Sunday, June 22, 2008

Case o' The Week: Bad Cops Make Good Law, Quon -- Fourth Amendment Privacy Interests in Text Content

Ever notice that cops behaving badly create the best defense decisions? For example, cops beat the daylights out of Rodney King, get convicted, and generate the Supreme Court's seminal case on sentencing departures. Koon v. United States, 518 U.S. 81 (1996). Prison guards terrorize inmates, are convicted, and generate the seminal decision on bail pending appeal. United States v. Garcia, 340 F.3d 1013 (9th Cir. 2003). And now, in Quon, a SWAT cop uses his work pager to send sexually-explicit texts (and lots of them), and generates the nation's leading decision on Fourth Amendment protections in digital content. Quon v. Arch Wireless, __ F.3d __, 2008 WL 2440559 (9th Cir. June 18, 2008), decision available here. Keep up the good work, Lads and Lassies in Blue.

Ribbing aside for a moment, Quon is an important and well-written decision that merits a very close read by anyone one interested in privacy issues, Fourth Amendment protections, and how those concerns play out in the new digital era.

Players: Another great decision by Judge Wardlaw, joined by Judge Pregerson and District Judge Ronald Leighton.

Facts: SWAT Cop Quon was given a pager by the City of Ontario, with an allotted number of characters. Id. at *1. He repeatedly exceeded his allotment and paid for the overages. Id. at *3. No one read the texts when this happened. Id. The cop in charge of the pager account got tired of billing Quon personally for the overages, so the Police Department got transcripts of Quon’s texts from service provider Arch Wireless. Id. at *3-*4. Turns out the texts included personal, sexually-explicit messages. Id. at *4. Quon and others to whom he texted and from whom we was texted sued Arch, the City, and police supervisors. Quon appealed (civil) Rule 59 motions from the federal district court. Id.

Issue(s): “Do users of text messaging services such as those provided by Arch Wireless have a reasonable expectation of privacy in their text messages stored on the service provider’s network?” Id. at *10.

Held: “We hold that they do.” Id. “[U]sers do have a reasonable expectation of privacy in the content of their text messages vis-a-vis the service provider.” Id. at *11.

Of Note: Quon is rich with holdings that will keep law reviews busy for years. Judge Wardlaw pragmatically analogizes a text message (and, by extension, e-mail) to snail mail. The Fourth doesn’t protect the address on an envelope, but does protect the contents of the letter within. Id. Similarly, the “address” of a digital message (the phone number or e-mail address) is not protected by the Fourth, but the content of the message is. Id.

(Aside: OK, bring on the anonymous comments questioning why this snail mail analogy is apt in Quon, but the analogy of a computer to a briefcase is not persuasive in Giberson. I'll respond and explain. Here's a hint: in Quon, Judge Wardlaw correctly focuses on the privacy interest in content. In Giberson, Judge Wallace (incorrectly, in our view) focuses on the 'storage' aspect of a computer at the expense of many other characteristics of a computer that raise privacy concerns. Keep an eye out for the Giberson en banc petition).

Note also that it isn’t only the subscriber of the pager that has a privacy interest in Quon – so do the others who texted him and who received texts from him! Id. at *12 (holding that other plaintiffs who received and sent the texts had a Fourth Amendment privacy interest).

There are, admittedly, some caveats. Here, because of some fact-specific practices Quon wasn’t on notice that his texts would be read. He thus had an expectation of privacy. On different facts that expectation may not be the same. Nonetheless, Quon will be a cornerstone case for Fourth Amendment litigation in the digital age.

How to Use: Quon’s rule is that the content of messages – phone calls, letters, e-mails or texts – are protected by the Fourth Amendment. In Quon, the content was improperly obtained from the text/pager service provider. In another case, the content may be improperly obtained by a cop’s warrantless search of an iPhone, Blackberry, P.D.A., or pager, seized during an arrest.

(We think) the Fourth Amendment prohibits warrantless searches of electronic devices recovered from a person during an arrest. The Northern District of California's own Judge Illston so held in United States v. Park, 2007 WL 1521573 (N.D. Cal. May 23, 2008) (ord.). The reasoning of Quon proves her both correct, and prescient.

Our challenge after Quon is to push the definition of Fourth Amendment “content.” E-mails and pager text messages are protected content. Subject lines in e-mails should be considered content as well, and instant messages too. IP addresses and URLs? An IP address isn’t “content,” thanks to the poorly-reasoned Forrester decision. See blog here. But, as even Forrester concedes, a URL might be. Id.

For Further Reading: Those clever digital-privacy gurus at the Electronic Frontier Foundation nailed Quon as a Big Case the minute it hit the web. For Jennifer Grannick’s very thoughtful dissection of the decision – including its many holdings and broad implications – visit her post here. As Grannick astutely opines, “Wow.”

The decision itself relies heavily on a law review article, Orin S. Kerr, A User’s Guide to the Stored Communications Act, and a Legislator's Guide to Amending It, 72 GEO. WASH. L. REV. 1208, 1209-13 (2004). Professor Kerr has blogged the Quon decision here. As the good prof explains,

The reasoning [in Quon] is broad: It pretty clearly indicates that there is a default of a reasonable expectation of privacy in not only text messages but also e-mails. It also further cements the emerging content/non-content distinction that I have been expecting courts to grab on to for some sort of certainty in this area.


Id
.

Steven Kalar, Senior Litigator N.D. Cal. FPD. Website at www.ndcalfpd.org


.
.

Labels: , , ,

3 Comments:

Blogger Benjamin Wright said...

Steven: The Quon case may give employers incentive to broadcast multiple, repetitive privacy disclaimers. What do you think? --Ben http://hack-igations.blogspot.com/2008/06/employee-imtexte-mailvoicecomputerinter.html

Sunday, June 22, 2008 6:43:00 PM  
Anonymous Anonymous said...

Ben, I agree; the language discussed in your blog is likely, and soon. Notable, though, that there was a written policy here, and the Court credited the general practice over the policy.
From a criminal defense perspective, a far more likely situation is a defendant who purchases a service contract directly (instead of offered through an employer). In that event, the privacy interest would be even higher than that recognized in Quan.
- Steve Kalar

Sunday, June 22, 2008 7:48:00 PM  
Blogger Ptang said...

Web hosting companies might read the facts of the case and the outcome and worry that they could face liability in a situation where a customer wants to recover data generated by the customer's employee, like email (a situation that comes up all the time).

My opinion is that would not be a problem for the web host. Web hosting companies are not "communication services" like the phone company in this case. Web hosting companies are "remote computing" services, not "electronic communication services" as Arch was found to be in this case. The difference is discussed in this case at pages 7010-7011 and focuses on Arch's nature as a phone company, a much different business than web hosting.

Under the Stored Communication Act, an "electronic computing service" can only disclose data to the intended recipient. Conversely, a "remote computing" company (like a web host) can freely release any account data to the account holder (the City), regardless of whether the data is being used or created by another party (Quon).

So, if Arch was the City's internet service provider (website/email) and Quon was relaying emails through Arch's hosting service (not phone/cellular service), then Arch would have been in the clear.

Monday, June 23, 2008 11:13:00 PM  

Post a Comment

<< Home