`
`DATE DOWNLOADED: Sun Sep 26 20:24:07 2021
`SOURCE: Content Downloaded from HeinOnline
`
`Citations:
`
`Bluebook 21st ed.
`Ruel Torres Hernandez, ECPA and Online Computer Privacy, 41 FED. COMM. L.J. 17
`(1988).
`
`ALWD 6th ed.
`Hernandez, R. ., Ecpa and online computer privacy, 41(1) Fed. Comm. L.J. 17 (1988).
`
`APA 7th ed.
`Hernandez, R. (1988). Ecpa and online computer privacy. Federal Communications Law
`Journal, 41(1), 17-42.
`
`Chicago 17th ed.
`Ruel Torres Hernandez, "ECPA and Online Computer Privacy," Federal Communications Law
`Journal 41, no. 1 (November 1988): 17-42
`
`McGill Guide 9th ed.
`Ruel Torres Hernandez, "ECPA and Online Computer Privacy" (1988) 41:1 Fed Comm LJ 17.
`
`AGLC 4th ed.
`Ruel Torres Hernandez, 'ECPA and Online Computer Privacy' (1988) 41(1) Federal
`Communications Law Journal 17.
`
`MLA 8th ed.
`Hernandez, Ruel Torres. "ECPA and Online Computer Privacy." Federal Communications
`Law Journal, vol. 41, no. 1, November 1988, p. 17-42. HeinOnline.
`
`OSCOLA 4th ed.
`Ruel Torres Hernandez, 'ECPA and Online Computer Privacy' (1988) 41 Fed Comm LJ 17
`
`-- Your use of this HeinOnline PDF indicates your acceptance of HeinOnline's Terms and
`Conditions of the license agreement available at
`https://heinonline.org/HOL/License
`- The search text of this PDF is generated from uncorrected OCR text.
`-- To obtain permission to use this article beyond the scope of your license, please use:
`Copyright Information
`
`Epic Games Ex. 1017
`Page 1
`
`
`
`ECPA and Online Computer Privacy
`
`Ruel Torres Hernandez
`*
`
`Contents
`Introduction.......... .......... ........................................... 17
`I. The Computer Communications Environment 19
`II. Initial Criminal Procedure Conflict............ 24
`Inadequacy of Old Law.......................... 25
`III,
`A. Pre-ECPA Case Law........................................... 25
`B. Old Federal Wiretap Statutes............................ 27
`IV. ECPAThe New Law.......................................... 29
`A. Systems Covered....................... .......................... 30
`B. Escaping Coverage .................. 31
`V. ECPA and Thompson v. Predaina ............... 33
`A. Federal Civil Claims........................................... 34
`B. Judicial Application of ECPA............................ 36
`VI. ECPA and Corporate Systems.......................... 37
`A. The Cracker Situation .........................
`37
`B. The Corporate Big Brother Situation ...........
`39
`Conclusion............. . ........................................................ 41
`
`Introduction
`During the ninety-ninth term of Congress, legislation was
`introduced which sought to provide federal statutory guidelines
`to protect the privacy of electronic communications, including
`electronic mail (e-mail), found on commercial computer-based
`services and on other remote computer systems. Ultimately, this
`legislation was enacted as the Electronic Communications Pri
`vacy Act of 1986 (ECPA). Before enactment of ECPA, federal
`law did not provide any guidelines for protecting technologically
`advanced forms of communication. Case law also failed to pro
`
`* B.A. University of California at San Diego, 1984; M.A. San Diego State Uni
`versity, 1987; J.D, California Western School of Law, 1988.
`
`17
`
`Epic Games Ex. 1017
`Page 2
`
`
`
`18
`
`FEDERAL COMMUNICATIONS LAW JOURNAL
`
`[Vol. 41
`
`vide adequate guidance in this area. The peculiarities of com
`puters and computer storage were not addressed by previous
`wiretap laws. Moreover, electronic communications were not
`protected by the constitutional right to privacy as defined by the
`United States Supreme Court. In sum, existing law was “hope
`lessly out of date.”1
`When the old wiretap laws were first enacted, the possibility
`that computer-based electronic communications systems would
`be used to transmit messages across telephone lines had not been
`contemplated. Fortunately, with ECPA, e-mail and other pri
`vate electronic communications are given federal statutory pri
`vacy protection. In particular, ECPA provides both criminal
`procedure guidelines and rules for obtaining civil remedies.
`This discussion of ECPA and related areas is prompted by
`one of the first civil lawsuits which relies upon ECPA as a basis
`for some of its claims.2 The lawsuit, Thompson v. Predaina, was
`filed in March of 1988 in the district court for the Southern Dis
`trict of Indiana.3 While Thompson later was voluntarily dis
`missed by the plaintiff, it is an example of a fact situation which
`raises privacy concerns covered by ECPA. The facts of the case
`were as follows: Linda Thompson, a third-year law student, filed
`a pro se complaint against Bob Predaina, the systems operator
`(sysop) of the Professional’s Choice Bulletin Board, a fee-based
`“hobbyist” electronic bulletin board system. The suit alleged
`that Predaina intruded, without any right or privilege, into
`Thompson’s private e-mail. Thompson based her action on fed
`eral theories, including two under ECPA, as well as on common
`law state claims. In this author’s opinion, the Thompson case
`would have been an excellent ECPA test case. An opportunity
`to see how ECPA will operate to protect, or not protect, one’s
`privacy in the electronic communications context has not yet
`arisen.
`This Article will discuss the following issues: (1) the com-
`
`1. S. Rep. No. 541, 99th Cong., 2d Sess. 2, reprinted in 1986 U.S. Code Cong.
`& Admin. News 3555, 3556 (quoting 132 Cong. Rec. S7992 (daily ed. June 19,
`1986) (statement of Sen. Leahy)).
`2. The one published decision in which the privacy protections of ECPA are
`involved is Michigan Bell v. Drug Enforcement Admin., 693 F. Supp. 542 (E.D.
`Mich. 1988). This case involves telephone toll records, however, not user-generated
`communications as in Thompson.
`3. Thompson v. Predaina, No. 88-93C (S.D. Ind. dismissed Aug. 10, 1988).
`
`Epic Games Ex. 1017
`Page 3
`
`
`
`Number 1]
`
`ONLINE COMPUTER PRIVACY
`
`19
`
`puter communications environment; (2) an example of the pre-
`ECPA criminal situation; (3) the law prior to the passage of
`ECPA; (4) a preliminary discussion of ECPA with emphasis on
`its criminal procedure aspects; (5) ECPA as applied in the civil
`context to the Thompson situation; and (6) ECPA as applied in
`the civil context to the corporate situation.
`
`I. The Computer Communications Environment
`The computer communications environment can be divided
`into three parts: (1) commercial systems and networks; (2) hob
`byist systems and networks; and (3) corporate systems and
`networks.
`The commercial systems and networks electronically pro
`vide private e-mail, public discussion conferences, real-time
`“chat” facilities, public domain software exchange, and access to
`news and various databases. Included within this category are
`the popular consumer computer online services of CompuServe,
`GEnie, the Source, BIX, the WELL, Portal, QuantumLink, Ap
`pleLink, and Prodigy. Also included in the commercial cat-
`agory are the more specialized computer databases such as
`LEXIS, WESTLAW, DIALOG, and the Dow Jones News
`Retrieval, in which some limited private e-mail and private user
`area facilities may be provided. Commercial data communica
`tions networks, such as Telenet and Tymnet, comprise a third
`component of this commercial category. In his report on the
`telephone industry, Peter Huber writes that there are
`“[h]undreds, perhaps thousands of [commercial] information
`service providers . . . offering immediate access to vast amounts
`of electronically stored information in an extremely broad range
`of fields.”4 Indeed, he notes, “[t]he industry has grown explo
`sively since 1979.”5
`Hobbyist systems and networks include electronic bulletin
`boards (BBS’s) and the various cooperative networks. The
`ECPA Senate Report contains one definition of electronic bulle
`tin boards:
`Electronic “bulletin boards” are communications networks created
`by computer users for the transfer of information among computers.
`
`4. P. Huber, The Geodesic Network: 1987 Report on Competition in
`the Telephone Industry 7.1 (1987).
`5. Id.
`
`Epic Games Ex. 1017
`Page 4
`
`
`
`20
`
`FEDERAL COMMUNICATIONS LAW JOURNAL [Vol. 41
`
`These may take the form of proprietary systems or they may be
`noncommercial systems operating among computer users who share
`special interests. These noncommercial systems may [or may not]
`involve fees covering operating costs and may require special “pass
`words” which restrict entry to the system. These bulletin boards
`may be public or semi-public in nature, depending on the degree of
`privacy sought by users, operators or organizers of such systems.6
`Users of hobbyist systems are generally “recreational” computer
`users who use computers and modem communications as a
`hobby.7 Such users are akin to amateur ham radio and citizen
`band radio operators. In these hobbyist networks, BBS’s are
`provided and maintained by computer hobbyists out of their
`own personal resources. These individuals, who typically pro
`vide the BBS on their own stand-alone personal computer, are
`specifically known as sysops (systems operators). While access
`to some BBS’s may be free, some sysops require the payment of
`use fees. For instance, some sysops ask that users pay a charge
`for the system’s phone line. In addition to providing public do
`main software and “shareware” exchange, these systems gener
`ally provide free public and private e-mail exchanges to
`computer/modem-equipped members of local communities.8
`Some sophisticated systems, such as the ProLine system written
`for Apple II computers, also provide users with personal user
`directory areas. Such systems allow users to maintain personal
`
`6. S. Rep. No. 541, 99th Cong., 2d Sess. 8-9, reprinted in 1986 U.S. Code
`Cong. & Admin. News 3555, 3562-63. Congress may have made a poor choice of
`words by broadly describing BBS’s as “communications networks.” Individual BBS’s
`may not be affiliated with an outside network system. They may merely take the form
`of individual stand-alone computers set up to take incoming modem telephone calls
`from users. However, by using the term “network,” Congress may merely have been
`trying to indicate its knowledge that users can “network” together when calling a
`single BBS.
`7. See S. Dick, Towards a Rational Private Policy For Recreational Telecomput
`ing (Sept. 1, 1988) (unpublished Michigan State University Mass Media Ph.D. Pro
`gram paper).
`8. In the legal sense, public domain software is computer software in which its
`author does not claim a copyright. However, in the common jargon of computer
`users, “public domain” also means a free form of distribution of software which may
`or may not be copyrighted. For instance, some software copyright owners may retain
`a copyright to the software, but give free licenses to interested users to copy and dis
`tribute copies of the software. “Shareware” is the term used to denote the distribution
`of computer software according to a unique marketing concept: a user may freely
`download the software from the host BBS computer to his personal computer, try out
`the software, and if he likes the software or continues to use it, must pay a registration
`fee to the software author or publisher.
`
`Epic Games Ex. 1017
`Page 5
`
`
`
`Number 1]
`
`ONLINE COMPUTER PRIVACY
`
`21
`
`files in their own directory, a feature similar to the CompuServe
`personal file areas.9
`Augmenting the single stand-alone BBS’s are the various
`cooperative and research networks that link network-affiliated
`BBS’s or other online systems or services. This networking is
`often conducted with the assistance of business, government,
`and university mainframe computers through the use of sophisti
`cated routing networks. Examples of such networks include
`ARP A, Internet, UUCP, USENET, BITNET, FIDO, OPUS,
`and ProLine. These networks utilize computer automation and
`sophisticated message-addressing instructions to link computers
`via common carrier telephone lines. Through such systems,
`users of different systems may exchange private e-mail. More
`over, these systems allow publicly “posted” messages to be ex
`changed in national, and often worldwide, conference
`discussions. Given the proper address-routing instructions, a
`user may communicate with another user on a crosstown BBS or
`on a BBS in another part of the country. For instance, in net
`works like FIDO and OPUS, messages may be echoed in echo
`conferences along the network.10 Although the use of routing
`networks involved in echoing creates some delay, such networks
`help reduce or eliminate a computer hobbyist’s need to make
`direct toll or long distance telephone calls to faraway systems
`and his having to pay subscription fees for the use of a commer
`cial online communications service.
`
`9. A CompuServe user has his own personal file area where he may privately
`keep his own personal electronic files. See CompuServe Information Service
`Users Guide 4-25 to 4-27 (1985). This feature is very useful for people who travel or
`who are constantly away from their regular computer systems. For instance, a re
`porter, writer, or businessperson away from home can simply connect with Com
`puServe through his laptop computer and upload an electronic document or file to his
`personal file area on CompuServe. Upon return home, he may simply download the
`document or file for more permanent storage on his regular computer system. Users
`of the ProLlne system now have an identical capability through use of that system’s
`personal directory areas.
`10. “Echoing” is a process by which message traffic contained in an echo confer
`ence is automatically uploaded to other BBS’s which are linked via an “echo mail”
`program. This feature allows users to call different systems, while still participating in
`the same echo conference. Depending on the toggles or flags set on particular
`messages, the echoed messages may be seen publicly along the network or only by a
`particular user. This is just one of the many different message distribution processes
`available. For a discussion of other distribution processes, see Quarterman & Hos
`kins, Notable Computer Networks, 29 Comm, of the ACM 932 (1986).
`
`Epic Games Ex. 1017
`Page 6
`
`
`
`22
`
`FEDERAL COMMUNICA TIONS LAW JOURNAL
`
`[Vol. 41
`
`Corporate systems and networks, unlike hobbyist systems,
`may provide complete private networks, private-line service be
`tween two points with no connection to the public telephone net
`work, and private branch exchanges handling computer calls
`within an organization. These systems may be privately-owned
`or leased facilities dedicated to the exclusive use of a company.
`“They may range from point-to-point telephone lines to nation
`wide switched voice and data systems.... Stations connected to
`the network may call one another without using public toll
`facilities.”11
`According to Huber,
`Private networks are used primarily by business and governmental
`customers whose telecommunications expenditures are $10 million
`or more annually. A private network consists of transmission facili
`ties, nodal switches, and other customer premises equipment con
`figured for the exclusive use of a single, geographically dispersed
`organization. The transmission facilities used in the network may,
`however, be provided largely or entirely by public (i.e. common)
`carriers, both local and interexchange. Many private networks rival
`public networks in their geographic scope and in the number of tele
`phones they serve.12
`Large corporations like AT&T, DEC, IBM, and Xerox
`have implemented internal computer communications networks
`in support of their business operations.13 “Many of these are just
`LAN [Local Area Networks] within particular buildings,
`although some are international or even intercontinental in
`scope. The administration and funding of such networks usually
`come from a single company and their users are mostly employ
`ees of that company.”14
`On a smaller scale, many businesses have also been turning
`to the use of computer BBS-type systems and BBS-type
`networking in order to increase productivity, reduce paperwork,
`improve client contact, and eliminate “telephone tag.”15 In
`
`11. W. Blyth & M. Blyth, Telecommunications: Concepts, Develop
`ment, and Management 89 (1985).
`12. P. Huber, supra note 3, at 3.45.
`13. Quarterman & Hoskins, supra note 9, at 933.
`14. Id.
`15. Keaveney, Custom-Built Bulletin Boards, Pers. Computing, Aug. 1987, at
`91. “Telephone tag” is a common office occurrence where a busy person in one office
`cannot reach another person in a different office by telephone. The original caller
`leaves a message asking that the other person call him back. When the other person
`returns the call, she may not be able to reach the original caller and she too leaves a
`
`Epic Games Ex. 1017
`Page 7
`
`
`
`Number 1]
`
`ONLINE COMPUTER PRIVACY
`
`23
`
`some cases, such computer communications systems may also be
`networked with corporate or cooperative networks.
`In addition to the three system categories of commercial,
`hobbyist, and corporate networks, another facet of the computer
`communications environment is the use of gateways. Gateways
`consist of either network routing addresses or specific services
`that connect separate hobbyist networks with commercial and
`corporate systems and networks. In many cases, this computer
`interconnectivity allows the sending of e-mail across “network
`boundaries.”16 On commercial systems, gateways typically al
`low a subscriber to cross over from the host system to another
`commercial system’s database without breaking the login con
`nection to call the other system directly. “Together, these net
`works form a metanetwork (sometimes called Worldnet) that is
`used daily by many communities of interest throughout the
`world.”17
`The pervasive use of computers for information transmis
`sion underscores the need for privacy. However, the complexity
`of the software, the networking schemes, and the actual use of
`computer communications means that any privacy protection
`must be both comprehensive and flexible. Privacy protection for
`computer communications must be comprehensive enough to
`cover the different types of computer communications, whether
`while in transmission, or while stored and waiting for retrieval
`by an intended recipient. The protection must also be flexible
`
`call-back message. An electronic mail system can eliminate this round robin. A voice
`mail system, as is being used in some companies, can also eliminate the problem. See
`TE&MSpecial Report Electronic/Voice Mail, Telephone Engineer & Mgmt, Sept
`I, 1987, at 57-81/
`16. Quarterman & Hoskins, supra note 9, at 941. Each network is self-contained.
`Fortunately, there are ways to interconnect different networks, i.e., to cross a “net
`work boundary” from one network to another. For example, in the case of electronic
`mail, one can send e-mail from from an ARFA Internet affiliated node to a mailbox on
`the MCI Mail service and vice versa using specific address routing instructions. See A.
`DeSchon & J. Postel, Mail Forwarding Between MCI-Mail and ARPA-Mail Using
`Intermail (Oct. 1985) (electronic document). Likewise, a CompuServe user can send
`e-mail to and receive e-mail from an MCI Mail user. See CompuServe Online Instruc
`tions (GO QAMCI) (electronic online instructions). However, some boundaries may
`not be crossed. For instance, one will find that although e-mail may be sent from a
`CompuServe mailbox to MCI Mail and then on to a mailbox on an ARP A Internet
`node, e-mail from an ARPA Internet node cannot be sent through MCI Mail to Com
`puServe unless there is special government or industry clearance.
`17. Quarterman & Hoskins, supra note 9, at 932 (emphasis in original).
`
`Epic Games Ex. 1017
`Page 8
`
`
`
`24
`
`FEDERAL COMMUNICA TIONS LAW JOURNAL [Vol. 41
`
`enough to account for the practical aspects of maintaining and
`operating a computer communications system or network.
`
`II. Initial Criminal Procedure Conflict
`As the use of computer communications increases, law en
`forcement officials will more frequently seek criminal evidence
`stored as private e-mail or other data on commercial computer
`services and hobbyist BBS’s. For example, suppose that a com
`puter user calls up a computer communication system. Then, by
`using the e-mail function, he leaves a private message that can
`only be read by a particular intended recipient. The message is
`to inform the recipient of a conspiracy plan that would violate a
`federal or state criminal statute. Law enforcement obtains a tip
`about the criminal activity and learns that incriminating evi
`dence may be found on the computer system. What privacy pro
`tection should be afforded the incriminating e-mail?
`In 1982, such a situation actually occurred. A Detroit fed
`eral grand jury, investigating a million-dollar cocaine ring, is
`sued a subpoena ordering a commercial service, the Source, to
`hand over a private user’s data files.18 The files were easily ob
`tainable as they were routinely backed up by the sysop to guard
`against system crashes. The grand jury sought evidence to show
`that the cocaine ring had been using the Source as a communica
`tions base with which to send messages to members of the ring.
`Presumably, with such evidence the grand jury could have in
`dicted those suspected of participating in the cocaine ring. The
`Source refused to obey the subpoena, citing the right to privacy
`of the users. The prosecution, though, argued that since the files
`containing messages had already been duplicated by the service,
`the user’s expectation of privacy had been extinguished.19 A
`court battle ensued. However, before a ruling could be made,
`the kingpin of the cocaine ring entered a surprise preemptive
`guilty plea to federal drug trafficking charges and the case
`
`18. Meeks, Life at 300 Baud: Crime on the BBS Network, Profiles, Aug. 1986,
`at 12, 12-13.
`19. Another prosecution argument, although not reported by Meeks, would be
`that the Source could not vicariously assert a user’s privacy rights. According to the
`Supreme Court, fourth amendment rights are personal and can only be asserted by the
`person whose rights are invaded. Rakas v. Illinois, 439 U.S. 128, 133 (1978) (petition
`ers lacked standing to object to prosecution evidence of a rifle and shells seized by
`police during a search of an automobile in which petitioners were merely passengers).
`
`Epic Games Ex. 1017
`Page 9
`
`
`
`Number 1] ONLINE COMPUTER PRIVACY
`
`25
`
`against the Source was discontinued.20
`Publicly posted messages and other public material found
`on an online system or service may be retrieved easily by law
`enforcement. For example, a police officer could use a modem-
`equipped computer to call into a local BBS or an online service
`and read publicly posted messages on the system. There is, after
`all, no privacy interest in admittedly public material. It is the
`private material, such as e-mail, which requires protection if it is
`to remain private. In the above police enforcement example, the
`police would want the private e-mail, or other private files,
`transmitted between suspected criminals, on a particular online
`system. Both the system provider and the user, however, have
`an interest in privacy which conflicts with this objective. The
`service provider of the computer communications system has as
`sumed a role as keeper of transmitted private electronic
`messages, and generally does not want to turn over private data.
`Such actions might very well cause users to lose confidence in his
`system. Needless to say, the user also wishes to avoid invasions
`of his private electronic communications. Unfortunately, pre-
`ECPA privacy law did not provide much protection for either
`!
`party.
`
`IIL Inadequacy of Old Law
`Before ECPA, no adequate privacy protection for electronic
`communications existed. Previously, it was widely believed that
`*‘[a]ny law enforcement authority . . . [could] ... for example,
`confiscate a local BBS and examine all the message traffic,” in
`cluding private e-mail and other private files, contained
`thereon.21
`
`A. Pre-ECPA Case Law
`Very few pre-ECPA cases concern computer communica
`tions and fourth amendment constitutional problems. Most of
`the available cases arose with regard to disputes over the finan
`cial information found in bank and consumer credit database
`computers. In United States v. Davey,22 the court ruled that the
`
`20. Meeks, supra note 17, at 13.
`21. Id.
`22. United States v. Davey, 426 F.2d 842 (2d Cir. 1970) (IRS-issued summons
`
`Epic Games Ex. 1017
`Page 10
`
`
`
`26
`
`FEDERAL COMMUNICA TIONS LAW JOURNAL
`
`[Vol. 41
`
`federal government could require the production of relevant evi
`dence regardless of where it was stored.23 The form in which the
`information was kept and the manner in which it could be re
`trieved were held to be irrelevant, as long as the government
`paid the reasonable costs of retrieval.24
`In a California case, Burrows v. Superior Court,25 a deposi
`tor was found to have a reasonable expectation that a bank
`would maintain the confidentiality of both papers in check form
`originating from the depositor and the depositor’s bank state
`ments and records of those checks.26 27 27 Notably, however, in
`United States v. Miller21 the Supreme Court held that customer
`account records maintained on a bank’s computer were not the
`private papers of the bank customer.28 Thus, there was no
`fourth amendment privacy protection for the records and they
`could be subpoenaed directly from the bank.29
`While these three cases concern business and financial in
`formation, in contrast to the personal nature of e-mail found on
`computer systems such as CompuServe and hobbyist BBS’s, it is
`reasonable to assume that there would be little to legally prohibit
`police from gaining access to a user’s private records as well as
`his business records. For example, although under Burrows a
`user may have a reasonable belief that an online system would
`maintain the confidentiality of his private e-mail stored on the
`system, such material may be held not to be the private papers of
`the user under Miller. A fourth amendment privacy problem
`thus would not exist under the law.
`Additionally, a prosecutor would be able to take advantage
`of the fact that the provider or systems operator routinely dupli
`cates files for purposes of providing a back-up system. The user
`has no reasonable control of the duplicates under existing law.
`
`requiring a consumer credit corporation to produce certain credit reports of named
`individuals held valid).
`23. Id. at 844-45.
`24. Id.
`25. Burrows v. Superior Court, 13 Cal. 3d 238, 529 P.2d 590, 118 Cal. Rptr. 166
`(1974) (police detective illegally obtained photostatic copies of an attorney’s bank
`statements from attorney’s bank).
`26. Id. at 243, 529 P.2d at 593, 118 Cal. Rptr. at 169.
`27. United States v. Miller, 425; U.S. 435 (1976).
`28. Id. at 441-43.
`29. Id.
`
`Epic Games Ex. 1017
`Page 11
`
`
`
`Number 1]
`
`ONLINE COMPUTER PRIVACY
`
`27
`
`Unfortunately, the duplication and backup of computer data is a
`necessary safety precaution in case of power failure or magnetic
`destruction. All computer users know of this common prac
`tice.30 Yet many users believe that the duplicated data is simply
`stored and remains inaccessible for examination by others. The
`user’s subjective belief that his duplicated e-mail is private may
`arguably be seen as an objectively reasonable belief, thereby cre
`ating a constitutionally protected expectation of privacy under
`the fourth amendment.31
`However, despite these expectations of privacy, under pre-
`ECPA law the user himself was responsible for protecting his
`personal e-mail from privacy intrusions. User attempts at pro
`tection are almost always defeated, however, as the provider or
`operator of the service has ultimate control over the stored mate
`rial. The provider may easily examine all material on the sys
`tem. Thus, a legal knothole exists, through which an observer
`may lawfully observe all the user’s stored material, effectively
`excluding any reasonable expectation of privacy.32 The Justice
`Department itself noted this in a response to Senator Leahy’s
`questions over whether the pre-ECPA wiretap law was adequate
`to cover computer communications. As one Justice Department
`official noted, it was “not always clear or obvious” whether a
`reasonable expectation of privacy existed.33 Importantly, if there
`is no expectation of privacy there is no search, so the fourth
`amendment is not violated.
`
`B. Old Federal Wiretap Statutes
`Although e-mail might appear to come under the old Title
`18, section 2510(1) definition of the term “wire communica
`
`30. The common refrain among computer users, computer manufacturers, and
`software publishers is “back up your data.” Otherwise, a user may suffer an irretriev
`able loss of information or software. The magnetic media, e.g., diskette, hard drive, or
`ramdisk, may encounter many problems, such as power surges, which cause data to
`be lost.
`31. For there to be a constitutionally protected expectation of privacy under the
`fourth amendment, a person’s subjective privacy expectation must be seen as objec
`tively reasonable. Katz v. United States, 389 U.S. 347, 360-62 (1967) (Harlan, 1,
`concurring).
`32. California v. Ciraolo, 476 U.S. 207, 219 (1986) (“[I]f there is an opening, the
`police may look.”).
`33. S. Rep. No. 541, 99th Cong., 2d Sess. 4, reprinted in 1986 U.S. Code Cong.
`& Admin. News 3555, 3558.
`
`Epic Games Ex. 1017
`Page 12
`
`
`
`28
`
`FEDERAL COMMUNICA TIONS LAW JOURNAL [Vol. 41
`
`tion,” the term in that statute was limited to audio transmissions
`by wire or cable.34 The prior section 2510(4), which applied to
`unlawful interception of “any wire or oral” communications, re
`quired that there be a human voice involved in the transmission
`which could be heard as in normal non-telephonic voice conver
`sations.35 A question thus arose as to whether an electronic
`communication could be intelligibly heard by the human ear.
`Data transmissions over telephone lines generally sound like
`unintelligible noisy static or high pitched tones.36 This fact con
`tributed to uncertainty over whether e-mail and other forms of
`electronic communications were protected by the old statutes.
`Importantly, the old statutes also failed to provide for pro
`tection of a communication after completion of its transmission
`and subsequent storage on a computer. Only communications in
`transmission were protected.37 This is understandable in that
`“[eighteen years ago . . . Congress could not appreciate—or in
`some cases even contemplate—-[today’s] telecommunications
`and computer technology.”38 Moreover, courts uniformly re
`jected attempts to read computer communications protection
`into the old federal wiretap statute or into existing state laws.
`This reluctance can be attributed to the judiciary’s belief that the
`legislatures should define the boundaries in such a novel area.
`Congress itself recognized that the courts were “in no hurry to
`[update the law] and [that] some judges [were] openly asking
`Congress for help. . . . [F]ederal Appeals Court Judge Richard
`Posner in Chicago said Congress needed to revise current law,
`adding that ‘judges are not authorized to amend statutes even to
`bring them up-to-date.’ ”39 Thus, the stage was set for legisla-
`
`34. 18 U.S.C. § 2510(1) (1982).
`35. 18 U.S.C. §2510(4) (1982).
`36. Modem communications involves a process whereby the digital signals of a
`computer are converted into analog signals which can be transmitted over telephone
`lines. Once the signals are received at another computer, the signals are converted
`back into digital signals easily understood by the other computer. This modulation
`and demodulation process requires the use of a modem device as the interface between
`the computer and the telephone network. While the signals are on the telephone line,
`they sound like unintelligible static or high-pitched tones to the human ear. Only a
`computer equipped with a modem can understand the signals. See W. Blyth & M.
`Blyth, supra note 10, at 70, 306.
`37. 18 U.S.C. §§ 2510, 2511 (1982).
`38. 132 Cong. Rec. S7992 (daily ed. June 19, 1986) (statement of Sen. Leahy).
`39. Cohodas, Congress Races to Stay Ahead of Technology, 44 Cong. Q. Weekly
`Rep. 1233, 1233 (1986).
`
`Epic Games Ex. 1017
`Page 13
`
`
`
`Number 1] ONLINE COMPUTER PRIVACY
`
`29
`
`tive action in the area.
`
`IV. ECPA — The New Law
`On October 21, 1986, President Reagan signed the Elec
`tronic Communications Privacy Act of 1986 into law, thereby
`amending the federal wiretap law. ECPA created privacy pro
`tection against both interception of electronic communications
`while in transmissi