Articles Tagged with Stored Communications Act

Hackers aren’t the only ones who can gain unauthorized access to your private data. Maybe you shared a password with your spouse, then got divorced and forgot to change it. Maybe you neglected to lock your phone and a passerby was able to pick it up and view your bank-account balances. There are innumerable ways in which your personal files can be exposed to someone you never intended to share them with. Revenge porn laws offer some protection when the files consist of sexually explicit selfies, but when the files at issue consist of mundane (but nevertheless private) emails or texts, the federal Stored Communications Act (“SCA”) often comes into play. The SCA establishes a criminal offense for whoever “intentionally accesses without authorization a facility through which an electronic communication service is provided” or “intentionally exceeds an authorization to access that facility,” and by doing so “obtains, alters, or prevents authorized access to a wire or electronic communication while it is in electronic storage in such system.” 18 U.S.C. § 2701(a). The SCA also creates a civil cause of action, in which the plaintiff may obtain damages plus reasonable attorneys’ fees and other costs. 18 U.S.C. § 2707(b).

Many of us store all kinds of files in “the cloud” that we do not intend to share with the world: financial documents, proprietary information, trade secrets, personal notes–the list is endless. Suppose a former colleague intentionally accesses your Apple iCloud account–or your Dropbox account–or your Gmail account–without your knowledge or permission, finds your stuff and downloads copies. In many cases, this kind of behavior would create a right of action under the SCA. But the law contains a number of requirements that may or may not apply in your particular situation, and proof is often hard to come by.

Continue reading

The Stored Communications Act (“SCA”), found at 18 U.S.C. §§ 2701-2712, establishes both a criminal offense and a civil cause of action against anyone who “intentionally accesses without authorization a facility through which an electronic communication service is provided” or “intentionally exceeds an authorization to access that facility,” and by doing so “obtains, alters, or prevents authorized access to a wire or electronic communication while it is in electronic storage in such system.” Successful plaintiffs may obtain damages, equitable or declaratory relief, and reasonable attorney’s fees. (See 18 U.S.C. § 2707(b)). In the employment context, the SCA is often understood to place restrictions on those situations in which an employer can access its employees’ private email accounts (i.e., accounts maintained by third-party email service providers like Google, Microsoft, and Yahoo). A few weeks ago, the Western District of Virginia decided Hoofnagle v. Smyth-Wythe Airport Commission, in which it rejected various justifications offered by an employer for accessing a former employee’s private Yahoo! email account.

Charles H. Hoofnagle was a government employee who worked as the Operations Manager for Mountain Empire Airport in Rural Retreat, Virginia. He reported to the Smyth-Wythe Airport Commission and his duties included answering phone calls and responding to emails from the public and customers. The Commission, however, did not have in place an official policy regarding use of computers or email. The airport did not even provide employees with an email address, so Hoofnagle created a Yahoo! Mail address, charliemkj@yahoo.com, which he used for both personal and business purposes. (MKJ is the airport’s FAA idendifier code). It was this Yahoo! address that was held out to the public as an official contact for the airport and provided to nearly all vendors and customers.

Continue reading

Contact Us

Virginia: (703) 722-0588
Washington, D.C.: (202) 449-8555
Contact Information