: Ninth Circuit : Privacy Law Blog

Home > Ninth Circuit >

Ninth Circuit: ECPA Protects Stored Communications of Foreign Citizens

Posted on October 17, 2011 by Scott J. Carpenter

Suzlon Energy Ltd. demanded Microsoft to produce emails from the Hotmail email account of Rajagopalan Sridhar, an Indian citizen imprisoned abroad. The district court held that the Electronic Communications Privacy Act (“ECPA”) prohibited Microsoft from producing the documents even though Sridhar was not a U.S. citizen. The Ninth Circuit affirmed.

Suzlon Energy Ltd. sought Sridhar’s emails pursuant to 28 U.S.C. § 1782, which, in part, allows a district court to compel production of documents by a person residing in the court’s district for use in a foreign proceeding. The Ninth Circuit noted that its own precedent held that the ECPA limited Section 1782 by prohibiting an electronic communications service provider (such as Microsoft) from producing stored communications of a user of its service. The issue for the Ninth Circuit here was whether this protection extended to foreign citizens.

Looking at the plain language of the ECPA, which defines a “user” as “any person or entity,” ruled matter-of-factly that “any person” included foreign citizens. According to the Ninth Circuit, “the ECPA does not facially restrict its application to U.S. citizens. And . . . Congress knows how to explicitly limit a statute to U.S. citizens when it intends to do so.” The Ninth Circuit also looked to the legislative history of the ECPA “for instructive value” and found that “nothing in the legislative history clearly refutes the plain language of the text.” Thus, “the ECPA unambiguously applies to foreign citizens.”

The Ninth Circuit’s opinion can be found here.

Tags: ECPA, Electronic Communications, Ninth Circuit, email, foreign citizens

No Question about Quon: U.S. Supreme Court Unanimous in Overturning Ninth Circuit

Posted on June 18, 2010 by Brendon Tavelli

On June 17, 2010, in a decision authored by Justice Anthony Kennedy, the U.S. Supreme Court unanimously overturned a decision by the U.S. Court of Appeals for the Ninth Circuit in a case involving an employee’s assertion that a government employer had violated the Fourth Amendment by unreasonably obtaining and reviewing personal text messages sent and received on employer-issued pagers. Click here to read our Client Alert about this important decision.

In case you were wondering, we previously reported on the Ninth Circuit's decision, and denial of rehearing en banc, in Quon v. Arch Wireless here and here.

Tags: Arch Wireless, Electronic Communications, Fourth Amendment, Ninth Circuit, Workplace Privacy, monitoring, reasonable expectation of privacy, text messages, workplace

Geez Ruiz: 9th Circuit (Probably) Ends Long-standing Data Breach Litigation Against Gap, Inc. and Others

Posted on June 7, 2010 by Brendon Tavelli

On May 28, 2010, in an unpublished decision, the U.S. Court of Appeals for the Ninth Circuit affirmed the California district court’s dismissal of a class action lawsuit against retailer Gap, Inc. because, among other things, the plaintiff failed to show that the loss of his personal information harmed him in a legally cognizable way. We previously wrote about the district court’s dismissal here.

On appeal, the Ninth Circuit agreed with the district court’s dismissal of each of the plaintiff’s causes of action, including claims for negligence, breach of contract, unfair competition, invasion of privacy and violation of California’s Social Security number protection law (Cal. Civ. Code § 1798.85). The Court’s relatively brief opinion went a little something like this:

Negligence. Requires Plaintiff to show actual damages. He failed to do that because even if time and money spent on credit monitoring are sufficient, Plaintiff failed to provide any evidence of the time and money he spent on credit monitoring. AFFIRMED.
Breach of contract. Similarly requires Plaintiff to show actual damages. Plaintiff failed to show any appreciable harm, and nominal damages will not suffice according to binding Ninth Circuit precedent. AFFIRMED.
Unfair competition. Another claim that requires Plaintiff to show actual damages. Actual damages mean loss of money or property, and there is no evidence to support such a loss. AFFIRMED.
Invasion of privacy. California courts have yet to extend this cause of action to accidental or negligent conduct. In addition, it is not clear that an increased risk of a privacy invasion, rather than an actual privacy invasion, suffices. AFFIRMED.
Violation of Cal. Civ. Code § 1798.85. The law prohibiting requiring an individual to use his Social Security number to access a Web site absent some additional authentication mechanism is not directed at subsequent requests for information once a user enters the Web site. AFFIRMED.

The Ninth Circuit’s decision echoes those issued in every “identity exposure” lawsuit to date: an increased risk of identity theft does not a lawsuit make! This decision hopefully will also allow Gap and friends to relax (a little) after a prolonged litigation battle.

Tags: Data Breaches, Ninth Circuit, damages, data breach litigation, identity exposure, personal information

Rehearing En Banc Denied in Quon . . . With Dissent

Posted on January 30, 2009 by Proskauer Rose LLP

On Tuesday, the Ninth Circuit denied rehearing en banc in Quon v. Arch Wireless, previously discussed here. The dissent (1) disagrees with the panel's conclusion that the SWAT team members had a reasonable expectation of privacy in the text messages on the grounds that the decision undermines the standard established by the Supreme Court in O’Connor v. Ortega, 480 U.S. 709 (1987); and (2) finds that the method used by the panel to determine whether the search was reasonable conflicts with Supreme Court precedent holding that the Fourth Amendment does not require the government to use the “least intrusive means” when conducting a “special needs” search. The dissent can be found here. Judge Wardlaw's concurrence in the denial of rehearing en banc can be found here. We will keep you posted on this one.

Tags: Arch Wireless, Electronic Communications, Fourth Amendment, Ninth Circuit, Quon, Workplace Privacy, concurrence, dissent, employer, less intrusive means, reasonable expectation of privacy, text messages

Ninth Circuit Applies Pen Register and Mail Principles to Warrantless Monitoring of Internet Traffic

Posted on July 26, 2007 by Proskauer Rose LLP

In a novel case, the Ninth Circuit ruled on July 6, as amended July 25, that government surveillance of Internet Protocol (“IP”) addresses visited, to/from addresses of emails, and the total volume of information sent to or from an email account does not violate the Fourth Amendment. United States v. Forrester, No. 05-50410, -- F.3d -- (9th Cir. July 6, 2007). The ruling does not affect the requirement that the government obtain a search warrant before searching the actual content of that Internet traffic.

The defendant in United States v. Forrester, Dennis Louis Alba, was charged and convicted of various federal offenses relating to the operation of an Ecstasy-manufacturing laboratory. During the government’s investigation of Alba, it installed a device on Alba’s computer that gathered the IP addresses of the websites he visited, the to/from addresses of his emails, and the total volume of information sent to or from his email account. In his appeal, Alba contended that the surveillance constituted a warrantless search in violation of the Fourth Amendment and fell outside of the then-applicable pen register statute. The Ninth Circuit addressed the merits of Alba’s first contention, but found it unnecessary to address the second.

The Ninth Circuit applied the Supreme Court’s analysis in Smith v. Maryland, 442 U.S. 735 (1979), in which the Court held that a pen register does not constitute a Fourth Amendment search. The Court so held because pen registers merely track phone numbers dialed and do not reveal the actual contents of conversations. Cf. Katz v. United States, 289 U.S. 347 (1967) (holding that one can have legitimate expectation of privacy in the contents of one’s phone conversations). The Ninth Circuit reasoned that the government’s surveillance of Alba’s activity was “constitutionally indistinguishable” from surveillance via a pen register because accessing IP addresses involves the transmission and receipt of a unique identifier, which does not reveal actual content, via the third-party equipment of an internet service provider. An Internet user therefore does not have a legitimate expectation of privacy in the IP addresses he or she accesses.

For the same reasons, the court found that surveillance without a judicial warrant of the senders and recipients of Alba’s e-mail and the volume of information flowing through his e-mail account did not violate the Fourth Amendment. The court also analogized to physical mail: the government may, without a warrant, note the addresses on the outsides of envelopes and the volume of mail sent to and from a particular address.

Interestingly, the Ninth Circuit opined that unwarranted surveillance of another form of webpage identification, the uniform resource locator (URL), could pose Fourth Amendment problems. URLs identify particular documents within a website and often contain the search terms a user might employ to find that particular document. Surveillance of URLs therefore is more likely to reveal the content of communications than surveillance of IP addresses and is more likely to violate Katz.

Tags: Fourth Amendment, Internet, Ninth Circuit, Online Privacy