Does the Stored Communication Act protect all text messages and data stored on a personal cell phone accessed without the owner’s permission?
Not if you are arguing the cell phone is a “facility” under the Stored Communications Act. Garcia v. City of Laredo, 2012 U.S. App. LEXIS 25370 (5th Cir. Tex. Dec. 12, 2012).
The facts in Garcia v. City of Laredo involved a former police dispatcher who was terminated for violating department policy after another police officer’s wife first removed the Plaintiff’s phone from an unlocked locker in a police substation and then accessed the Plaintiff’s text messages and photos. Garcia, at *2. The police officer’s wife shared the information on the phone with city officials, because the wife believed the Plaintiff had violated department policy. Garcia, at *3. The Plaintiff was later terminated after an investigation. Id.
In order for a party to violate the Stored Communications Act, “they must have gained unauthorized access to a facility through which electronic communication services are provided (or the access must have exceeded the scope of authority given) and must thereby have accessed electronic communications while in storage.” Garcia, at *6, citing 18 U.S.C. § 2701(a) (2006).
The Plaintiff argued that her personal cell phone was a “facility” under the Stored Communications Act, claiming the electronic communication were kept in electronic storage in the form of text messages and pictures stored on the cell phone. Garcia, at *6.
The Stored Communication Act defines “electronic communication service” (“ECS “) as “any service which provides to users thereof the ability to send or receive wire or electronic communications.” Garcia, at *6-7, citing 18 U.S.C. §2510(15) and incorporated by reference in 18 U.S.C. §2711(1) of the SCA.
“Electronic storage” is defined as “(A) any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof; and (B) any storage of such communication by an electronic communication service for purposes of backup protection of such communication.” Garcia, at *7, citing §2510(17).
The Court cited case law that explained a hacker accessing a person’s photos and information on a laptop was outside of the Stored Communication Act. Case precedent held the following:
“[T]he SCA clearly applies . . . to information stored with a phone company, Internet Service Provider (ISP), or electronic bulletin board system,” but does not, however, “appear to apply to the source’s hacking into Steiger’s computer to download images and identifying information stored on his hard-drive.” It noted that “the SCA may apply to the extent the source accessed and retrieved any information stored with Steiger’s Internet service provider.”
Garcia, at *8, citing United States v. Steiger 318 F.3d 1039, 1049 (11th Cir. 2003).
Other Courts have held the following on “facilities” under the Stored Communications Act:
“[T]he relevant ‘facilities’ that the SCA is designed to protect are not computers that enable the use of an electronic communication service, but instead are facilities that are operated by electronic communication service providers and used to store and maintain electronic storage.”
Garcia, at *9, Freedom Banc Mortg. Servs., Inc. v. O’Harra, No. 2:11-cv-01073, 2012 U.S. Dist. LEXIS 125734, at *9 (S. D. Ohio Sept. 5, 2012).
The Stored Communication Act was also originally envisioned where “a provider (the ISP or other network service provider) and a user (the individual with an account with the provider), with the user’s communications in the possession of the provider.” Garcia, at *10, citing Orin S. Kerr, A User’s Guide to the Stored Communications Act, and a Legislator’s Guide to Amending It, 72 GEO. WASH. L. REV. 1208, 1209-13 (2004) .
Information on personal computers and cell phones is not “electronic storage” under the Stored Communication Act. Garcia, at *11. Moreover, just because a cell phone enables the use of electronic communication services, does not mean it is a provider of electronic communication services. Garcia, at *11-12. Furthermore, there was no evidence the Defendants acquired the data from the cell phone service provider, thus no violation of the Stored Communication Act. Garcia, at *12.
Bow Tie Thoughts
The Plaintiff argued there were also violations of the Fourth Amendment, the Texas Constitution and the invasion of privacy; however, none of those issues were appealed.
It is important to understand the difference between a personal device, whether it is a cell phone or a personal computer, and a service, such as an email service provider. This can become complicated quickly, but just because a device enables the use of electronic communication services, does not mean it is a provider of electronic communication services.