In a ruling handed down on December 14, 2010, the Sixth Circuit in United States v. Warshak held that a user of a third-party e-mail service has a reasonable expectation of privacy in the e-mails stored on the third-party’s servers. In the case, the government failed to obtain a search warrant based on probable cause before it compelled Warshak’s ISP to turn over his e-mail communications. The government argued that the Stored Communications Act of 1986 (SCA) permitted just such a warrantless search. In holding that Warshak had a reasonable expectation of privacy, the court struck that part of the SCA as unconstitutional.
Privacy issues such as those addressed by the Sixth Circuit in Warshak likely will continue to dominate the news in the coming year. As more individuals, companies, and governments communicate and store data in the cloud, both the technological and legal privacy and security of that data will be tested. And as the Warshak case demonstrates, federal statutes drafted decades ago — or even mere years ago —cannot be reasonably be interpreted in light of the current state of online data storage and communication. At its base, the privacy issue in Warshak is no different than traditional forms of private communication, which the Sixth Circuit correctly reasoned. In 1986, however, it was not so simple to draw the analogy between electronically stored communications and regular mail. Legislators are not often elected for their ability to understand how technological changes will effect current legislation.
Legislation aimed at regulating, or otherwise affecting, technological change is almost always going to be outdated shortly after it is passed. This is not necessarily because we do not have bright, technologically savvy legislators drafting these laws. Rather, it likely has more to do with the fact that our brand of democracy results in a government that often is slow to respond. To effectively mitigate privacy and security risks, reliance on the government for protection is not a wise strategy. The best protection will result from carefully considered, contractual provisions that include in the balance of equities the privacy and security risks individuals and organizations face when entering the cloud.
About the author
Andrew Martin:
As an associate attorney with extensive prior experience advising information technology start-ups, Andrew’s practice focuses on finding solutions for his clients’ intellectual property issues. Due to his extensive experience in the software and technology industries, Andrew understands both the practical and legal issues involved in IP licensing agreements and disputes. In addition to licensing, Andrew helps his clients find new ways to use existing technologies to assist his clients in areas such as data privacy compliance. Andrew uses his diverse background which includes founding a record label and working for a world-wide concert promoter when counseling the firm’s entertainment clients.
Get in touch: amartin@scottandscottllp.com | 800.596.6176