Privacy Claims Regarding Emails and Voicemail in the Private Workplace
1. Fourth Amendment Constitutional claims, applies to federal government
action (or thru agent of the federal government).
2. State law constitutional right to privacy claims, applies to state government
action (or thru agent of the state government). Cowles v. Alaska, 23 P.3d
1168 (Alaska 2001) (covertly recorded videotape of Cowles’s activities in the
UAF box office; plaintiff did not have an expectation of privacy at this time
and place that society should recognize as reasonable). But see, TBG
Insurance Serv. Corp. v. The Superior Court of Los Angeles County, 96 Cal.
App. 4th 443, 117 Cal. Rptr. 2d 155 (Cal.Ct.App.2002) (state law
constitutional privacy right existed for employee’s financial and other
personal information kept on company owned computer, but given
employee’s consent to his employer’s monitoring company-owned home
computer, employee had no reasonable expectation of privacy when using
home computer for personal matters).
3. Wiretap Act applies to private conduct.
THE WIRETAP ACT & ECPA.
Title III of the Omnibus Crime Control and Safe Streets Act of 1968, as amended by
the Electronic Communications Privacy Act of 1986, Pub. L. No. 99-508, 100 Stat.
1848 (1986) (“ECPA”), codified at 18 U.S.C. §§ 2510-2522 (“The Wiretap Act”).
In 1986, Title I of the ECPA amended the federal Wiretap Act, which previously had
addressed only interception of wire and oral communications, to also address
interception of electronic communications. See Pub.L.No.99-508, 100 Stat. 1848,
S.Rep. No.99-541, at 3 (1986), reprinted in 1986 U.S.C.C.A.N. 3555,3557, 18 U.S.C.
§§2510(12); 2511(1)(a); Konop v. Hawaiin Airlines, Inc., 302 F.3d 868, 874 (9th Cir.
At the same time, Title II of ECPA created the Stored Communications Act (“SCA”)
to cover access to stored communications and records. See Pub.L.No.99-508, 100
Stat. 1848; S.Rep.No. 99-541, at 3 (1986), reprinted in 1986 U.S.C.C.A.N.
3555,3557; 18 U.S.C. §2701(a); Konop, 302 F.3d. at 874.
The Wiretap Act and the SCA have also been amended by the Uniting and
Strengthening America by Providing Appropriate Tools Required to Intercept and
Obstruct Terrorism Act (USA PATRIOT Act), Pub.L.No. 107-56, 115 Stat. 272
(October 26, 2001).
The Wiretap Act generally prohibits the intentional “interception” of “wire, oral, or
electronic communications.” See 18 U.S.C. §2511(1).
Thus, courts adopt a two-part test for “e-mail violations” of the Wiretap Act:
(1) Was the communication an “electronic communication?” and,
(2) Was the communication “intercepted?”
The Ninth Circuit has called the intersection of SCA and the Wiretap Act as “a
complex, often convoluted area of the law.” United States v. Smith, 155 F.3d 1051,
1055 (9th Cir. 1998).
In Konop, the Ninth Circuit states: “ECPA was written prior to the advent of the
Internet and the World Wide Web. As a result, the existing statutory framework is
ill-suited to address modern forms of communication like Konop’s secure website.
Courts have struggled to analyze problems involving modern technology within the
confines of this statutory framework, often with unsatisfying results.” Konop, 302
F.3d at 874.
The Wiretap Act definition of electronic communications:
[A]ny transfer of signs, signals, writing, images,
sounds, data or intelligence of any nature
transmitted in whole or in part by a wire, radio,
electromagnetic, photoelectronic, or photooptical
system that affects interstate or foreign commerce.
18 U.S.C. § 2510(12).
In Konop, the Ninth Circuit held that information stored on a server and conveyed
from a private website to users clearly falls within the definition of “electronic
The Wiretap Act definition of “interception”:
[T]he aural or other acquisition of the contents of
any wire, electronic, or oral communication through
the use of any electronic, mechanical, or other
18 U.S.C. § 2510(4).
In Steve Jackson Games Inc. v. United States Secret Service, 36 F.3d 457 (5th Cir.
1994), Konop, and the Eleventh Circuit’s decision in United States v. Steiger,
1338 F.3d 1039 (11th Cir. 2003), the courts have recognized that “intercept” in the
context of electronic communications means “the acquisition of communication
contemporaneous with transmission.” Steve Jackson Games, 36 F.3d at 460,
Konop, 302 F.3d at 876, U.S. v. Steiger, 318 F.3d at 1048.
The courts noted that Congress amended the Wiretap act to cover interceptions of
electronic communications. Id. Specifically, the ECPA redefined the term “wire
communication” to include electronic storage of the communication, but omitted
reference to storage from its definition of “electronic communiction.” See 18
U.S.C. § 2510(1) (2000) (defining “wire communiction”); 18 U.S.C. § 2510(12)
(2000) (defining “electronic communiction”).
The courts found that this textual difference illustrates Congress’ intent that one
could “intercept” a wire communication in storage, but could not “intercept” a
similarly situated electronic communication.
However, the USA Patriot Act has further weakened the protection of “stored”
wire communications such as voice mail. The USA Patriot Act eliminates
“storage” from the definition of “wire communication.” See USA Patriot Act, §
209, 115 Stat. at 283.
The Konop court notes that “the purpose of the recent amendment [USA Patriot
Act] was to reduce protection of voice mail messages to the lower level of
protection provided by electronically stored communications.” Konop, 302 F.3d
at 878, citing H.R.Rep.107-236(I), at 158-59 (2001).
The Konop court states:
By eliminating storage from the definition of wire
communication, Congress essentially reinstated the pre-
ECPA definition of “intercept”---acquisition
contemporaneous with transmission—with respect to wire
communications. The purpose of the recent amendment
was to reduce protection of voice mail messages to the
lower level of protection provided other electronically
stored communications. When Congress passed the USA
Patriot Act, it was aware of the narrow definition courts
had given the term “intercept” with respect to electronic
communications, but chose not to change or modify that
definition. To the contrary, it modified the statute to make
the definition applicable to voice messages as well.
Congress, therefore, accepted and implicitly approved
judicial definition of “intercept” as acquisition
contemporaneous with transmission.
302 F.3d at 878.
Thus, for email and voicemail communications, to be “intercepted” in violation of
the Wiretap Act, the communications must be acquired during transmission, not
while they are in electronic storage.
Beyond all the above, there are three pertinent exceptions under the Federal
(1) For e-mail service providers, the “provider exception.” 18 U.S.C. §
2511(2)(a)(i)(2000). The provider exception authorizes access to those
providing wire or electronic communications services. Hence, if a company
provides employees with e-mail use from a company-owned system it should
be covered by this exception;
(2) Access accomplished in the ordinary course of business. 18 U.S.C. §
2510(5)(a). Under this exception, if an employer can justify the monitoring of
its employees’ communications with a business purpose, it should not be
liable under the Act; and
(2) The Consent exception. 18 U.S.C. § 2511(2)(d). Consent from one party is
all that is needed, but it must be explicit (can be notice of an employee
The 11th Circuit, in Steiger, notes that “very few seizures of electronic
communications from computers will constitute ‘interceptions.’” U.S. v. Steiger,
318 F.3d at 1050.
In a law review article, Jarrod J. White summarizes the situation aptly:
[T]here is only a narrow window during which an E-mail
interception may occur—the seconds or mili-seconds
before which a newly composed message is saved to any
temporary location following a send command. Therefore,
unless some type of automatic routing software is used (for
example, a duplicate of all of an employee’s messages are
automatically sent to the employer’s boss) interception of
E-mail within the prohibition of the [the Wiretap Act] is
Jarrod J. White, E-Mail @Work.com: Employer Monitoring of Employee E-Mail, 48
Ala.L.Rev. 1079, 1083 (1997).
The Stored Communications Act.
The Fifth, Ninth, and Eleventh Circuits have concluded that their reading of the
Wiretap Act “is consistent with the structure of ECPA, which created the SCA for
the express purpose of addressing ‘access to stored….electronic communications
and transactional records.’ See, U.S. v. Steiger, 318 F.3d at 1049.
The SCA creates criminal and civil penalties, but no exclusionary remedy, for
unauthorized access to a “facility through which an electronic communication is
provided” to “obtain, alter, or prevent authorized access to wire or electronic
communication while it is in electronic storage in such system.” 18 U.S.C. § 2702;
see also18 U.S.C. §§ 2701, 2708.
“Electronic communication service” is defined as “any service which provides users
thereof the ability to send or receive wire or electronic communications.” 18 U.S.C.
The SCA also generally prohibits an entity providing an electronic communication
service to the public from disclosing information absent an applicable exception.
See 18 U.S.C. § 2702.
Thus, the SCA clearly applies, for example, to information stored with a phone
company, Internet Service Provider (ISP), or electronic bulletin board system
In Steiger, the 11th Circuit held, however, that “the SCA does not appear to apply to
the source’s hacking into Steiger’s computer to download images and identifying
information stored on his hard-drive because there is no evidence to suggest that
Steiger’s computer maintained any “electronic communication service” as defined
in 18 U.S.C. § 2510(15).” U.S. v. Steiger, 318 F.3d at 1049. The Court did note,
however, that the “SCA may apply to the extent the source accessed and retrieved
any information stored with Steiger’s Internet service provider.” Id.
In Konop, the Ninth Circuit noted that SCA excepts from liability “conduct
authorized…by a user of that service with respect to a communication of or
intended for that user.” 18 U.S.C. § 2701(c)(2).
The Konop found that “the Wiretap Act and the SCA…allow intended recipients of
wire and electronic communications to authorize third parties to access those
communications.” Konop, 302 F.3d at 880. See also 18 U.S.C. § 2702(b)(1).
However, the Konop court reversed the district court and held that Hawaiian
Airlines had violated the SCA because the two pilots were not ‘users’ within the
meaning the SCA. Id.
The Ninth Circuit notes that the statute defines “user” as one who (1) uses the
service, and (2) is duly authorized to do so. 18 U.S.C. § 2701(c)(2). In Konop, the
appeals court could find no evidence that either of the two pilots had actually ‘used’
Konops website, and thus, could not authorize the employer to use Konop’s