 1993), cert. denied, 509 US 905 (1993) (airline that provides travel agents with computerized travel reservation system accessed through separate computer terminals can be a provider of electronic communication service).”
    • United States v. Petti, 973 F.2d 1441 (9th Cir. 1992), cert. denied, 113 S.Ct. 1859 (1993)
    • United States v. Villegas , 899 F.2d 1324, 1337 (2d Cir. 1990) (law enforcement officers must show “good reason” for delayed notice).
    • Nabozny v. Marshall, 781 F.2d 83 (6th Cir.), cert. denied, 476 U.S. 1161 (1986) (kidnapping and extortion scenario constituted an emergency situation).
    • United States v. Seidlitz, 589 F.2d 152, 158 (4th Cir. 1978), cert. denied, 441 U.S. 922 (1979) (owner of computer is a party to the communication and can consent to government monitoring)
    • Hodge v. Mountain States Tel. & Tel. Co., 555 F. 2d 254 - Court of Appeals, 9th Circuit 1977
  • District Court
    • Brooks v. AM RESORTS, LLC, Dist. Court, ED Pennsylvania 2013
    • SHEFTS v. PETRAKIS, Dist. Court, CD Illinois 2013
    • Loucks v. Illinois Institute of Technology, Dist. Court, ND Illinois 2012
    • Cheng v. Romo, Dist. Court, D. Massachusetts 2012
    • IN RE INNOVATIO IP VENTURES, LLC PATENT LITIGATION, Dist. Court, ND Illinois 2012 (intercepting WiFi is not a violation of the Wiretap Act)
    • In re Google Inc. Street View Electronic Communications Litigation No. C 10-MD-02184 JW. United States District Court, N.D. California, San Francisco Division. June 29, 2011 (Google Motion to Dismissed ECPA Claim Denied; WiFi is not a Radio Communications in context of 18 USC 2511(g)(i) exception for interception of communications readily accessible to public)
    • Valentine v. NEBUAD, Inc. ND CA
      • Order Denying Nebuad Motion to Dismiss April 4, 2011
        • "This lawsuit arises out of a practice of tracking individuals' internet habits and harnessing that data to sell and deliver targeted advertisements based on their web browsing history. NebuAd contracted with internet service providers ("ISPs") to install devices on their networks that monitored ISP subscribers' internet activity and transmitted that data to NebuAd's California headquarters for analysis. That data was used to sell advertising tailored to subscribers' interests, which appeared in place of more generic advertisements on web pages visited by subscribers. The advertising profits were split by NebuAd and its ISP partners.
        • "Plaintiffs are ISP customers who allege their online activities were monitored during trials of this technology by NebuAd and the six ISPs to which they subscribed ("ISP Defendants").
        • "In the meantime, on May 13, 2009, NebuAd's board of directors executed an assignment for the benefit of creditors ("ABC"), a business liquidation device under California law that is an alternative to bankruptcy proceedings. NebuAd's counsel moved to withdraw and to stay proceedings on May 18, arguing that they could not continue to represent NebuAd because there was effectively — due to the ABC — no client left to represent.
        • " Plaintiffs bring claims for violation of the federal Electronic Communications Privacy Act of 1986 ("ECPA"), 18 U.S.C. § 2510 et seq. (Count I); California's Computer Crime Law ("CCCL"), Cal. Pen. Code § 502 (Count II); the federal Computer Fraud and Abuse Act, 18 U.S.C. § 1030 (Count III); and California's Invasion of Privacy Act ("CIPA"), Cal. Pen. Code § 630 et seq. (Count IV). Plaintiffs also assert a claim for unjust enrichment (Count VII).
      • See Network Neutrality & ECPA
    • Crispin v. Christian Audigier, Inc., 717 F. Supp. 2d 965 (CD Ca 2010) (holding Stored Communication Act applies to Facebook messaging and may apply to Facebook wall posts given certain privacy settings)
    • Chasten v. Franklin, 2010 U.S. Dist. LEXIS 113284 (N.D. Cal. October 14, 2010). The U.S. District Court for the Northern District of California quashed a subpoena for emails sent or received from the defendant?s email account because it violated the Stored Communications Act (SCA).
    • Mortensen v. BRESNAN COMMUNICATION, LLC, Dist. Court, D. Montana 2010
    • In re An Application of the United States of America for an Order Authorizing the Release of Historical Cell-Site Information, 10-MJ-0550, Memorandum and Order (EDNY Aug. 27, 2010) (denying request for an order pursuant to the SCA directing a telephone company " to disclose, with respect to all calls and text messages to and from a certain mobile telephone over a period of 58 days, all "recorded information identifying the base station towers and sectors that received transmissions from" that telephone)
    • Cardinal Health 414 v. Daniel Adams et al., Case No. 3:07-00691 (M.D. Tenn., Oct. 10, 2008)
    • Hepting v. AT&T, EFF case against networks for illegal wiretapping at the request of the NSA
    • United States v. LongPDF, U.S. Court of Appeals for the Armed Forces No. 05-5002, September 27, 2006 (supressing email, finding expectation of privacy where email account was password protected and log-on banner said monitoring would take place only for administrative purposes, not legal or investigative).
    • U.S. v. Jones, 2005 WL 850991, ___ F Supp 2d ___ (DCD Utah 2005) the email in question intercepted by a private individual “may not be suppressed because §2515 does not apply to electronic communications, and there is no other applicable suppression remedy under the Wiretap Act.”.
    • Fischer v. Mt.Olive Lutheran Church , 207 F. Supp. 2d 914 (W.D. Wis. 2002) (court held that email in a Hotmail account that had been opened but remained on the Hotmail server remained “stored” communications).
    • Fraser v. Nationwide Mut. Ins. Co., 135 F.Supp.2d 623 (E.D.Pa 2001): Appealed Insurance company on its network reviewed email transmitted from one contractor to another after it had been opened. Court held that the Wiretap Act did not apply because this did not constitute an interception of a communication; the communication had already been transmitted. Furthermore, the stored communications provisions of ECPA did not apply because this was not storage incident to transmission. The email had been received, open and read. Therefore reading of email by company was not barred by ECPA. See also HR Rep. No. 99-647, at 64-65 (1986).
    • Chance v. Avenue A, Inc., 165 F.Supp.2d 1153 (W.D.Wash.2001)
    • In re Intuit Privacy Litigation, 138 F.Supp.2d 1272 (C.D.Cal.2001) (holding that accessing cookies could constitute a violation of ECPA).
    • In re Doubleclick Inc. Privacy Litigation, 154 F.Supp.2d 487, 511-12 (SDNY 2001)
    • Crowley v. Cybersource Corp., 166 F.Supp.2d 1263, 1270 (NDCa 2001) (finding that Amazon.com was a user of a network and not a ECS, rejecting plaintiff’s argument that it sends and receives messages from Amazon).
    • Hill v. MCI Worldcom , 120 F. Supp. 2d 1194 (S.D. Iowa 2000) ("concluding that the "names, addresses, and phone numbers of parties . . . called" constituted "a record or other information pertaining to a subscriber or customer of such service" for a telephone account).”
    • United States v. Allen, 53 M.J. 402, 409 (C.A.A.F. 2000) (concluding that "a log identifying the date, time, user, and detailed internet address of sites accessed" by a user constituted "a record or other information pertaining to a subscriber or customer of such service" under ECPA).”
    • United States v. Kennedy, 81 F. Supp. 2d 1103, 1109-11 (D. Kan. 2000)
      • “A Law enforcement official can not slide by with merely proposing that it has “specific and articulable facts”; the official must set them forth. “(concluding that a conclusory application for a § 2703(d) order "did not meet the requirements of the statute.").”
      • 1110 ("[S]uppression is not a remedy contemplated under the ECPA.")
    • United States v. Hambrick, 55 F. Supp. 2d 504, 507 (W.D. Va. 1999), aff'd, 225 F.3d 656, 2000 WL 1062039 (4th Cir. 2000) ("Congress did not provide for suppression where a party obtains stored data or transactional records in violation of the Act.")
    • United States v. Charles, 1998 WL 204696, at *21 (D. Mass. 1998) ("ECPA provides only a civil remedy for a violation of § 2703")
    • United States v. Barth, 26 F. Supp. 2d 929, 936-37 (W.D. Tex. 1998) (finding reasonable expectation of privacy in files stored on hard drive of personal computer)
    • McClelland v. McGrath, 31 F.Supp.2d 616 (NDIll 1998) (monitoring of telephone call must be reasonably connected with protection of service).
    • Jessup-Morgan v. America Online, Inc. , 20 F. Supp. 2d 1105 (E.D. Mich. 1998) (finding ECPA does not regulate disclosure to private individual of identity of a subscriber of an electronic communication service)
    • McVeigh v. Cohen, 983 F. Supp. 215 (DDC 1998)
    • Wasson v. Sonoma County Jr. Coll. Dist., 4 F. Supp. 2d 893, 905-06 (N.D. Cal. 1997) (holding that a policy giving the employer “the right to access all information stored on [the employer’s] computers” defeated an expectation of privacy)
    • United States v. Reyes, 922 F. Supp. 818, (S.D.N.Y. 1996)
      • 832-33 (finding reasonable expectation of privacy in data stored in a pager)
      • 837-38 ("Exclusion of the evidence is not an available remedy for this violation of the ECPA. . . . The remedy for violation of [18 U.S.C. § 2701-11] lies in a civil action.").”
    • Sega Enterprises Ltd v. MAPHIA, 948 F.Supp. 923, 930-31 (NDCal. 1996) (video game manufacturer that accessed private email stored on another company’s bulletin board service in order to expose copyright infringement was not a provider of electronic communication service)
    • Bohach v. City of Reno , 932 F.Supp. 1232, 1236 (D.Nev 1996) (city that provided pager service to its police officers can be a provider of electronic communications service)
    • United States v. Orena, 883 F. Supp. 849 (E.D.N.Y. 1995)
    • State Wide Photocopy v. Tokai Fin. Servs. Inc., 909 F.Supp. 137, 145 (SDNY 1995) (financing company that used fax machines and computers but did not provide the ability to send or receive communications was not provider of electronic communication service).
    • United States v. Lynch, 908 F. Supp. 284, 287 (D.V.I. 1995)
    • In re Application of the United States , 846 F. Supp. 1555, 1558-59 (M.D. Fla. 1994). “The court will not conduct an "independent judicial inquiry into the veracity of the attested facts."
    • United States v. Chan, 830 F. Supp. 531, 535 (N.D. Cal. 1993)
    • United States v. Villegas, 1993 WL 535013 (S.D.N.Y. December 22, 1993)
    • United States v. Blas, 1990 WL 265179, at *21 (E.D. Wis. Dec. 4, 1990) ("[A]n individual has the same expectation of privacy in a pager, computer, or other electronic data storage and retrieval device as in a closed container.").”
    • United States v. Crouch, 666 F. Supp. 1414 (N.D. Cal. 1987)(wiretap evidence suppressed because there was no imminent threat of death or serious injury)
  • State Courts
  • Blue Box Cases
  • British (Colonial era) Cases
    • Wilkes v. Woods, 19 Howelll's State Trials 1153 (1763)
    • Entick v. Carrington , 19 Howell's State Trials 1029 (1765)
    • Samanyse case, 5 Coke’s Rep 91a, 77 Eng. Rep. 194 (K.B. 1604) (a man's house is his castle)

State Law

Derived From: CRS 2003 Appendix I: State Statutes Outlawing the Interception of Wire(w), Oral(o) and Electronic Communications(e)

  • Alabama: Ala.Code §§13A-11-30 to 13A-11- 37(w/o);
  • Alaska: Alaska Stat. §§42.20.300 to 42.20.390(w/o/e);
  • Arizona: Ariz.Rev.Stat.Ann. §§13-3001 to 13- 3009(w/o/e);
  • Arkansas: Ark.Code §5-60-120(w/o/e);
  • California: Cal.Penal Code §§631(w), 632(o), 632.7(e);
  • Colorado: Colo.Rev.Stat. §§18-9-301 to 18-9- 305(w/o/e);
  • Connecticut: Conn.Gen.Stat.Ann. §§53a-187 to 53a-189(w/o);
  • Delaware: Del.Code tit.11 §2402(w/o/e);
  • Florida: Fla.Stat.Ann. §934.03(w/o/e);
  • Georgia: Ga.Code §16-11-62 (w/o/e);
  • Hawaii: Hawaii Rev.Stat. §§803-41, 803- 42(w/o/e);
  • Idaho: Idaho Code §18-6702(w/o);
  • Illinois: Ill.Comp.Stat.Ann. ch.720 §5/14- 2(w/o/e);
  • Indiana: Ind.Code Ann. §35-33.5-5-5(w/e);
  • Iowa: Iowa Code Ann. §808B.2(w/o/e);
  • Kansas: Kan.Stat.Ann. §21-4001(w/o); 21- 4002(w);
  • Kentucky: Ky.Rev.Stat. §§526.010, 526.020(w/o);
  • Louisiana: La.Rev.Stat.Ann. §15:1303(w/o/e);
  • Maine: Me.Rev.Stat.Ann. ch.15 §§710(w/o);
  • Maryland: Md.Cts. & Jud.Pro.Code Ann. §10- 402(w/o/e);
  • Massachusetts: Mass.Gen.Laws Ann. ch.272 §99(w/o);
  • Michigan: Mich.Comp.Laws Ann. §§750.539c(o); 750.540(w);
  • Minnesota: Minn.Stat.Ann. §626A.02(w/o/e);
  • Mississippi: Miss.Code §41-29-533(w/o/e)
  • Missouri: Mo.Ann.Stat. §542.402 (w/o);
  • Montana: Mont.Code Ann. §45-8-213(w/o/e);
  • Nebraska: Neb.Rev.Stat. §86-702(w/o);
  • Nevada: Nev.Rev.Stat. §§200.620(w), 200.650(o);
  • New Hampshire: N.H.Rev.Stat.Ann. §570-A:2 (w/o);
  • New Jersey: N.J.Stat.Ann. §2A:156A-3(w/o);
  • New Mexico: N.M.Stat.Ann. §30-12-1(w);
  • New York: N.Y.Penal Law §250.05(w/o/e);
  • North Carolina: N.C.Gen.Stat. §15A-287(w/o/e);
  • North Dakota: N.D.Cent.Code §§12.1-15-02 (w/o);
  • Ohio: Ohio Rev.Code §2933.52 (w/o/e);
  • Oklahoma: Okla.Stat.Ann. tit.13 §176.3 (w/o/e);
  • Oregon: Ore.Rev.Stat. §§165.535 to 165.545 (w/o/e);
  • Pennsylvania: Pa.Stat.Ann. tit.18 §5703 (w/o/e);
  • Rhode Island: R.I.Gen.Laws §§11-35-21(w/o/e);
  • South Dakota: S.D.Cod.Laws §23A-35A-20 (w/o);
  • Tennessee: Tenn.Code Ann. §39-13-601(w/o/e);
  • Texas: Tex.Penal Code. §§16.01 to 16.04 (w/o/e);
  • Utah: Utah Code Ann. §§77-23a-4, 77-23b-2 to 77-23b-4(w/o/e);
  • Virginia: Va.Code §19.2-62(w/o/e);
  • Washington: Wash.Rev.Code Ann. §9.73.030(w/o);
  • West Virginia: W.Va.Code §62-1D-3(w/o/e);
  • Wisconsin: Wis.Stat.Ann. §968.31(w/o/e);
  • Wyoming: Wyo.Stat. §7-3-702(w/o/e);
  • District of Columbia: D.C.Code §23-542(w/o).

Government Activity

Papers

  • Madhani, Bijan, Upgrading the Stored Communications Act, the 1980's Answer to the 21st Century's Problems (April 30, 2013). Available at SSRN: http://ssrn.com/abstract=2285729 or http://dx.doi.org/10.2139/ssrn.2285729
  • Susan Freiwald. "Cell Phone Location Data and the Fourth Amendment: A Question of Law, Not Fact" Maryland Law Review 70 (2011): 677.

  • ECPA: Principles for Reform Legal analysis by Becky Burr. Digital Due Process Coalition
  • Jones Telecommunications and Multimedia Encyclopedia ECPA Electronic Communications Privacy Act
  • NANOG:  ISPs and Federal Privacy Law: Everything You Need to Know About the Electronic Communications Privacy Act, Mark Eckenweiler, US DOJ Powerpoint HTML
  • AOL Legal Department
  • What Is The Electronic Communications Privacy Act ("ECPA")
  • Prof. Orin Kerr
    • Kerr, Orin S., The Next Generation Communications Privacy Act (July 29, 2013). University of Pennsylvania Law Review, Forthcoming; GWU Law School Public Law Research Paper No. 2013-80.
    • Kerr, Orin S., Applying the Fourth Amendment to the Internet: A General Approach (February 23, 2009). Stanford Law Review, Forthcoming. Available at SSRN .
    • Orin S. Kerr , Searches and Seizures in a Digital World, SSRN 4/8/2005
    • Kerr, Orin S., A User's Guide to the Stored Communications Act, and a Legislator's Guide to Amending It. George Washington Law Review, 2004.
    • Orin S. Kerr, Internet Surveillance Law After the USA Patriot Act: The Big Brother that Isn't, 97 Nw. U. L. Rev. 607, 613-14 (2003)
    • Orin Kerr, Lifting the “Fog” of Internet Surveillance: How a Suppression Remedy Would Change Computer Crime Law, 54 HASTINGS L.J. 805 (2003) (“The law of electronic surveillance is famously complex, if not entirely impenetrable.”)
    • Orin S. Kerr,  Internet Surveillance Law After the USA Patriot Act: The Big Brother that Isn't,  97 Nw. U.L.Rev. 607, 613-14 (2003)
  • Paul Ohm, When Network Neutrality Met Privacy , Communications of the ACM, Vol. 53, No. 4, p. 30 (2010)
  • Kevin Werbach,  ECPA Reform and the Revolution in Cloud Computing , Testimony Before the House Judiciary Committee, September 23, 2010
  • Plourde-Cole, Haley, Back to Katz: Reasonable Expectation of Privacy in the Facebook Age (December 31, 2010). Fordham Urban Law Journal, Vol. 38, 2010.
  • John Palfrey, “The Public and the Private at the United States Border with Cyberspace,” Mississippi Law Journal, (2008), 78 Miss. L.J. 241, 242
  • Patricia L. Bellia, The Memory Gap in Surveillance Law, 75 U. Chi. L. Rev. 137 (2008).
  • Gellis, Catherine R., Copysense and Sensibility: How the Wiretap Act Forbids Universities from Using P2P Monitoring Tools. Boston University Journal of Science & Technology Law, Vol. 12, p. 340, 2006. ("this paper argues that the Wiretap Act’s sanction against interception extends to Internet communications as well. As such, use of CopySense, or any similar tool, amounts to an illegal invasion of communications privacy.")
  • Gellis, Catherine R., Copysense and Sensibility: How the Wiretap Act Forbids Universities from Using P2P Monitoring Tools . Boston University Journal of Science & Technology Law, Vol. 12, p. 340, 2006. Available at SSRN: http://ssrn.com/abstract=968700
  • Joy Liebesman, The Potential Effects of United States v. Councilman on the Confidentiality of Attorney-Client E-Mail Communications, 18 Geog. J. Legal Ethics 893 (2005).
  • Peter Swire, Katz is Dead. Long Live Katz., SSRN 2/18/2004
  • Yonatan Lupu, The Wiretap Act and Web Monitoring: A Breakthrough for Privacy Rights? , 9 VA. J.L. & TECH. 3, 9 (2004)
  • Deirdre K. Mulligan, Reasonable Expectations in Electronic Communications: A Critical Perspective on the Electronic Communications Privacy Act, 72 GEO. WASH. L. REV. 1557, 1558 (2004)
  • Susan Freiwald, Online Surveillance: Remembering the Lessons of the Wiretap Act, 56 AL. L. REV. 9, 15 (2004)
  • Yonatan Lupu, The Wiretap Act and Web Monitoring: A Breakthrough for Privacy Rights?PDF, 9 VA. J.L. & TECH. 3 (2004)
  • Robert A. Pikowsky, An Overview of the Law of Electronic Surveillance Post September 11, 2001, 94 Law Libr. J. 601 (2002)
  • Brad Ney, Law Clerk, Bricker & Eckler LLP, July 2000
  • Lieutenant Colonel LeEllen Coacher,  Permitting Systems Protection Monitoring: When the Government Can Look and What It Can See,  46 A.F. L.Rev. 155, 171-74 (1999)
  • Tatsuya Akamine, Note, Proposal for a Fair Statutory Interpretation: E-mail Stored in a Service Provider Computer Is Subject to an Interception Under the Federal Wiretap Act, 7 J.L. Pol'y 519, 521-29, 561-68 (1999) (criticizing the judiciary's interpretation of the ECPA).
  • CDT Communications Privacy in the Digital Age June 1997
  • James X. Dempsey, Communications Privacy in the Digital Age: Revitalizing the Federal Wiretap Laws to Enhance Privacy, 8 ALB. L.J. SCI. & TECH. 65, 69 (1997)
  • Jarrod J. White, E-Mail @ Work.com: Employer Monitoring of Employee E-Mail, 48 Ala. L.Rev. 1079, 1083 (1997)
  • Matthew W. Finkin, Employee Privacy, American Values, and the Law, 72 CHI.-KENT L. REV. 221, 226 (1996) (“[T]o the extent the reasonableness of the legitimate expectation of privacy is determined on objective grounds, it would rest upon employer policies, practices, or assurances in the matter . . . . [T]his bids fair to eviscerate any claim to privacy at all.” (citation omitted))
  • Thomas R. Greenberg, E-Mail and Voice Mail: Employee Privacy and the Federal Wiretap Statute, 44 Am. U.L.Rev. 219, 249 (1994) ("Thus, the limitations imposed on employer interceptions of wire and electronic communications vanish once the same communication is in storage. Accordingly, in order to avoid Title III liability, an employer need only access employee communications once they have been stored.")
  • Ruel Torres Hernández, ECPA and Online Computer Privacy, 41 Fed. Comm. L.J. 17, 39 (1988-1989) ("In other words, there simply is no ECPA violation if the person or entity providing a wire or electronic communication service intentionally examines everything [in storage] on the system, whether or not it is for the purpose of a quality control check.")
  • Russell S. Burnside, The Electronic Communications Privacy Act of 1986: The Challenge of Applying Ambiguous Statutory Language to Intricate Telecommunications Technologies, 13 Rutgers Computer & Tech. L.J. 451 (1987).
  • Ruel T. Hernandez, ECPA and Online Computer Privacy, 41 F.C.L.J. 17 (1987)

Bluebox Cases

  • Appellate Cases
    • United States v. Foster , 580 F. 2d 388 - Court of Appeals, 10th Circuit 1978
    • United States v. Cornfeld , 563 F. 2d 967 - Court of Appeals, 9th Circuit 1977 (affirming, holding facts of case at hand are indistinguishable from Goldstein).
    • United States v. Bowler , 561 F. 2d 1323 - Court of Appeals, 9th Circuit 1977
    • United States v. Manning , 542 F. 2d 685 - Court of Appeals, 6th Circuit 1976 (telephone company investigating use of Blue Box by defendant was not acting as govt agent)
    • U. S. v. Goldstein , 532 F.2d 1305 (9th Cir. 1976) (concluding that placing a fraud documentation device on the telephone line which recorded the presence of the 2600 MHz tone and the salutations of the parties fall within the § 2511 exception)
    • United States v. Auler, 539 F. 2d 642, 646 - Court of Appeals, 7th Circuit 1976
    • United States v. Harvey , 540 F. 2d 1345 - Court of Appeals, 8th Circuit 1976 (affirming that 6 week monitoring of defendant's use of a blue-box was not a violation of ECPA, where the monitoring was narrowly tailored to advance the investigation, recorded only the preliminary aspect of the call, and non-blue box call data was not listened to and was destroyed)
    • United States v. Auler, 539 F. 2d 642, 646 - Court of Appeals, 7th Circuit 1976
    • United States v. Freeman , 524 F.2d 337, 340-41 (7th Cir. 1975), cert. denied, 424 U.S. 920, 96 S.Ct. 1126, 47 L.Ed.2d 327 (1976) (affirming conviction of defendant for violation of Wire Fraud Act, finding that telephone company's actions of monitoring defendant's  Blue Box  use fell withing the exception of ECPA, as did the companies disclosure to law enforcement).
    • United States v. Glanzer , 521 F. 2d 11 - Court of Appeals, 9th Circuit 1975
    • United States v. Douglas , 510 F. 2d 266 - Court of Appeals, 9th Circuit 1975
    • United States v. Clegg , 509 F. 2d 605, 613 - Court of Appeals, 5th Circuit 1975 "It is unnecessary for us at this juncture to decide whether 18 U.S.C. § 2511(2)(a) continues to allow a telephone company to divulge the entire content of illegally placed telephone calls. However, we feel that it is quite clear and we do hold that § 2511(2)(a), at a minimum,  authorizes a telephone company which has reasonable grounds to suspect that its billing procedures are being bypassed to monitor any phone from which it believes that illegal calls are being placed . If, by the use of a device similar to a TTS 176, it discovers the existence of illegal calls, § 2511(2)(a), again at a minimum, authorizes it to record, audibly, the salutations.[11] Additionally, § 2511(2)(a) allows a telephone company to divulge, at least, the existence of the illegal calls and the fact that they were completed (the salutations) to law enforcement authorities and ultimately to the courts, since such disclosures are a necessary incident to the protection of the company's property rights. As authorized disclosures, such evidence is admissible in court. 18 U.S.C. § 2517(3)."
    • Bubis v. United States , 384 F. 2d 643 - Court of Appeals, 9th Circuit 1967
  • District Cases
    • United States v. Logan , 423 F. Supp. 146 - Dist. Court, SD Illinois 1976
    • U. S. v. DeLeeuw , 368 F.Supp. 426 (D.Wis.1974)
    • United States v. Freeman , 373 F. Supp. 50 - Dist. Court, SD Indiana 1974
    • United States v. Shah , 371 F. Supp. 1170 - Dist. Court, WD Pennsylvania 1974
    • U. S. v. DeLeeuw , 368 F.Supp. 426 (D.Wis.1974) ("[T]he action taken by the telephone company security supervisor in attaching a "blue box" detector to the defendant subscriber's line, which device recorded the numbers dialed, and conversations had on such line in only those instances where a "blue box" frequency was actually applied thereto, constituted the type of nonrandom monitoring for the protection of property which is sanctioned by 18 U.S.C. § 2511(2)(a)(i)")

Books

  • Cliff Stoll, The Cuckoo’s Egg (Simon & Schuster 1989) : The twisted tale of tracking a Soviet paid spy as he hacked his way into the Lawrence Berkeley Lab, through the ARPANet, and into sensitive US Government computers, at a time when US law enforcement officials neither comprehended nor cared about an insignificant 75-cent computer intrusion.

Links

Notes

  • "The first 'data wiretap' was reportedly used to apprehend some of the principal actors in the Phonemaster case." PBS

News

Archive