Does the Stored Communications Act (SCA) apply to data stored in a personal cell phone? The U.S. Fifth Circuit Court of Appeals answered that question on December 12, 2012, holding that the SCA does not apply to data stored on an individual cell phone, and thus an employer did not violate the SCA when it looked at pictures and texts on one of its employee's cell phones without her permission.
The case is Garcia v. City of Laredo, Case No. 11-41118, which arose out of the following facts, according to the court opinion:
Ms. Garcia is a former police dispatcher for the City of Laredo. On November 15, 2008, a police officer's wife removed Ms. Garcia's cell phone from an unlocked locker in a substation of the Laredo Police Department, and she accessed text messages and images found on Ms. Garcia's phone. Based on what she found on the phone, she advised a deputy assistant city manager and assistant police chief that Ms. Garcia violated a department policy and at a meeting with them, accessed Ms. Garcia's phone and photographs. Investigators later downloaded a video recording and 32 digital images from the phone, but were apparently not able to download the text message.
An internal investigation which relied on the images and text messages concluded that Ms. Garcia had violated police department rules and regulations by engaging in an extramarital affair and Ms. Garcia was terminated, the Wall Street Journal reports.
Ms. Garcia brought suit against the City of Laredo and the people who accessed her phone without her permission, claiming, among other things, that said actions violated the Stored Communications Act. The defendants argued that the SCA did not apply to images and text messages stored on an ordinary cell phone.
The district court granted summary judgment for defendants and denied Ms. Garcia' motion for partial summary judgment on the Stored Communications Act finding that the statute did not apply to defendants' actions in this case.
The Fifth Circuit Court of Appeals agreed with the lower court and found that the SCA did not apply to protect the data stored on Ms. Garcia's phone.
The Stored Communications Act
In 1986, Congress passed the Stored Communications Act as part of the Electronic Communications Privacy Act to protect potential intrusions on individual privacy that the Fourth Amendment did not address.
The Stored Communications Act prohibits accessing, without authorization, a facility through which an electronic communication service is provided and thereby obtaining access to an electronic communication while it is in electronic storage.
The Fifth Circuit noted in its analysis that the term "facility" was not defined in the SCA but "electronic communication service" and "electronic storage" were defined.
"Electronic communication service" (ECS) is defined as "any service which provides to users thereof the ability to send or receive wire or electronic communications."
"Electronic storage" is defined as "(A) any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof; and (B) any storage of such communication by an electronic communication service for purposes of backup protection of such communication."
"Facility" Under the SCA
The Court recognized that courts have interpreted the statute to apply to providers of a communication service such as telephone companies, Internet or e-mail service providers, and bulletin board services. Unfortunately for Ms. Garcia, the Court felt that these cases were not helpful to her position, because her case involved an individual mobile device, and not a "facility."
The Court found persuasive a discussion of this issue in an Eleventh Circuit decision, United States v. Steiger, 318 F.3d 1039, 1049 (11th Cir. 2003).
"In Steiger, when a hacker accessed an individual's computer and obtained information saved to his hard drive, the court held such conduct was beyond the reach of the SCA. Id. The court found that 'the SCA clearly applies . . . to information stored with a phone company, Internet Service Provider (ISP), or electronic bulletin board system,' but does not, however, 'appear to apply to the source's hacking into Steiger's computer to download images and identifying information stored on his hard-drive.' Id. It noted that 'the SCA may apply to the extent the source accessed and retrieved any information stored with Steiger's Internet service provider.' Id."
A recent decision from the Northern District of California held that a class of iPhone plaintiffs had no claim under the SCA because their iPhones did not "constitute 'facilit[ies] through which an electronic communication service is provided.'" In re iPhone Application Litig., 844 F. Supp. 2d 1040, 1057-58 (N.D. Cal. 2012).
Review of the legislative history further convinced the Court that by using the term "facility," the intention of the statute was that it would apply to providers only, rather than individual devices.
"Electronic Storage" Under the SCA
The Court further concluded that that information that an individual stores to his hard drive or cell phone is not in electronic storage under the statute because the term, as defined in the statute, encompasses only the information that has been stored by an electronic communication service provider, and such information must also be stored temporarily pending delivery or for purposes of backup protection.
There was no evidence that defendants ever obtained any information from the cellular company or network. Thus, the Fifth Circuit Court concluded that the text messages and photos stored on Ms. Garcia's phone were not in "electronic storage" as defined by the SCA and were therefore outside the scope of the statute.
The Court did note that Ms. Garcia made additional arguments to the lower court, including violations of the Fourth Amendment, the Texas Constitution, and invasion of privacy, but that the only issue before the Fifth Circuit was the applicability of the SCA.