What limitations and obligations does the Electronic Communications Privacy Act place upon an Internet service provider (“ISP”) when responding to a governmental subpoena, search warrant, or court order?

Question Presented

What limitations and obligations does the Electronic Communications Privacy Act place upon an Internet service provider (“ISP”) when responding to a governmental subpoena, search warrant, or court order?

Analysis

Subpoenas typically seek information that can be broadly grouped for analytical purposes into one or more of three broad categories: (1) customer information; (2) transactional information; and (3) the contents of electronic communications. Because the Electronic Communications Privacy Act makes important distinctions concerning a recipient’s duties and obligations depending on what type of entity is behind the subpoena and what type(s) of information is (or are) sought, the first challenge in responding to any subpoena is to characterize and classify accurately the type of subpoena that has been received and the information that it seeks.

The Background of the ECPA

The rights and duties of recipients of subpoenas for electronically transmitted information are governed by the Electronic Communications Privacy Act of 1986 (the “ECPA”). The ECPA updated existing federal antiwiretapping laws.[1] Title III was limited to wiretapping and was the primary federal law protecting personal and business communications in the United States.

By 1986, Congress had realized that Title III was outdated. The purpose of the ECPA was “to update and clarify federal privacy protections and standards in light of dramatic changes in new computer and telecommunications technologies.”[2] Congress believed that “the law must advance with the technology to ensure the continued vitality of the Fourth Amendment.”[3] Congress feared that absent congressional action privacy would “gradually erode as technology advances.”[4]

In 2001, Congress amended the ECPA in the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act (the “USA Patriot Act”)[5] In addition to clarifying certain provisions in the ECPA, the USA Patriot Act broadened a specific type of information an ISP is required to disclose when subpoenaed. While the USA Patriot Act is often thought of as expanding the government’s law enforcement powers in a variety of contexts, it has been the courts that have recently had the most significant impact in altering the level of protection the ECPA provides to electronic communications. Two recent cases, Theofel v. Farey-Jones and United States v. Councilman[6] are discussed below.

Most practitioners and many courts still frequently refer to Title III as either the Federal Wiretap Act or merely as Title III.[7] This nomenclature can be confusing because, with the 1986 amendments, the ECPA is now itself broken into three titles, Title I, Title II, and Title III. To avoid confusion going forward, this memorandum eschews the use of the term “Title III” to refer to the Federal Wiretap Act and instead uses the terms Title I and Title II to refer to specific sections of the ECPA. This memorandum does not discuss Title III of the ECPA in any detail because that section deals only with pen registers and trap and trace devices.

Requirements Under Title I of the ECPA

Title I of the ECPA (which is appropriately called the “Federal Wiretap Act”) addresses wiretapping. Prior to 1986, Title I covered only wire and oral communications. The 1986 amendments extended the coverage of Title I to “electronic communications” in addition to wire and oral communications.[8] Title I proscribes the intentional interception of any wire, oral, or electronic communication unless the intercept is authorized by a court order or one party to the conversation (who is not acting under color of state law) consents to the interception.[9]

Subject to certain exceptions, an electronic communication is:

Any transfer of signs, signals, writing, images, sounds, data, or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectronic or photooptical system that affects interstate or foreign commerce . . . . [10]

Put more simply, electronic communication means the “transfer” of information by any means other than sound waves from one point to another.[11] This definition is also used in Title II of the ECPA.

There are very strict requirements for the government to conduct a wiretap under Title I and thereby obtain access to the contents of “electronic communications” while such communications are in transit. [12] Under Title I, senior federal or state law enforcement officers must apply for a court order authorizing the wiretap. To obtain authorization the government must convince the court that there is probable cause to believe that the subject of the wiretap is engaging in criminal conduct.[13] Interestingly, a wiretap of “electronic communications” can be authorized to obtain evidence relating to any federal felony, whereas a “wire” or “oral” communication wiretap may only be authorized for evidence relating to a narrow set of enumerated felonies.[14]

Subpoenas for Stored Communications from Governmental Entities

Title II of the ECPA, 18 U.S.C. §§ 2701-11, is known as the “Stored Communications Act.” Title II is “modeled after the Right to Financial Privacy Act, 12 U.S.C. § 3401 et seq., to protect privacy interests in personal and proprietary information, while protecting the Government’s legitimate law enforcement needs.”[15]

Title II concerns unauthorized access to “stored” electronic communications. Interestingly, however, a definition for the term “stored” cannot be found anywhere in the ECPA. That omission can lead to much difficulty and potential confusion in interpreting the statute.

Section 2703 of the ECPA is the primary section governing the requirements for governmental access to stored communications. It is broken into subsections addressing access to:

• The “contents” of “electronic communications” in “electronic storage” held by providers of “electronic communications services” (§ 2703(a))
• The “contents” of “electronic communications” in a “remote computing service” (§ 2703(b)) and
• Records concerning customer use of either an “electronic communication service” or a “remote computing service” (§ 2703(c))

Before moving forward, it is important to examine the three main subsections of § 2703. Subsection (a) is entitled “contents of electronic communications in electronic storage.” That title makes it seem as if the subsection applies to electronic communications providers as well as providers of remote computing services. By its terms, however, § 2703(a) is strictly limited to providers of “electronic communications services” and it does not apply to “remote computing services” providers. Thus, one way to look at subsections (a) and (b) is that while both concern the “content” of electronic communications, subsection (a) addresses content held in the possession of electronic communications services providers and subsection (b) addresses content held by providers of remote computing services. While that is a sensible reading of the organizational structure of the statute, there are two problems with that interpretation.

An “electronic communications service” is “any service which provides to users thereof the ability to send or receive wire or electronic communications.”[16] ISPs, because they typically provide the ability to send and receive electronic mail, qualify as providers of electronic communications services.[17] Any networked business can also qualify as a provider of electronic communications services if it provides the ability to send and receive e-mail.

The first problem in interpreting the statute is that subsection (a) does not address all “contents” of electronic communications. Rather, it concerns only contents that are in “electronic storage.” Electronic storage means:

(A) any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof; and

(B) any storage of such communication by an electronic communication service for purposes of backup protection of such communication.[18]

Thus, the term “electronic storage” is much more narrowly defined than one might imagine. Instead of meaning any communication stored in electronic form, the term is limited to cover only “temporary, intermediate storage of . . . [an] electronic communication [that is] incidental to the . . . transmission thereof” as well as communications stored for backup purposes. The United States Department of Justice interprets this to mean “unopened electronic mail.” The theory is that the storage of unopened electronic mail is both temporary and merely incidental to its transmission. The “meat space” analogy is the Post Office holding unopened mail for someone in a post office box.

The Justice Department’s view is certainly one possible interpretation. However, Congress knew what electronic mail was back in 1986 and repeatedly discussed it in the legislative history of the ECPA.[19] Had Congress intended § 2703(a) to apply only to unopened e-mail Congress could easily have been a bit more clear when drafting the statute.

For the Justice Department’s interpretation to work another nonobvious construction of the statute must also be made. That is that the moment someone allows a customer or employee to store opened electronic mail at the server level that entity instantly becomes a provider of “remote computing services.” Without that additional interpretation there would be a giant hole in the ECPA because no provision in the ECPA would cover opened electronic mail stored by an electronic communications services provider.

A “remote computing service” means “the provision to the public of computer storage or processing services by means of an electronic communications system.”[20] To understand what kind of entity Congress was trying to define, it is necessary to examine the legislative history and to think back to the computer industry of the mid-1980s.

In the mid 1980s, the computer industry was still dominated by large mainframe computers. Because not every company could afford a large mainframe computer, an industry grew up that was known alternately as the “time sharing” or “service bureau” industry. Large mainframe computers could be partitioned into multiple “virtual machines,” which gave users the impression that they had the system to themselves when in reality they were sharing system resources with many other users. One of the services offered by this industry was the ability to lease a portion of a large mainframe. To access these computers, users would dial in to the computer using either switched or leased lines. Electronic Data Systems was a classic example of this type of company.

The legislative history of the ECPA indicates that Congress was targeting the time sharing industry when it attempted to define “remote computing services.”

In the age of rapid computerization, a basic choice has faced the users of computer technology. That is, whether to process data in-house on the user’s own computer or on someone else’s equipment. Over the years, remote computer service companies have developed to provide sophisticated and convenient computing services to subscribers and customers from remote facilities. Today businesses of all sizes—hospitals, banks and many others—use remote computing services for computer processing. This processing can be done with the customer or subscriber using the facilities of the remote computing service in essentially a time sharing arrangement, or it can be accomplished by the service provider on the basis of information supplied by the subscriber or customer. Data is most often transmitted between these services and their customers by means of electronic communications.[21]

The Justice Department’s position is that the instant an ISP allows customers to store the contents of opened electronic mail at the ISP server level, that storage is no longer incidental to the transmission of the message. Rather, at that point the ISP is providing remote computer services because it is providing computer storage to the public. Therefore, the provisions of § 2703(b) apply.

The Justice Department’s interpretation of the ECPA is the most reasonable way to interpret this incredibly complex and poorly written statute.[22] While that interpretation does not square precisely with the plain language or organization of the statute, any other interpretation leads to complete confusion or serious gaps in the coverage of the ECPA. For that reason this memorandum concludes that § 2703(a) applies only to unopened electronic mail and that § 2703(b) applies to opened electronic mail and other types of content that might be stored by a provider of remote computing services.

Warrant Required for Unopened E-Mail Stored for 180 Days
or Less

Under § 2703(a), a governmental entity (state or federal) is permitted to compel a provider of “electronic communications services” to produce the contents of an “electronic communication” that has been in “electronic storage” for 180 days or less “only pursuant to a warrant issued under the Federal Rules of Criminal Procedure or equivalent State warrant.” This means that ISPs can be compelled by the government to produce the contents of unopened electronic mail messages that they have stored for 180 days or less only when presented with a valid search warrant.[23]

Subpoena with Customer Notice for Unopened E-Mail Stored for More than 180 Days and for Opened E-Mail and Other Stored Content

If the subject matter of a governmental subpoena concerns opened electronic mail, unopened electronic mail stored for more than 180 days, or any other type of stored “content,” a different and somewhat more complex set of rules applies.

If a governmental entity seeks to gain access to the contents of “electronic communications” stored by a provider of “electronic communications services” for more than 180 days, then the governmental agency must follow the procedures set forth in subparagraph (b) of § 2703.[24] Subparagraph (b) of § 2703 applies to “any electronic communication” held or maintained by a remote computing service “on behalf of, and received by means of electronic transmission from . . . a . . . customer of such remote computing service . . . solely for the purposes of providing storage or computer processing services to such . . . customer, if the provider is not authorized to access the contents of any such communications for purposes of providing any services other than providing storage or computer processing.”[25]

The government can gain access to the contents of electronic communications in a remote computing service in two ways:

1. (1) via a subpoena, providing the governmental entity gives prior notice to the subject of the subpoena or obtains a court order; or
2. (2) without prior notice if the governmental entity obtains a search warrant.[26]

Curiously, the statute is completely silent as to the form of the required notice and whether the governmental entity must provide proof or certify that notice has been given. Nevertheless, because an ISP faces potential civil liability for an unauthorized disclosure, it would presumably be within its rights to demand to see proof of subscriber notification before complying with a subpoena for opened electronic mail.[27]

ISPs are permitted to notify affected customers that they have received a subpoenas for their information (even though many governmental subpoenas admonish ISPs not to notify their customers). Section 2705 of the ECPA provides the only exception to this rule. That section allows governmental entities to apply for a court order commanding the ISP not to notify any other person, especially the subscriber, of the existence of the subpoena. A court is empowered to issue such an order if it determines “that there is reason to believe” that notification will (1) endanger someone; (2) cause the target to flee prosecution; (3) result in the destruction of or tampering with evidence; (4) lead to witness intimidation; or (5) otherwise seriously jeopardize an investigation or unduly delay a trial.[28]

Backup Preservation and Requirement to Preserve Evidence

The ECPA also contains a provision requiring ISPs to preserve specified records pending the issuance of a court order or other process.[29] Such records are required to be preserved for 90 days. That period can be extended an additional 90 days upon a renewed request by the governmental entity.[30]

Governmental entities can also request in their subpoenas that ISPs create a backup copy to preserve specified communications.[31] This is an alternative procedure (which cannot be challenged) that the government can use if it believes, in its sole discretion, that notification under § 2703 would result in the destruction of or tampering with evidence. This complex procedure is set forth below:

1. Acting pursuant to § 2703(b), a governmental entity may include in its subpoena or court order a demand to the ISP to create a backup copy of specified communications;
2. Without notifying the subscriber or customer of such subpoena or court order, an ISP must create a backup copy within two business days and give notice to the governmental entity that the backup has been performed.
3. Upon receipt of notice from the ISP that a backup copy has been made, the governmental entity must, within three days after receipt of such confirmation, give notice to the subscriber that it has subpoenaed the information, unless notice has been delayed pursuant to § 2705. This requires a court order delaying notice or, in the case of an administrative subpoena, written certification from a supervisory official of the need for delay. In both cases, a court order is necessary to prevent an ISP from thereafter notifying its customer of the subpoena.
4. ISPs must retain any backup copies created at governmental request until the later of the delivery of the information or the resolution of any proceedings concerning the government’s subpoena or court order.
5. The ISP may not release the information until 14 days after notice to the subscriber and then only if the ISP has not received notice from the subscriber of an intent to challenge the subpoena and an actual challenge has not been filed.[32]

Customers have 14 days after receipt of notice to move to quash the subpoena or vacate the court order.

Gaining Access to Subscriber Information and
Transactional Data

The ECPA makes important distinctions between the contents of stored communications and information pertaining to subscribers and their transactional data. A provider of electronic communications services has no obligation to keep “record[s] or other information pertaining to a subscriber” confidential.[33] Indeed, an ISP “may disclose a record or other information pertaining to a subscriber” or customer to any person other than a governmental entity.[34]

The ECPA does not define “records or other information pertaining to a subscriber.” The meaning of this term can only be deduced by process of elimination. Subscriber information and transactional records are not the same as the “contents” of a communication. As shown above, “contents” receive special protection under § 2702.[35]

Subsection (c) of § 2703 is entitled “records concerning electronic communication service or remote computing service.” Within subsection (c), however, Congress made something of a distinction between different types of “customer information” and “transactional records” that fall under this broad heading.[36] When a governmental entity desires access to a “record or other information pertaining to a subscriber or to [a] customer” (which we shall call “transactional records”) it must either:

• Obtain a warrant
• Obtain a court order (which can be issued only if the government presents “specific and articulable facts showing that there are reasons to believe the . . . [information sought is] relevant and material to an ongoing criminal investigation)
• Have the consent of the subscriber or
• Submit a formal written request indicating that the investigation concerns telemarketing fraud.[37]

Until late 1994, governmental entities could also use its subpoena power to access this kind of subscriber information for its own use.[38] However, when passing the Communications Assistance for Law Enforcement Act (“CALEA”) in October of 1994, Congress amended the ECPA and took the subpoena power for this type of information away from governmental entities.[39]

The legislative history of this amendment reveals that Congress recognized “that transactional records from on-line communication systems reveal more than telephone toll records or mail covers.”[40] Thus, the ECPA was amended to “eliminate[] the use of a subpoena by law enforcement to obtain from [ISPs] the addresses on electronic messages. In order for law enforcement to obtain such information, a court order is required.”[41] According to the legislative history, the “intent of raising the standard for access to transactional data is to guard against ‘fishing expeditions’ by law enforcement.’”[42]

The amendment imposes an “intermediate standard” of proof on the government to gain access to transactional information. This standard is less than the “probable cause” standard required to get a warrant, but more than the standard for a subpoena. “Under the intermediate standard, the court must find . . . that there are specific and articulable grounds to believe that the records are relevant and material to an ongoing criminal investigation.”[43] This standard is codified at 18 U.S.C. § 2703(d). Based on the plain language of this statute and its legislative history, it appears that the government does not have the power to obtain this type of information for its own use via either a court order or a subpoena in a civil case.

Nevertheless, Congress did give the government the power to subpoena a certain subset of customer information for the government’s own use:[44] Pursuant to 18 U.S.C. § 2703(c)(2), ISPs are required to disclose to governmental entities the following customer-related information upon receipt of a valid administrative, grand jury, or trial subpoena:

• Name and address
• Local and long-distance telephone connection records, or records of session times and durations
• Length of service of a subscriber
• The types of services the customer uses
• Telephone number or other subscriber number or identity
• Any temporarily assigned network address
• Means and source of payment for services, including credit card or bank account information.

This list should be viewed as an exhaustive list of the types of data that qualify as “customer information.”[45] Thus, “transactional records,” strictly by process of elimination, should be viewed as everything else about a customer not contained in the above list and that is not “content.” Examples of such information includes, but is certainly not limited to, addresses of Web sites visited by the customer and names and electronic mail addresses of individuals with whom the customer corresponds.[46]

Thus, the ECPA recognizes four types of communications/information and sets forth different rules for gaining access to each. These rules are summarized below.

SUMMARY OF RULES CONCERNING GOVERNMENTAL ACCESS

Type of Information	Rules Governing Governmental Access
Wiretap (content in transit)	High-ranking federal or state law enforcement official must apply for court order authorizing wiretap. Electronic communications may be intercepted for evidence of any federal felony (18 U.S.C. §§ 2516 and 2518). Probable cause standard of proof. For obvious reasons, neither the government nor the carrier are permitted to notify the customer.
Stored Content (content at rest in either open or unopened form)	Warrant required to gain access to all unopened e-mail (18 U.S.C. § 2703(a)). Subpoena with notice to customer required to gain access to unopened e-mail stored for more than 180 days. Subpoena or court order with notice to customer required to gain access to all opened e-mail; no notice to customer required if government obtains a search warrant (18 U.S.C. § 2703(b)).
Transactional Records	Court order based on showing of “articulable facts” pointing to criminal conduct required (18 U.S.C. §§ 2703(c)(1)(B), (d)).
Customer Information	Subpoena. Government not required to notify customer (18 U.S.C. § 2703(c)(1)(C).)

The foregoing has been prepared for the general information of clients and friends of the firm. It is not meant to provide legal advice with respect to any specific matter and should not be acted upon without professional counsel. If you have any questions or require any further information regarding these or other related matters, please contact your regular Nixon Peabody LLP representative. This material may be considered advertising under certain rules of professional conduct.

---

Notes

1. Pub. L. No. 99-508, 100 Stat. 1848 (1986), codified as amended , 18 U.S.C. §§ 2510-21 and 2701-11. The ECPA amended Title III of the Omnibus Crime Control and Safe Streets Act of 1968 (18 U.S.C. §§ 2510-13, 2515-20 and 47 U.S.C. § 605 (1982)
   [Back to reference]
2. S. Rep. No. 99-541, at 1 (1986), reprinted in 1986 U.S.C.C.A.N. 3555.
   [Back to reference]
3. Id.
   [Back to reference]
4. Id.
   [Back to reference]
5. Pub. L. No. 107-56, 115 Stat. 272.
   [Back to reference]
6. 359 F.3d 1066 (9th Cir. 2003) and 373 F.3d 197 (1st Cir. 2004), respectively.
   [Back to reference]
7. See Steve Jackson Games, Inc. v. United States Secret Service, 36 F.3d 457, 460 (5th Cir. 1994).
   [Back to reference]
8. 18 U.S.C. § 2510(12). Prior to the passage of the USA Patriot Act, Title I governed law enforcement access to unopened voice mail as a “stored wire communication” covered under § 2510(1). This resulted in the government needing a wiretap order, rather than a search warrant, to access voice mail held by a service provider. However, § 209 of the Patriot Act removed “electronic storage” from the definition of “wire communications” found in § 2510, and also added language to § 2703 of the Stored Communications Act to cover both stored wire and electronic communications. The result of the change is that stored wire communications, including voice mail, are now covered under the same rules as those governing stored electronic communications – namely those found in the Stored Communications Act.
   [Back to reference]
9. 18 U.S.C. §§ 2511(1)(a) and 2511(1)(d). Nearly every state also has laws prohibiting either “wiretapping” or electronic “eavesdropping.” While the laws can be quite complex, the fundamental distinction concerns the consent of the parties whose conversations are being monitored. Under Title I, it is legal to record or “intercept” a conversation so long as one party to the conversation (who is not acting under color of law) consents to the interception of the conversation. The majority of states have also adopted one-party consent wiretapping statutes. Many states, however, have anti-eavesdropping laws. These states require all parties to a conversation to consent before the conversation can lawfully be recorded or monitored. Whenever the term eavesdropping is used in a state statute it is usually a code word for an all-party consent jurisdiction.
   [Back to reference]
10. 18 U.S.C. § 2510(12).
    [Back to reference]
11. See United States v. Reyes, 922 F. Supp. 818, 836 (S.D.N.Y. 1996); 1986 U.S.C.A.N.N. at 3568 (“As a general rule, a communication is an electronic communication . . . if it is not carried by sound waves and cannot fairly be characterized as containing the human voice. . . . This term also includes electronic mail, digitized transmissions, and video teleconferences.”).
    [Back to reference]
12. A recent case in the First Circuit, however, nearly eviscerates Title I’s protection for electronic communications in transit. In United States v. Councilman, 373 F.3d 197 (1 st Cir. 2004), an Internet service provider employee wrote and installed a program to scan the incoming electronic mail of the ISP’s customers for certain keywords. Other ISP employees then read the selected e-mails before they were received by the ISP’s customers in an effort to gain a commercial advantage over the ISP’s competitors. Councilman, 373 F.3d at 199. The ISP employee who wrote the program was charged with conspiracy to violate 18 U.S.C. § 2511(a) of the Wiretap Act. The district court dismissed the indictment, however, and a three-judge panel of the First Circuit affirmed. The First Circuit held that because the electronic mails were intercepted in the random access memory of the ISP’s computer system, they were held in temporary electronic storage, and therefore not in transit and not covered by the Wiretap Act. Id. at 202. Thus, under Councilman the level of protection an electronic mail receives depends on whether the message is in transit between intermediate servers, or merely stopped for a nanosecond on one of those servers. In addition, t he Department of Justice could install a program (such as the newly developed Carnivore) with at most only a search warrant, and the FBI would no longer need a search warrant if the owner of a computer where Carnivore is installed consents to the installation, and that owner is a University or business (other than an ISP). Whether Councilman will remain the law in the First Circuit is unclear at this time, as the First Circuit has agreed to rehear the case en banc.
    [Back to reference]
13. 18 U.S.C. §§ 2516 and 2518.
    [Back to reference]
14. Id. Section 202 of the USA Patriot Act amended the set of enumerated felonies to include felony violations of the Computer Fraud and Abuse Act (18 U.S.C. § 1030).
    [Back to reference]
15. 1986 U.S.C.C.A.N. at 3557. There are a variety of other (somewhat conflicting) statutes addressing personal privacy in the electronic age. See, e.g., The Foreign Intelligence Surveillance Act (“FISA”) of 1978, 50 U.S.C. §§ 1801-11, 18 U.S.C. § 2511, and 18 U.S.C. § 2518-19 (FISA is confined to surveillance in national security cases); The Communications Assistance for Law Enforcement Act (“CALEA”), 47 U.S.C. § 1001-1010 (requiring telephone companies to cooperate with law enforcement); The Video Privacy Protection Act of 1988, 18 U.S.C. §§ 2710-11 (addressing the disclosure of video rental records); and the Cable Communications Policy Act of 1984, Pub. L. No. 98-549, 98 Stat. 2779 (prohibiting cable operators from disclosing customers’ viewing records) (codified in various sections of 15, 18, 46, 47 and 50 U.S.C.). Section 211 of the USA Patriot Act amended title 47, section 551(c)(2)(D) of the Cable Communications Policy Act to clarify that the ECPA, the wiretap statute and the trap and trace device statute, and not the Cable Communications Policy Act, govern disclosures of customer records that relate to telephone and internet services, regardless of whether or not a cable company provides both cable television and internet services.
    [Back to reference]
16. 18 U.S.C. § 2510(15).
    [Back to reference]
17. United States v. Hambrick, 55 F. Supp. 2d 504, 507 (W.D. Va. 1999); see also 1986 U.S.C.A.N.N. at 3568 (“Existing telephone companies and electronic mail companies are providers of electronic communications services. Other services like remote computing services may also provide electronic communications services”). As the legislative history implies, the categories of “electronic communications service” provider and “remote computing service” provider are not mutually exclusive. Entities can fall into one category for one purpose (i.e., transmitting e-mail) and another for other purposes (i.e., storing e-mail or other types of files or providing other types of services).
    [Back to reference]
18. 18 U.S.C. § 2510(17).
    [Back to reference]
19. 1986 U.S.C.A.N.N. at 3562.
    [Back to reference]
20. 18 U.S.C. § 2711(2).
    [Back to reference]
21. 1986 U.S.C.A.N.N. at 3564-65.
    [Back to reference]
22. The Ninth Circuit, however, held differently in Theofel v. Farey-Jones, 359 F.3d 1066 (9th Cir. 2003). In Theofel, the defendant’s lawyer in a commercial litigation case subpoenaed the plaintiff’s Internet service provider to produce “all copies of e-mails sent or received by anyone” at the plaintiff’s company. Id. at 1071. The subpoena was not limited as to time and scope, resulting in the lawyer reading messages that were personal and privileged. Id. As a result, employees of the plaintiff’s company sued the lawyer for violating the Stored Communications Act. The district court dismissed the Stored Communications Act claim on the grounds that the employees’ e-mails had not been in electronic storage because they were not being held incidental to their electronic transmission. Id. at 1072. The Ninth Circuit reversed, holding that the employees’ opened e-mails were still held in electronic storage because they were kept for purposes of backup protection, and therefore they were covered under 18 U.S.C. § 2510(17)(B). Id. at 1075. While the United States argued as amicus curiae against this interpretation of § 2510(17)(B), Theofel is currently controlling in the Ninth Circuit. The holding means that the government must get a search warrant in order to obtain the contents of any electronic communication that has been stored by an Internet service provider for less than 180 days.
    [Back to reference]
23. 1986 U.S.C.C.A.N at 3592.
    [Back to reference]
24. 18 U.S.C. § 2703(a).
    [Back to reference]
25. 18 U.S.C. § 2703(b)(2).
    [Back to reference]
26. 18 U.S.C. § 2703(b)(1)(A) & (B).
    [Back to reference]
27. Section 2707(e) provides that good faith eliance on a court warrant, order, or grand jury subpoena, is a complete defense to a civil action for damages for violating the Stored Communications Act through an unauthorized disclosure.
    [Back to reference]
28. 18 U.S.C. § 2705(b).
    [Back to reference]
29. 18 U.S.C. § 2703(f)(1).
    [Back to reference]
30. 18 U.S.C. § 2703(f)(2).
    [Back to reference]
31. 18 U.S.C. § 2704.
    [Back to reference]
32. 18 U.S.C. § 2704(a).
    [Back to reference]
33. 18 U.S.C. § 2703(c)(1)(A).
    [Back to reference]
34. Id.
    [Back to reference]
35. Under the ECPA, “contents” is defined as “any information concerning the substance, puport, or meaning of [a] communication.” 18 U.S.C. § 2510(8).
    [Back to reference]
36. The ECPA does not make this specific distinction. However, it is useful and far easier to refer to subscriber information that is not content-related as either “transactional records” or “customer information.”
    [Back to reference]
37. 18 U.S.C. § 2703(c)(1)(B)(i)-(iv).
    [Back to reference]
38. One of the great anomalies of the ECPA is that transactional records receive more protection than does opened electronic mail. This is purportedly the result of compromises made when the ECPA was amended in 1994.
    [Back to reference]
39. Pub. L. 103-414, H. Rep. No. 103-827, 1994 U.S.C.C.A.N. 3489, 3511 (1994).
    [Back to reference]
40. Id.
    [Back to reference]
41. Id.
    [Back to reference]
42. Id.
    [Back to reference]
43. Id. at 3511-12 (emphasis added).
    [Back to reference]
44. Some states require Internet service providers to notify customers when they receive civil subpoenas for this type of customer-related information. See, e.g., Va. Code Ann. 8.01-407.1(A)(3) (Michie Cum. Supp. 2003).
    [Back to reference]
45. The last two types of customer information were added with the 2001 USA Patriot Act amendments to the ECPA. When a customer uses a credit card to pay for Internet access, that account information is now properly subject to subpoena. However, when a credit card is used to buy other goods or services, that credit card number is considered transactional information, not basic customer information , and it may only be obtained through a court order under 18 U.S.C. 2703(d). Furthermore, there is some uncertainty as to whether or not the government may use a subpoena to access a customers dynamically assigned IP addresses, as the statute only requires production of “temporarily assigned network addresses.”
    [Back to reference]
46. See Orin Kerr, Department of Justice, Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations , III.B, at 86-87 (2002), available at http://www.usdoj.gov/criminal/cybercrime/s&smanual2002.pdf.
    [Back to reference]