Fourth Circuit Deepens the Split on Accessing Opened E-Mails

The Volokh Conspiracy

Mostly law professors | Sometimes contrarian | Often libertarian | Always independent

The Stored Communications Act, a federal law governing e-mail privacy, is notoriously difficult to understand. The greatest confusion has been how the law treats privacy rights in opened e-mails. The Fourth Circuit recently deepened the disagreement and added an additional new theory in a published decision, Hately v. Watts. Hately holds that the civil cause of action for unauthorized access to e-mails found in 18 U.S.C. 2701 also extends to accessing opened web-based e-mails.

This is an issue that has been puzzling courts since at least the 1990s, and I thought I would explain the new decision and why it matters. I'll start by explaining the basic debate over opened e-mail. I'll then discuss the facts and reasoning of Hately. I'll conclude with my thoughts on why I think the court is wrong, why the issue is hard, and why I hope the Supreme Court will review the case.

A. The Statutory Context

In 1986, Congress enacted the Stored Communications Act (SCA) to regulate the privacy of electronic messages sent over computer networks. Congress looked at the Internet of 1986 and saw a need for two kinds of privacy protections in stored communicatins. The first need was to protect the privacy of stored e-mails in the course of delivery. The second need was to protect the privacy of contents stored by remote computing services, what today we would think of, more or less, as cloud providers. In the 1986 statute, Congress decided that the privacy of e-mails in the course of delivery merited greater statutory privacy protections than contents held by cloud providers.

That greater privacy protection was expressed in two main ways. First, in a criminal investigation, investigators need a warrant to access e-mails in the course of delivery but do not need a warrant to access contents held by cloud providers under 18 U.S.C. 2703. Second, in 18 U.S.C. 2701, Congress made it both a crime and the basis of a civil action to commit an unauthorized access to obtain another person's private e-mails stored in the course of delivery -- but not to commit an unauthorized access to obtain the contents held by cloud providers. (These are rough descriptions of the two statutory categories which give you the basic idea of them. I'll pass on the details of the language for purposes of this post to keep it a readable length, but note that I'm providing a simplified version. See here for more.)

The question that confuses everyone is what to do with opened e-mails. Here's the problem. Courts have long agreed that when an e-mail is sitting in a person's inbox, as of yet undelivered to the user, it is still stored the course of delivery. It gets the greater level of protection. See, e.g., Vista Marketing, LLC v. Burkett, 812 F.3d 954 (11th Cir. 2016). But let's say a user logs into his e-mail account, reads an e-mail, and then keeps the e-mail on the server -- something that today's e-mail providers ordinarily do by default. If someone else comes along and obtains a copy of the opened e-mail without the account owner's permission, is that accessing an e-mail in the course of delivery? Or is that accessing contents held by a cloud provider?

This question used to be extraordinarily important in an era before the Fourth Amendment was understood to apply broadly require warrants for the government to access e-mails. Before United States v. Warshak, the SCA was understood as the limit on government access to e-mails. The statutory classification of opened e-mails determined whether a warrant was required for them. The modern understanding that the Fourth Amendment ordinarily requires a warrant for government access to e-mail has changed the picture somewhat, but only somewhat: Regardless of Fourth Amendment law, the statutory civil action for unauthorized access still only applies to accessing e-mails stored in the course of delivery and not to accessing contents held by remote computing services.

So how should the law classify opened e-mails? The key statutory definition of e-mails stored in the course of delivery, given the confusingly-broad term "electronic storage," has two parts. Such e-mails, the statute says, cover communications held in:

(A) any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof; and

(B) any storage of such communication by an electronic communication service for purposes of backup protection of such communication;

18 U.S.C. 2510(17).

It is generally pretty clear, from the statutory context and legislative history, what (A) means. That language refers to unopened e-mails, that is, e-mails stored that are not yet delivered. They're being stored temporarily as a part of the process of delivering them.

The maddening confusion is what (B) means. There are two basic theories.

The first theory is that e-mails stored for "purpose of backup protection" refers to backups of unopened e-mails that the e-mail provider made of its server. In the research and hearings that led to the enactment of the 1986 law, it was widely noted that e-mail providers made back-ups of their servers in case there was a network problem. Under the first theory, the definition in (B) just makes clear that backup copies of unopened e-mails don't lose their strong privacy protection. After all, if a provider makes a backup copy of the server, and the backup includes copies of unopened e-mails, those copies are no longer temporary or intermediate. They are now permanent, or as permanent as the provider wants them to be. Without the added language of (B), the thinking goes, the government could just wait until the provider makes a backup and then swoop in and demand the backup without a warrant. Part (B) ensures that the user's copy and the provider's backup get the same strong privacy protection.

That's the first theory. The second theory is that e-mails stored "for purpose of backup protection" refers to e-mails that the user intends to keep as the user's backup. The idea is that users keep their files in the cloud for lots of reasons, including as a storage place that they can use to come back and get copies of information that they need later on. On this thinking, the definition in (B) substantially expands the category of more protected e-mails. In particular, it confers the higher leval of privacy protection to opened e-mail: After a user opens an e-mail, the opened e-mail is protected by (B) just like the unopened e-mail is protected by (A) because the opened e-mail is a "backup" of the unopened e-mail. On this view, the relevant "purpose" of backup protection is the individual user's purpose, not the provider's purpose. The user's act of opening the e-mail and not deleting it reflects a "purpose" to keep it around as a "backup." Opened and unopened e-mails get the same protection.

B. The Preexisting Division in Authority

Courts have been all over the map on which interpretation is correct. As the Eleventh Circuit recently noted, "considerable disagreement exists over whether, and if so, under what conditions, opened email transmissions may qualify as being held in 'electronic storage," the term defined by statute in 18 U.S.C. 2510(17). Vista Marketing, LLC v. Burkett, 812 F.3d 954, 976 (11th Cir. 2016). As a result, "the law with regard to this issue is far from settled." Id.

Some courts have adopted the first theory, that opened e-mails are not covered under the civil action in Section 2701 because they are not stored "for purposes of backup protection" by the provider. See, e.g., Jennings v. Jennings, 736 S.E.2d 242 (S.C. 2012). This is also the position of the United States Department of Justice. See United States Dep't of Justice, Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations 125 (3d ed. 2009).

Other courts have adopted the second theory. See, e.g., Theofel v. Farey-Jones, 359 F.3d 1066 (9th Cir. 2004) (Kozinski, J.). Still other courts have tried a hybrid theory, by which they accept the basic idea that the user's backup intent matters but then adopt narrow rules for when an e-mail was kept as a backup by the user. See, e.g., Anzaldua v. Northeast Ambulance and Fire Protection, 793 F.3d 822 (8th Cir. 2015) (concluding that sent e-mails stored in the outbox are not stored for purposes of backup protection).

The widely-noted confusion has led to the occasional request for Supreme Court review -- here's a 2013 cert petition filed by Neal Katyal of Hogan Lovells -- but the Supreme Court has not yet agreed to resolve the uncertainty.

C. The Facts and Holding of the Fourth Circuit's New Decision

That brings us to the new ruling in Hately v. Watts. The case involves access to an e-mail account provided to students and alumni of a Virginia community college. The college provided e-mail to students and alumni that was hosted by Google and available via a web client like a typical gmail account. Hately, an alumnus of the college, used a college-provided account. Hately ended up sharing the account password with someone who later provided access to the account to Watts; Watts then looked in Hately's e-mail account and looked at opened e-mails in Hately's account.

Hately sued Watts under Section 2701. The district court granted summary judgment in favor of Watts on the first theory described above: Because Watts had only looked at opened e-mails, the e-mails were not in "electronic storage" under 18 U.S.C. 2510(17) and thus the access was outside the scope of Section 2701.

The Fourth Circuit reversed. According to the Fourth Circuit, the opened e-mails were in "electronic storage" under the backup provision of 18 U.S.C. 2510(17)(B). The court's reasoning is not exactly easy to summarize. But a key idea seems to be that webmail is based on a kind of redundancy, an idea offered to the court in an amicus brief (see page 22). Companies like Google make many copies of a particular e-mail, the amicus brief noted. Therefore, the court concludes, in the case of webmail, any one copy, opened or closed, can be theorized as a kind of "backup" of other copies that exist for the provider:

[E]ven assuming Watts and the district court are correct that the term "backup protection" encompasses only copies that are "made for the service provider's own administrative purposes," Hately's emails in question would fall within the meaning of "backup protection." "Administrative" means "relating to the running of a business, organization, etc." Administrative, Merriam-Webster.com (last visited Feb. 26, 2019). As explained above, web-based email services—including Google, which hosted Hately's College email account—create numerous copies of emails for their own administrative purposes, such as decreasing email downtime, protecting against loss of data in the event a particular server fails, CDT Br. at 22, and for their own commercial purposes, such as to more effectively target advertisements. Accordingly, the copies of Hately's emails at issue were created for Blue Ridge College email service's "administrative purposes" under the common meaning of that term.

. . . .Additionally, even if an addressee's email service did receive an "original," in the context of "redundant" web-based email services—like Blue Ridge College's email service hosted by Google—even the "original" serves as a "backup." See CDT Br. at 22. In particular, each of the numerous copies of the messages created and stored on the service's server acts as a "substitute" or "support" for every other copy stored on the service's servers. See id. Accordingly, even if one of those numerous copies was an "original," that "original" would still serve as a "backup" for all the other copies stored by the service

The court then offers an alternative rationale that expressly adopts the second theory described above, from the Ninth Circuit's Theofel decision, that a backup can be for the user's purposes rather than the company's purposes. Under this rationale, keeping an opened e-mail is presumably leaving it as a backup:

Equally important, "nothing in the [Stored Communications Act] requires that the backup protection be for the benefit of the [electronic communication service] rather than the user." Theofel, 359 F.3d at 1075. On the contrary, the statute's legislative history expressly contemplates that the requisite backup protection may be for the benefit of the user. H.R. No. 99-647, at 68 ("Back up protection preserves the integrity of the electronic communication system and to some extent preserves the property of the users of such a system." (emphasis added)).

The court then makes an extended argument based on the broad purposes of Congress in enacting the SCA. According to the court, construing opened e-mail as outside the scope of Section 2701 would be inconsistent with the objectives of Congress to protect privacy. Indeed, distinguishing between opened and unopened e-mails would be absurd, the court argues, and surely Congress would not enact a statute so arbitrary and absurd. From the opinion:

Our conclusion that previously delivered and opened emails fall within the meaning of Subsection (B) also accords with Congress's purpose in enacting the Stored Communications Act. Congress sought to fill in a "gap" in then-existing law as to the "protect[ion of] the privacy and security of communications transmitted by new noncommon carrier communications services or new forms of telecommunications and computer technology," including email. S. Rep. No. 99-541, at 5; H.R. Rep. No. 99-647, at 17 (noting that statutory framework that existed prior to enactment of the Stored Communications Act "appear[ed] to leave unprotected an important sector of the new communications technologies," including email); id. at 18 (noting "[t]he statutory deficiency . . . with respect to non-voice communications"). As noted above, Congress expressed concern that the absence of such protection "unnecessarily discourage[s] potential customers from using innovative communications systems" and "encourages unauthorized users to obtain access to communications to which they are not a party." S. Rep. No. 99-541, at 5; H.R. Rep. No. 99-647, at 19.

The district court's construction of Subsection (B)—that previously delivered and opened emails stored by a web-based email service are not in "electronic storage" and therefore not actionable under Section 2701(a)(1)—would materially undermine these objectives. Potential users of web-based-email services—like Blue Ridge College's email service—would be deterred from using such services, knowing that unauthorized individuals and entities could access many, if not most, of the users' most sensitive emails without running afoul of federal law. Likewise, without the prospect of liability under federal law, unauthorized entities will face minimal adverse consequences for accessing, and using for their own benefit, communications to which they are not a party. The legislative history establishes that Congress did not intend such a result. T

The district court's interpretation of Subsection (B)—which would protect only unread emails stored in by web-based email service—also leads to an arbitrary and untenable "gap" in the legal protection of electronic communications. S. Rep. No. 99- 541, at 5. Under the district court's reading, the Stored Communications Act renders unlawful unauthorized access of unopened messages stored by web-based email services, whereas unauthorized access of opened and saved messages stored by such services would not violate the Stored Communications Act. See Hately, 309 F. Supp. 3d at 410. But the messages a user of a web-based email service chooses not to delete—the messages the district court's construction of Subsection (B) leaves unprotected—are likely precisely the types of messages Congress sought to protect. By choosing to save such messages after reading them, the user indicates that the messages have sufficient personal, commercial, or other significance that they want to be able to access them again in the future. It defies logic that the unopened junk and spam email messages that a user leaves in his or her inbox or designated folder without opening would be entitled to more protection than those messages the user chooses to open and retain. We do not believe Congress intended such an absurd result when it enacted a statute intended to fill in the gaps in the then-existing privacy protections for electronic communications and therefore spur adoption of new communication technologies, like email.

D. My Thoughts, and Why the Supreme Court Should Take This Case

I have strong priors on this particular legal question: I think the statute adopts the opened-unopened e-mail distinction, and that the Fourth Circuit was wrong to reject it. Indeed, the district court in Hately relied in part on my discussion of this issue from my 2004 article on the SCA. I go into detail in my article on this, but the basic idea is that you need to go back to what "backup protection" meant in 1986 when the statute was enacted. The meaning of the term in 1986 was pretty clear but also pretty narrow, which you can see in particular from Section 2704's rules for "backup" copies and discussions in the legislative history of the statute. Although we might have thoughts about what backups mean to us today, I think the text of the statute and the understanding of the terms in 1986 point in a different direction.

And that's related to what makes the legal issue so difficult: There's a big gap between the law Congress actually enacted in 1986 and today's sensibilities. The statute Congress enacted in 1986 was premised on a key distinction between the high privacy protection afforded to e-mails in transit and low privacy protections afforded to contents held by users in the cloud. Thirty-three years later, Congress's 1986 viewpoint seems bizarre. Today we see both of those as equally private.

Indeed, as the Fourth Circuit suggests, today we might see contents stored in the cloud as more private than e-mails in transit. The stuff we store in the cloud is the stuff we want to keep, while a lot of today's e-mail is just junk and spam e-mail. The modern world of 2019 makes it hard to fathom the judgment Congress made in 1986. The result is a strong pressure to stretch terms to avoid what in 2019 seems like an absurd result.

In any event, I hope this isn't the end of the road. Hately seems to leave the law a big mess. It has several different rationales, some of which match some other courts (such as the Ninth Circuit's view that backups can be for the user's benefit); others which are new (such as that every e-mail can be theorized as a sort of backup given how modern e-mail works); and others of which conflict with other courts (such as the Jennings case, itself a splintered decision).

When I have taught this topic in recent years, I have mostly thrown up my hands and just explained the different views and told students courts are divided and there is no clear answer. Hately only adds to the uncertainty. Given that, I hope the Supreme Court will take up the case and finally answer what to do with opened e-mail under the Stored Communications Act.

Start your day with Reason. Get a daily brief of the most important stories and trends every weekday morning when you subscribe to Reason Roundup.

NEXT: Dangers of Growing Support for Court-Packing

Crime

Hide Comments (37)

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Comments may only be edited within 5 minutes of posting. Report abuses.

Nick Gillespie's Jacket 6 years ago

Great, informative post. I first heard of this decision in a discussion between Stewart Baker and David Kris (sp?) on the most recent episode of The Cyberlaw Podcast. (Baker said, more or less, that Kris was the next best person to discuss the SCA, after Orin Kerr; Baker and Kris we're decidedly in the Kerr camp, Baker more vocally so and more dismissive of the Fourth Circuit's motives.)
In this blog post, Kerr understandably leaves out the Jerry-Spring-like facts of the case. They were discussed humorously on the podcast. VC contributors are really putting out good stuff.

Log in to Reply
1. A nerdy Fred 6 years ago
  
  Seconded. I dived into the comments section simply to post a thank you to Orin Kerr for a post which is relevant and not just informative but also clear. Well done.
  
  Log in to Reply
2. KenKShaw 6 years ago
  
  on Saturday I got a gorgeous Ariel Atom after earning $6292 this ? four weeks past, after lot of struggels Google, Yahoo, Facebook proffessionals have been revealed the way and cope with gape for increase home income in suffcient free time.You can make $9o an hour working from home easily??.
  
  VIST THIS SITE RIGHT HERE >>=====>>>> http://www.payshd.com
  
  Log in to Reply
loveconstitution1789 6 years ago

Just make the rules easy and constitutional.

GET A WARRANT!

If government wants something that you own, possess, or was created about you for non-public distribution then get a search warrant.

With all the rubber stamping that judges do, warrants are not hard to get.

Log in to Reply
1. Nick Gillespie's Jacket 6 years ago
  
  1789: From the above blog post, it sounds like the current state of 4A law does require a warrant for most of this stuff (that's what I took from Kerr's comment, at least). But this case involved a civil/private cause of action under the SCA involving another individual (not the government or a government actor) accessing the plaintiff' emails. So no warrant issues.
  
  Log in to Reply
  1. loveconstitution1789 6 years ago
    
    These discussions always lead to government actors trying to get 4A protected items.
    
    I dont really care if a private company that I have email service with reads my emails. That is between me and my email provider via ToS or other contractual obligation. A company cannot throw me in jail for something that I say in an email. I don't need the government involved unless there is some contract dispute.
    
    I have seen case after case where government agents use loopholes between criminal and civil law and private dealings with companies to get 4A protected items and information.
    
    A very recent example is the use of 23andMe by government agents to solve DNA crimes. The government was unable to get Americans to agree to a nationwide DNA database of every American to solve crimes, so they use crime scene DNA to narrow the suspect search. Then they grab trash of potential suspects without warrants and BINGO! They find their suspect and don't need a warrant.
    
    Unfortunately, the Constitution requires all search warrants to be based on probable cause that the person being search or seized committed the crime. The government agents cannot do that until they have the DNA from the suspect's trash.
    
    Log in to Reply
  2. FlameCCT 6 years ago
    
    Would that not be similar to illegal (fraudulent) entry to obtain the emails. Not much different than if the guy had been given a key to the store room then entered it and took some "mail" from say a storage box. Either way, he didn't have authorized access.
    
    Log in to Reply
2. RobertPWilson 6 years ago
  
  Why everyone is confused just join at home online job .This is really good opurtunity for home mom just join this website and Earn money by monthly check .So u cant be miss and join this site as soon as posible .
  Here what i am doo ?
  
  ??????? http://www.finestylereview.com
  
  Log in to Reply
James Pollock 6 years ago

"The question that confuses everyone is what to do with opened e-mails."

There's a considerable evidentiary challenge here, in that mails in transit and mail waiting for you at your mail server are readily technologically differentiable, whereas opened and unopened mail waiting at your mail server are not. Mail that has not been read can be marked as read, and mail that has been read can be marked as unread.
But wait! You say. You've changed the verb from "opened" to "read". Well, yes, I have. That's because "opened" is technically meaningless. Mail messages are opened at multiple points along their path, by a variety of agents. Outgoing emails may be scanned for confidential information, by anti-spam agents anywhere along the routing path, and at the terminus modern email clients open mail for several purposes. Even back in 1995 Outlook had a preview pane (that was exploited as a new vector to spread malware). So security products open and scan emails long before the user ever gets around to reading the message.

The problem is that the analogy to regular mail is inapt. There's no electronic envelope that is either intact or not. There could be, using asymmetrical encryption, but nobody bothers, just like nobody who isn't military or diplomatic service encrypts their phone calls.

Log in to Reply
1. FlameCCT 6 years ago
  
  I'm surprised that everyone appears to be ignoring that he wasn't authorized access, instead using a password that had been illegally provided to him. Not to mention that he also could have read "unopened" emails then mark them once again as "unread" as you discuss.
  
  Log in to Reply
2. Kevin Smith 6 years ago
  
  At the time the law was written (in 1986) POP3 was the primary email protocol, and with POP3 opened or read messages are removed from the email server, and then stored locally on the user's PC (if the person wanted to keep them) so I think that is the distinction the law is making
  
  Log in to Reply
  1. KHP54 6 years ago
    
    In POP3 retrieving and deleting are completely separate operations. It was fairly common, for example, to configure a laptop email client to retrieve-only, so that you could read new emails on the road, but when you got home your desktop email client would still retrieve everything into your canonical local mail store
    
    Log in to Reply
Rossami 6 years ago

Well, this should be easy but I throw the blame on Congress, not on the courts.

Investigators should need a warrant both during delivery and to access contents stored by remote services. The difference in levels of protection was stupid even when Congress passed the law in 1986. Fix that and this whole mess over whether "unopened" counts as "undelivered" goes away.

More broadly, the "Third Party" doctrine is broken. If I give you something with the expectation that you will hold it securely for me (and it's not illegal for you to do that), it should require more than a mere subpoena to force you to turn it over. We already hold safety deposit boxes to that standard. Why are they protected but emails held by google are not?

Going back to the specific case at hand, Hately was an idiot for sharing his password in the first place. The unnamed person was wrong to distribute it and Watts was wrong to exploit it but Hately deserves public scorn and ridicule for such appallingly poor security.

Log in to Reply
1. John Thacker 6 years ago
  
  Investigators should need a warrant both during delivery and to access contents stored by remote services. The difference in levels of protection was stupid even when Congress passed the law in 1986
  
  It was much less stupid, though. In 1986 the usual way to deal with email was POP. (Post Office Protocol) Emails were downloaded to someone's computer and deleted off the server immediately when read. Emails were *not* stored in cloud services or remote servers after being delivered as a matter of course. "Download-and-delete" is how POP worked (1986 was still POP2, pre 1988's POP3.)
  
  In 1986 IMAP, which is the mail protocol that standardized "view your email but leave it on the server" (because you want to access it from different clients) was just being written, and was not publicly released for several more years.
  
  The 1986 law reflects 1986 technology, and makes assumptions based on how the technology worked then.
  
  Log in to Reply
  1. FlameCCT 6 years ago
    
    Excellent analysis.
    
    Log in to Reply
    1. KHP54 6 years ago
      
      Excellent except for not realizing that POP2 also supports read-without-delete (as does POP[1] for that matter.)
      
      Log in to Reply
2. James Pollock 6 years ago
  
  "Why are they protected but emails held by google are not?"
  
  Safe deposit boxes are intended to be both private and secure. Email is neither of those. If you aren't encrypting your email, you don't care who reads it, QED.
  
  Log in to Reply
  1. Rossami 6 years ago
    
    The contents of my safe deposit box are not "private and secure" from the bank. Depending on the bank, they may have a master key. Regardless, they can drill the lock in no time at all. And the bank has the right to go into that box anytime they suspect that there might be something dangerous in it.
    
    On the other hand, most people DO think that email is private and secure. The fact that they are technologically wrong (usually) does not change their intentions nor their reliance on the privacy promises of the email provider. Most people do care quite a bit who reads their emails, even if they don't know how to encrypt it.
    
    But like the bank's master key (or ability to drill the lock), the email provider almost always has access around the user's encryption. I, for example, use two layers of encryption on my emails - and both are based on capabilities offered by my email provider. The police are exploiting this access despite not being allowed to do the same for safe deposit boxes. It's a double-standard that lowers the protections for email based on no good logic or standard.
    
    Log in to Reply
    1. James Pollock 6 years ago
      
      " It's a double-standard that lowers the protections for email based on no good logic or standard."
      
      Except, of course, for the perfectly good logic I mentioned before. One is private and secure, the other is public and insecure. You might WISH they were more similar, but they just aren't. The fact that other people think email is private and secure doesn't make it either one of those things.
      
      Email, on the Internet, was invented and first used by people who had nothing to hide and didn't care who knew about it. That's why ALL the original Internet standards were insecure. Yes, it would have been nice if they'd included provisions for anti-spam in the original protocols. It would have been nice if they'd included confidentiality encryption in the payload and integrity encryption in the addressing headers. But they didn't. And when they added the capability for adding those, people didn't implement them. In regular mail, if you have confidential information to send, there's things you can do to improve confidentiality, such as putting it in an envelope that is delivered sealed... you wouldn't put it on a postcard if it were supposed to remain confidential. But email is all postcards.
      
      Log in to Reply
John Thacker 6 years ago

There's a big gap between the law Congress actually enacted in 1986 and today's sensibilities.

The law in 1986 accurately reflected 1986's email technologies and protocols. IMAP made POP's "download and delete" functionality obsolete, but wasn't released publicly until several years later. The law should have been updated to reflect post 1986 email usage, where emails are actually left on a remote server in order to enable reading them from multiple clients. That didn't happen in 1986; opened emails were deleted from remote servers.

Log in to Reply
1. James Pollock 6 years ago
  
  "That didn't happen in 1986; opened emails were deleted from remote servers."
  
  That's not accurate. Compuserve mail and any number of BBS software packages retained messages until deleted specifically.
  
  Log in to Reply
cmcc_aus 6 years ago

I'm a retired technologist. From the early 80's to the late 90's I was involved with the expansion of email systems, as the Internet became 'a thing.' The SCA more or less anticipated what the world looked like ca.1998, a time when Users downloaded their mail from servers, retained their mail on their own local PC's, and where the copy on server was routinely, even automatically, deleted after it was downloaded.

But since then, I've watched with concern, as cloud-based systems have become the norm. What I have read stays in the cloud unless I deliberately remove it. The web service providers want it to appear that cloud storage is just a virtual extension of our local hard-drive, continually synched. I haven't changed my basic behavior, but have been lured into dependency on the cloud.

As a non-legal participant, it feels to me that this should be private, and the 'multiple back-ups' theory is a way to get there -- although legally it may be a leap. What's certainly clear is that the SCA of 1986 didn't anticipate anything close to today's virtual electronic environment. It's overdue for some reframing by Congress; it's beyond the point where we can trust the courts to sort it out according to the intent of the drafters.

Log in to Reply
1. James Pollock 6 years ago
  
  You appear to be forgetting that Internet email is only one form of email, and that others existed at that time (although they're largely integrated with Internet mail now).
  
  Log in to Reply
  1. John Thacker 6 years ago
    
    Although that's true of the various non-Internet proprietary systems, Compuserve (along with the other systems) ended up using POP3 later on once they connected to the Internet, and at that point people did indeed download and delete their messages.
    
    The writers of the 1986 law also forgot that other systems existed.
    
    The law is like a law regarding the treatment of photographs held by a third party that is entirely from the perspective of taking your roll of film to a drugstore to be developed, and then attempting to apply that law to Google Photos and iCloud.
    
    Log in to Reply
jdgalt1 6 years ago

It sounds like it would be both much more clarifying, and more satisfying to most of the public, if Congress were to revisit SCA and clean up its own mess rather than require the Supreme Court to intervene, which is more likely to result in the kind of hack job the Supreme Court did on the Affordable Care Act.

Log in to Reply
Greg_Cherryson 6 years ago

So, stop tinkering!

Boyd v. United States, 116 U.S. 616 (1886); original intent, established jurisprudence prior to the Constitution (Entick v. Carrington), and a century post-Independence. Not enough for career government worshippers?

"The seizure or compulsory production of a man's private papers to be used in evidence against him is equivalent to compelling him to be a witness against himself, and, in a prosecution for a crime, penalty or forfeiture, is equally within the prohibition of the Fifth Amendment.

Both amendments relate to the personal security of the citizen. They nearly run into, and mutually throw light upon, each other. When the thing forbidden in the Fifth Amendment, namely, compelling a man to be a witness against himself, is the object of a search and seizure of his private papers, it is an "unreasonable search and seizure" within the Fourth Amendment. "

Log in to Reply
1. James Pollock 6 years ago
  
  Sorry, I don't buy it.
  Forcing someone to write out a confession is like forcing them to testify against themself. Forcing them to produce papers that already exist, however, is not.
  The 4th and 5th are different amendments; the fourth applies, the fifth does not.
  
  Log in to Reply
  1. Greg_Cherryson 6 years ago
    
    A person's "papers" are an extension of that person's mind. Producing such papers (regardless if they existed before) unavoidably has a testimonial aspects. I fully agree with the above-quoted excerpt from Boyd.
    
    Log in to Reply
Krayt 6 years ago

To computers, "opened" or not is just a bit flipped somewhere in what are usually encrypted databases with passwords. This is purely a law issue. However it is a law issue because government ignores this for its own workaround of the 4th:

As people move "their papers" online for their own convenience, they are not giving up their expectation of privacy, any more than that their speech online is mass produced by computers instead of a mechanical printing press means the government can censor it.

The entire arugument, resting on the assumption of two different standards of protection (so a guy can get sued) is arguing how many angels can dance on the head of a pin.

Log in to Reply
anorlunda 6 years ago

This is a case that Congress should fix, not the courts.

SCOTUS can strike down a law because it is vague. Can they strike it down because the premise of the law is moot? Not the consequence is moot, but the premise. That seems to be the situation in this case.

So, if the SCA was sruck down, what would the status quo be for warrants and emails?

Log in to Reply
Rev. Arthur L. Kirkland 6 years ago

I appreciate Prof. Kerr's efforts and insights. My preferences tend increasingly toward 'get a warrant' and 'make it easier to hold people accountable for abusing the warrant process.'

Log in to Reply
Longtobefree 6 years ago

I am old school. If the govt wants to look at any of my stuff, physical, electronic, mythical, whatever, it should have a warrant as described in the constitution.
If they want to search my desk for physical mail, it doesn't matter if it is in an unopened envelope, or opened and laying on the desk. As long as they have a warrant describing the mail (say "mail relating to Russian collusion"), they can grab it. Theoretically, if the warrant does not describe the mail, maybe it is for illegal sex trafficked unicorns, they can't grab my mail.

And yes, I do believe in unicorns.

Log in to Reply
1. James Pollock 6 years ago
  
  "I am old school. If the govt wants to look at any of my stuff, physical, electronic, mythical, whatever, it should have a warrant as described in the constitution."
  
  Great. But private citizens don't have the power to seek and obtain warrants, they do have the power to request subpeonas. Note that the restrictions on obtaining supeonas are not described in the Constitution.
  
  Log in to Reply
Knocka 6 years ago

It seems to me that Congress needs to act, not the Supreme Court. To much reliance, by both right and left, is placed on the Supreme Court resolving issues such as this. It is Congress's statute that is obsolete. Congress should fix it.

Log in to Reply
TheAmazingEmu 6 years ago

This is a great example of purpotivism vs. textualism. Both have plausible constructions of a statute, but one takes into account what the words meant at the time the statute was created while the other takes into account what the legislature was trying to achieve.

Log in to Reply
1. SFAlphaGeek 6 years ago
  
  There is of course, a third statutory construction approach, and the one that seems to be in play here: taking into account what the judge thinks the legislature should have been trying to achieve.
  
  Log in to Reply
repehovep 6 years ago

I essentially started three weeks past and that i makes $385 benefit $135 to $a hundred and fifty consistently simply by working at the internet from domestic. http://xurl.es/ReadMore

Log in to Reply

Please log in to post comments

The Volokh Conspiracy

Fourth Circuit Deepens the Split on Accessing Opened E-Mails

Courts have been struggling with this issue for years, and now the law is even more divided than before.

Latest

Cops Called on Dad for Playing Catch with 14-Year-Old Son at Park

ICE Denies Reason Access to Immigration Court In Miami Detention Center

Deported for Innocent Tattoos?

Oh, Canada

Federal Court 'Vacates in Its Entirety' the FDA's Costly and Onerous Lab Test Rule

Recommended

Login Form

The Volokh Conspiracy

Latest

Cops Called on Dad for Playing Catch with 14-Year-Old Son at Park

ICE Denies Reason Access to Immigration Court In Miami Detention Center

Deported for Innocent Tattoos?

Oh, Canada

Federal Court 'Vacates in Its Entirety' the FDA's Costly and Onerous Lab Test Rule

Recommended

Special Offer!