Legal Bytes: E-mail and the Stored Communications Act
By John Brewer August 2004
The question of e-mail privacy is a continuing concern for many users of the Internet. Recently, the New York Times reported that the Circuit Court of Appeals in Boston ruled that “federal wiretap laws do not apply to e-mail messages if they are stored, even for a millisecond, on the computers of the Internet providers that process them – meaning that it can be legal for the government or others to read such messages without a court order.”
“The ruling was a surprise to many people, because in 1986 Congress specifically amended the wiretap laws to incorporate new technologies like e-mail. Some argue that the ruling’s implications could affect emerging applications like Internet-based phone calls and Gmail, Google’s new e-mail service, which shows advertising based on the content of a subscriber’s e-mail messages.”
Interception of messages via a wiretap is legally prohibited. Wiretaps of telephone conversations require a court order in criminal cases and cannot be used in civil cases. Wiretap laws have generally been applied to e-mails while in transit. In 1986, Congress created a new category called “stored communication.” The Stored Communications Act applied to messages that had been delivered to a recipient’s inbox but not yet read. Prosecutors have access to the inboxes with a search warrant. There are stricter standards for litigants in a civil matter. However, a different standard applies if the message is read and then left of the server of the ISP.
George Kerr of the George Washington University Law School says, “The federal statute that protects the privacy of stored Internet communications is the Stored Communications Act (SCA), passed as part of the Electronic Communications Privacy Act of 1986 and codified at 18 U.S.C. sections 2701-11. But courts, legislators, and even legal scholars have had a very hard time understanding the method behind the madness of the SCA. The statute is dense and confusing, and that confusion has made it difficult for legislators to legislate in the field, reporters to report about it, and scholars to write scholarship in this very important area.”
The 4th Amendment to the US Constitution affords protection from unreasonable searches regarding a person’s physical home. But, can the 4th Amendment be extended to the Internet, a “virtual home in cyberspace?” In general, the answer is “no” for multiple reasons. The first reason is that the architecture of the Internet makes it unclear whether Internet users can retain a “reasonable expectation of privacy” in information sent to network providers, including stored e-mails. A second reason is that the information is not sought to be obtained by a direct search of the home of the person but the subpoena is directed to a third party possessing the information. A third reason is that the ISP is a “private actor.” The private actor doctrine states that the 4th Amendment “is wholly inapplicable to a search or seizure, even an unreasonable one, made by a private individual not acting as an agent of the Government or with the participation or knowledge of any governmental official.”
Messages that have been read but remain on the computer system of the Internet service provider have little protection. Prosecutors can generally get to these messages with a simple subpoena. Litigants in civil cases also subpoena these messages.
The Boston case began in 1998 when an online bookseller offered e-mail accounts to book dealer clients. The Boston bookseller then proceeded to secretly copy e-mails received in the dealer inboxes from Amazon. Indictments resulted for wiretapping and, in 1999, the bookseller and one employee pleaded guilty to wiretapping. However, one employee of the bookseller contested the wiretapping charges. The employee alleged the e-mails were stored communications and reading a client’s stored communications does not constitute wiretapping.
The federal district court agreed and dismissed the case in 2003. In early July, 2004, the First Circuit Court of Appeals, in Boston, agreed.
The First Circuit case is in conflict with a 9th Circuit case in San Francisco. The 9th Circuit case involved an Internet service provider who responded to a civil subpoena and provided copies of 339 e-mail messages for two of its customers. The customers claimed that the subpoena was overly broad and that it violated wiretap and stored communications laws.
The 9th Circuit ruled that e-mail stored on the server of an Internet service provider is covered by the Stored Communications Act, after it has been read. The court said that the Act applies to e-mail before and after reading. The court opined, “An obvious purpose for storing a message on an ISP’s server after delivery is to provide a second copy of the message in the event that the user needs to download it again – if, for example, the message is accidentally erased from the user’s own computer.”
Thus this writer is still digesting the import of the Stored Communications Act and the apparent inconsistencies between the 1st Circuit and 9th Circuit opinions. Perhaps they are consistent and can be distinguished after further thought.
The interesting aspect of this line of thought is Google’s new service, Gmail. Apparently Google’s policy of “reading” the e-mail of its customers and directing targeted advertising to the sender (and or recipient?) may be permissible under the law. Although I am certain that Google’s “terms of use” regarding the Gmail service addresses this issue.
John Brewer practices law in Oklahoma City, is a member of the Governor’s and Legislative Task Force for E-Commerce, and enjoys issues relating to eBusiness and cyberspace. Comments and questions are welcome and can be emailed to
In accordance with Title 17 U.S.C. Section 107, this material is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. The article may contain sources for content as attributed within the article.