Privacy Law Blog : June 2007

Home > June 2007

The Sixth Circuit Affirms Individual Expectation of Privacy in Emails

Posted on June 29, 2007 by Proskauer Rose LLP

In a decision that will significantly impact the ability of the government to access electronic communications, the United States Court of Appeals for the Sixth Circuit on June 18, 2007, affirmed a district court’s issuance of a preliminary injunction prohibiting governmental entities from obtaining Internet Service Providers’ (“ISP”) subscribers’ e-mail communications unless the subscriber first receives prior notice and an opportunity to be heard. Warshak v. United States, No. 06-4092 (6th Cir. 2007). The Court found unconstitutional the Stored Communications Act (“SCA”) provisions allowing Government seizure of such communications without prior subscriber notice, because the court order could be issued without a showing of probable cause that the subscriber had committed a crime. The Sixth Circuit found that individuals have an expectation of privacy regarding the contents of emails sent or stored through an Internet Service Provider (ISP).

Tags: ECPA, Electronic Communications, Electronic Communications Privacy Act, Fourth Amendment, ISP, SCA, Stored Communications Act, e-mail, prior notice, privacy

Discovery Ruling Raises Significant Privacy and E-Discovery Concerns

Posted on June 20, 2007 by Proskauer Rose LLP

In a recently unsealed order, Central District of California Magistrate Judge Jacqueline Chooljian ruled that data contained in a computer server’s Random Access Memory (RAM) is “electronically stored information” for purposes of Federal Rule of Civil Procedure 34. She also ordered the defendant to begin logging the contents of certain servers’ RAM and producing the logs.

Tags: Miscellaneous, computers, discovery, e-discovery

Consumer Unable to Demonstrate Injury Based on Credit Monitoring Costs in Data Breach Case

Posted on June 14, 2007 by Proskauer Rose LLP

A recent decision from the Southern District of Ohio echoes prior decisions of district courts addressing negligence claims against companies that have experienced a data breach. The court held that the cost of obtaining credit monitoring services does not count as damages without evidence of identity fraud. Kahle v. Litton Loan Servicing LP, case no. 1:05cv756.

On August 27, 2005, the defendant, Litton Loan Servicing LP, experienced a break-in involving the theft of more than $60,000 of computer equipment. The perpetrators took six unmarked hard drives, four of which contained the personal information of 229,501 people, including the plaintiff Patricia Kahle. The police conducted an investigation and Litton hired a private investigator who conducted a separate investigation. Litton provided notice of the theft to each person whose information was on the stolen hard drives approximately four weeks after the break-in. The notice included the type of information stolen, a Federal Trade Commission website that could be of assistance, and a toll free contact number at Litton. The notice also recommended that affected consumers place a fraud alert on their credit file.

Tags: Identity Theft, Security Breach Notification Laws, credit monitoring, security breach

When Reckless Means Willful - High Court Issues Landmark Decision Under the Fair Credit Reporting Act

Posted on June 12, 2007 by Proskauer Rose LLP

Since December 4, 2006, consumers have filed dozens of class actions against retailers and other businesses across the country alleging “willful” violations of the Fair and Accurate Credit Transactions Act (“FACTA”) amendments to the Fair Credit Reporting Act (“FCRA”), prohibiting the printing of more than five digits, or the expiration date, of a credit card on receipts provided to the customer. Defendants in those cases have been waiting anxiously for the Supreme Court to rule in Safeco Insurance Co. of America, et al. v. Burr, et al. 551 U.S. _____ (2007), a factually inapposite matter in which the Court granted certiorari to determine whether “reckless disregard” suffices for willfulness under the statute. In a decision that raises as many questions as it answers, the Supreme Court held on June 4, 2007 that “reckless” failure to comply with FCRA can be considered willful. The Court’s opinion begs the question whether it was objectively reasonable for retailers to continue the printing of expiration dates on customer receipts after FACTA took full effect.

Tags: FACTA, FCRA, Fair Credit Reporting Act, Fair and Accurate Credit Transactions Act, Financial Privacy, consumer report, credit card, expiration date, truncation