An interesting fact about the Stored Communications Act, 18 U.S.C. §§2701-2712, is that it was originally passed in 1986, long before email and the internet as we now know it today. The Stored Communications Act provides, in part, that when a person or entity:
(1) Intentionally accesses without authorization a facility through which an electronic communication service is provided; or
(2) Intentionally exceeds an authorization to access this facility;
and thereby obtains, alters, or prevents access to a wire or electronic communication while it is in electronic storage in such a system [such person or entity] shall be [liable]. 18 U.S.C. 2701(a) (emphasis added in court opinion cited infra).
In Cheng v. Romo, 2013 WL 6814691 (D. Mass. December 20, 2013), plaintiff sued defendant under the SCA for unauthorized access to his Yahoo! email account. The jury returned a verdict for plaintiff, and defendant filed a motion for judgment as a matter of law. The defendant’s argument turned on a technicality: because the defendant read the email threads after plaintiff opened them on a web browser (not downloading them), they were not “in electronic storage” under the definition of the statute.
“Electronic storage” has kept the same definition since 1986, and it is defined by the statute as:
(A) Any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof; and
(B) Any storage of such communication by an electronic communication service for purposes of backup protection of such communication.
Defendant attempted to argue that after plaintiff opened the emails on a web browser (as opposed to downloading a copy to a computer or other device), the emails were not on a “backup” server. As Yahoo!’s server was the only place the email threads were located, it was not for backup purposes as it was the only copy.
Noting that modern web-based email systems were not around when the SCA was passed, the court ruled in favor of plaintiff and agreed that defendant’s position results in an illogical interpretation of the SCA. “The web-based access mechanism is simply the modern day equivalent of how email was accessed in 1986…” The court declined to grant defendant’s motion, as it would make SCA liability turn on what piece of software (downloaded to a device or opened on the web) was used to access the email account.