You know that massive Stored Communications Act lawsuit you were planning? The one based on your opponent’s sinister and entirely unconsented intrusions into your clients’ personal laptops and mobile devices? Yeah, well you can forget about that.
At least in the Fifth Circuit, that is. The Fifth Circuit, in its new decision in Garcia v. City of Laredo, has held that personal computers, laptops, mobile devices, and whatnot are entirely unprotected by the Stored Communications Act. Mrs. Garcia was a former police officer who had left her phone in an unlocked locker at the police station, whereupon “a police officer’s wife” just happened to find it (?) and discovered several texts and images which, as the court put it, constituted “evidence of violations of a department policy.” (The Court did not describe the policy-or the images–any further, and for that, we are all grateful.) Mrs. Garcia was fired, and she claimed that the above events infringed upon her rights under the SCA.
The SCA protects data that resides in any “facility through which an electronic communication service is provided,” and generally proscribes attempts to extract that data without a valid consent from its owner. The question is whether or not the above personal devices constitute “facilit[ies] through which an electronic communication service is provided.” The Fifth Circuit tossed its hat in with a handful of other courts which have held that:
the relevant ‘facilities’ that the SCA is designed to protect are not computers that enable the use of an electronic communication service, but instead are facilities that are operated by electronic communication service providers and used to store and maintain electronic storage. [emphasis in original]
The Fifth Circuit also noted that even if personal computers and devices were the type of “facility” covered by the SCA, the data stored on these devices were not either in “temporary, intermediate storage” or in storage “by an electronic communication service for purposes of backup protection,” other requirements of various parts of the SCA.
There had been a small handful District Court level decisions on this issue which had likewise rejected SCA protection for personal computers and devices (in California, Michigan, and Ohio; they are cited in the opinion). But this is the first Circuit level rejection that I have seen. One wonders if this case might have been different had the employer in question gained access to locally cached copies of cloud content (stored on Google Drive, or in iCloud, or someplace like that), since that data is probably stored on exactly the type of “facility” contemplated by the SCA “for purposes of backup protection” (a key purpose of any cloud service). Technology marches on, for better or for worse, with the law in tow behind it. Maybe. Stay tuned.
The Personnel Files 