July 2007

In a novel case, the Ninth Circuit ruled on July 6, as amended July 25, that government surveillance of Internet Protocol (“IP”) addresses visited, to/from addresses of emails, and the total volume of information sent to or from an email account does not violate the Fourth Amendment. United States v. Forrester, No. 05-50410, — F.3d — (9th Cir. July 6, 2007). The ruling does not affect the requirement that the government obtain a search warrant before searching the actual content of that Internet traffic.

The defendant in United States v. Forrester, Dennis Louis Alba, was charged and convicted of various federal offenses relating to the operation of an Ecstasy-manufacturing laboratory. During the government’s investigation of Alba, it installed a device on Alba’s computer that gathered the IP addresses of the websites he visited, the to/from addresses of his emails, and the total volume of information sent to or from his email account. In his appeal, Alba contended that the surveillance constituted a warrantless search in violation of the Fourth Amendment and fell outside of the then-applicable pen register statute. The Ninth Circuit addressed the merits of Alba’s first contention, but found it unnecessary to address the second.

The Ninth Circuit applied the Supreme Court’s analysis in Smith v. Maryland, 442 U.S. 735 (1979), in which the Court held that a pen register does not constitute a Fourth Amendment search. The Court so held because pen registers merely track phone numbers dialed and do not reveal the actual contents of conversations. Cf. Katz v. United States, 289 U.S. 347 (1967) (holding that one can have legitimate expectation of privacy in the contents of one’s phone conversations).  The Ninth Circuit reasoned that the government’s surveillance of Alba’s activity was “constitutionally indistinguishable” from surveillance via a pen register because accessing IP addresses involves the transmission and receipt of a unique identifier, which does not reveal actual content, via the third-party equipment of an internet service provider.  An Internet user therefore does not have a legitimate expectation of privacy in the IP addresses he or she accesses.

Balancing privacy and evidentiary interests in a stock option backdating matter, the Northern District of California held on June 11, 2007 that the SEC’s interest in obtaining banking account information of defendant Gregory Reyes, ex-CEO of Brocade Communications, outweighs Reyes’ financial history privacy interests. SEC v. Reyes, No. C 06-04435 CRB (N.D. Cal. 2007).

In a recent decision, the Northern District of California held that e-mail harvesting without permission may give rise to a cause of action under the California Penal Code and based on common law misappropriation. More striking, however, was the court’s ruling that the federal CAN-SPAM Act, 15 U.S.C. § 7701 et seq., preempts two California anti-spam statutes. Facebook, Inc. v. ConnectU LLC, — F.Supp.2d —, 2007 WL 1514783 (N.D. Cal. 2007).