8/28. The U.S. Court of Appeals (9thCir) issued its opinion [15 pages in PDF] in Theofel v. Farey-Jones, a case regarding Rule 45 subpoenas (which are essentially issued by the litigants' attorneys) which are directed to internet service providers. The Appeals Court held that overbroad subpoenas for e-mail messages may give rise to a private right of action under the Stored Communications Act or the Computer Fraud and Abuse Act (but not the Wiretap Act). This opinion should serve as a cautionary warning to aggressive attorneys who serve Rule 45 subpoenas on ISPs, or other non-party entities that hold stored electronic records. The opinion does not address subpoenas obtained under Section 512(h) of the Digital Millennium Copyright Act (DMCA); but, the analysis of the Court could be extended to these subpoenas as well.

Background. This case arose out of earlier civil litigation in New York between two officers of Integrated Capital Associates (ICA), Douglas Wolf and Richard Buckingham, and Alwyn Farey-Jones. Farey-Jones' lawyer in the New York litigation was Iryna Kwasny.

Farey-Jones told Kwasny to subpoena ICA's internet service provider (ISP), NetGate, for e-mail. Kwasny served a subpoena, pursuant to FRCP 45, on NetGate that ordered production of "[a]ll copies of emails sent or received by anyone" at ICA, without limitation as to time or scope. Kwasny provided no notice to ICA. NetGate, which was not represented by counsel, partially complied by producing a sample of such e-mail. Much of it was unrelated to the litigation, and personal or privileged.

Federal Rules of Civil Procedure (FRCP) 45(a) provides that "The clerk shall issue a subpoena, signed but otherwise in blank, to a party requesting it, who shall complete it before service. An attorney as officer of the court may also issue and sign a subpoena on behalf of (A) a court in which the attorney is authorized to practice ..."

Rule 45(c) provides that "A party or an attorney responsible for the issuance and service of a subpoena shall take reasonable steps to avoid imposing undue burden or expense on a person subject to that subpoena."

When Wolf and Buckingham learned of the subpoena, and production, they moved to quash the subpoena, and for sanctions. The District Court in New York found that "the subpoena, on its face, was massively overbroad" and "patently unlawful," that it "transparently and egregiously" violated the FRCP. The District Court also found "bad faith" and "at least gross negligence in the crafting of the subpoena." The Court quashed the subpoena, and sanctioned Kwasny and Farey-Jones over $9000. Then, the present litigation began.

District Court. George Theofel, who was one of the persons whose e-mail was given to Kwasny and Farey-Jones, and other employees and officers of ICA, whose e-mail was produced, filed a complaint in U.S. District Court (NDCal) against Farey-Jones and Kwasny alleging violation of the Stored Communications Act, 18 U.S.C. § 2701 et seq., the Wiretap Act, 18 U.S.C. § 2511 et seq., the Computer Fraud and Abuse Act, 18 U.S.C. § 1030, and various state laws. The District Court dismissed the federal claims, and then declined to exercise jurisdiction over the the state law claims.

Appeals Court. Judge Alex Kozinski wrote the opinion for the unanimous three judge panel, reversing in part, affirming in part, and remanding. The Court reversed the dismissal of the Stored Communications Act (SCA) claim, affirmed the dismissal of the Wiretap Act claim, affirmed the dismissal of the Computer Fraud and Abuse Act (CFAA) claim, but allowed plaintiffs leave to amend, and instructed the District Court that since some of the federal claims are restored, it should also exercise jurisdiction over the related state law claims.

Stored Communications Act. First, the Court of Appeals addressed the Stored Communications Act. It provides, at 18 U.S.C. § 2701, that whoever "intentionally accesses without authorization a facility through which an electronic communication service is provided ... and thereby obtains, alters, or prevents authorized access to a wire or electronic communication while it is in electronic storage", violates the Act. 18 U.S.C. § 2707 gives a private civil right of action to "any provider of electronic communication service, subscriber, or other person aggrieved by any violation".

The subpoenaing defendants defended on the grounds that the ISP, NetGate, had "authorized" the access to the e-mail. It had voluntarily provided them to the defendants.

While the District Court was persuaded by this argument, Judge Kozinski and his colleagues were not. He reasoned that the private right of action under the Stored Communications Act is in the nature of a tort action for trespass. Therefore, the Court will turn to definitions of terms found in the common law of tort.

The Court wrote that "Like the tort of trespass, the Stored Communications Act protects individuals' privacy and proprietary interests. The Act reflects Congress’s judgment that users have a legitimate interest in the confidentiality of communications in electronic storage at a communications facility. Just as trespass protects those who rent space from a commercial storage facility to hold sensitive documents, ... the Act protects users whose electronic communications are in electronic storage with an ISP or other electronic communications facility." (Citation omitted.)

The Court noted too that, just as the SCA provides that there is no liability if the access was "authorized", "A defendant is not liable for trespass if the plaintiff authorized his entry." But, the Court wrote that in the law of trespass, there is no authorization, despite an overt manifestation of consent, "if the defendant knew, or probably if he ought to have known in the exercise of reasonable care, that the plaintiff was mistaken as to the nature and quality of the invasion intended." That is, deceit can sometimes invalidate consent. (The Court's cited authorities on tort law were primarily Prosser and Keeton and the Restatement (Second) of Torts.)

The Court concluded that "Permission to access a stored communication does not constitute valid authorization if it would not defeat a trespass claim in analogous circumstances. Section 2701(c)(1) therefore provides no refuge for a defendant who procures consent by exploiting a known mistake that relates to the essential nature of his access."

The Court also offered a final word of caution to attorneys who use Rule 45 subpoenas. "The subpoena power is a substantial delegation of authority to private parties, and those who invoke it have a grave responsibility to ensure it is not abused. Informing the person served of his right to object is a good start, see Fed. R. Civ. P. 45(a)(1)(D), but it is no substitute for the exercise of independent judgment about the subpoena’s reasonableness. Fighting a subpoena in court is not cheap, and many may be cowed into compliance with even overbroad subpoenas, especially if they are not represented by counsel or have no personal interest at stake."

Wiretap Act. Next, the Court affirmed the dismissal of the Wiretap Act claim. 18 U.S.C. § 2511 provides that whoever "intentionally intercepts, endeavors to intercept, or procures any other person to intercept or endeavor to intercept, any wire, oral, or electronic communication" violates the Act. 18 U.S.C. § 2520 provides a private right of action.

The Court held that its 2002 opinion [39 pages in PDF] in Konop v. Hawaiian Airlines, published at 302 F.3d 868, is controlling. In that case the Court held that the Wiretap Act only applies to "acquisition contemporaneous with transmission", not to acquisition of stored communications. The defendants in the present case only acquired stored e-mail.

See also, TLJ story titled "9th Circuit Rules on Application of Wiretap Act and Stored Communications Act to Secure Web Sites", August 23, 2002, also published in TLJ Daily E-Mail Alert No. 498, August 26, 2002.

Computer Fraud and Abuse Act. Finally, the Court affirmed the dismissal of the CFAA claim, but reversed that portion of the District Court's order that denied the plaintiffs leave to amend.

The CFAA provides a private cause of action against whoever "intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains ... information from any protected computer if the conduct involved an interstate or foreign communication." See, 18 U.S.C. § 1030.

The District Court dismissed without leave to amend on the theory that the CFAA does not apply to unauthorized access of a third party's computer, and for failure to allege damages or loss. The Appeals Court held that "The district court erred by reading an ownership or control requirement into the Act."

It elaborated that "Nothing in the provision's language supports the district court’s restriction. Individuals other than the computer’s owner may be proximately harmed by unauthorized access, particularly if they have rights to data stored on it."

The defendants also argued that there was no violation of the CFAA because the ISP had authorized the access. The Appeals Court rejected this argument for the same reason that it rejected the same argument under the SCA claim.

Hence, the plaintiffs might ultimately amend, and prevail in, their CFAA claim.

Noerr-Pennington Doctrine. Finally, the defendants argued that they are immune from liability under the SCA, the Wiretap Act, and the CFAA, because they are protected by the Noerr Pennington doctrine, which, the Appeals Court stated, "exempts petitioning of public authorities from civil liability on First Amendment grounds".

The Court wrote that "We are skeptical that Noerr-Pennington applies at all to the type of conduct at issue. Subpoenaing private parties in connection with private commercial litigation bears little resemblance to the sort of governmental petitioning the doctrine is designed to protect. Nevertheless, assuming arguendo the defense is available, it fails. Noerr-Pennington does not protect ``objectively baseless´´ sham litigation."

Commentary: DMCA Subpoenas. This case is not about the DMCA. The Appeals Court opinion does not even reference the DMCA.

Nevertheless, it should be noted that 17 U.S.C. § 512(h) provides, in part, that "A copyright owner or a person authorized to act on the owner's behalf may request the clerk of any United States district court to issue a subpoena to a service provider for identification of an alleged infringer in accordance with this subsection." Subsection 512(h)(5) then provides, in part, that "Upon receipt of the issued subpoena, ... the service provider shall expeditiously disclose to the copyright owner or person authorized by the copyright owner the information required by the subpoena, notwithstanding any other provision of law and regardless of whether the service provider responds to the notification."

Section 512 subpoenas are issued by a court clerk, and must be supported by a sworn declaration. However, the clerk's role is largely ministerial. Subsection 512(h)(4) provides that "If the notification filed satisfies the provisions of subsection (c)(3)(A), the proposed subpoena is in proper form, and the accompanying declaration is properly executed, the clerk shall expeditiously issue and sign the proposed subpoena ...". Moreover, there is no requirement that notice be given to the alleged infringer, or anyone other than the clerk of the court, and the service provider.

Rule 45 subpoenas, like subpoenas issued by the District Court under Section 512, are both essentially drafted by the litigating attorneys, served upon non-party service providers, and seek information about subscribers (who may not be a party to any proceeding). While the ISPs are usually large entities, like Verizon, that are well represented by legal counsel, some ISPs are small, unrepresented, and like NetGate, apt to comply with an illegal subpoena because they are, as Judge Kozinski noted, "cowed into compliance with even overbroad subpoenas".

Hence, the reasoning of the Appeals Court in the Theofel case might also be extended to Section 512 subpoenas. And so, a subscriber of an ISP that provided stored communications information about that subscriber to the copyright holder, pursuant to a Section 512 subpoena that was egregiously overbroad, might assert a claim against the copyright holder for violation of the Stored Communications Act or the Computer Fraud and Abuse Act.

Of course, Section 512(f) already provides a private cause of action against copyright holders who "knowingly materially misrepresents ... that material or activity is infringing". But, the two remedies are different. Also, the SCA and CFAA remedies are broader. For example, the Section 512 requires knowledge, while the mental state in the Theofel case was "bad faith" and "at least gross negligence".

For more information on Section 512 subpoenas, see TLJ stories about the dispute between Verizon and the Recording Industry Association of America (RIAA). See, stories titled "RIAA Seeks to Enforce Subpoena to Identify Anonymous Infringer" in TLJ Daily E-Mail Alert No. 499, August 27, 2002; "Verizon and Privacy Groups Oppose RIAA Subpoena" in TLJ Daily E-Mail Alert No. 501, September 4, 2002; "District Court Rules DMCA Subpoenas Available for P2P Infringers" in TLJ Daily E-Mail Alert No. 588, January 22, 2003; "Law Professor Submits Apocalyptic Declaration in RIAA v. Verizon" in TLJ Daily E-Mail Alert No. 596, February 3, 2003; "DOJ Files Brief in Support of RIAA in Verizon Subpoena Matter" in TLJ Daily E-Mail Alert No. 646, April 22, 2002; "District Court Rules That A DMCA § 512(h) Subpoena for the Identity of an P2P Infringer Does not Violate the Constitution" in TLJ Daily E-Mail Alert No. 649, April 25, 2003; and "Court of Appeals Denies Stay in RIAA v. Verizon" in TLJ Daily E-Mail Alert No. 674, June 5, 2003. See also, TLJ story titled "Pacific Bell Internet Services Sues RIAA Over Infringer Subpoenas", July 30, 2003.

This case is George Theofel, et al. v. Alwyn Farey-Jones and Iryna Kwasny, Nos. 02-15742 and 03-1530, appeals from the U.S. District Court for the Northern District of California, D.C. No. CV-01-04166-MMC, Judge Maxine Chesney presiding.

8/28. The Federal Communications Commission's (FCC) Media Bureau (MB) announced a settlement period for the mutually exclusive Low Power FM (LPFM) new station applicants. The MB stated that "This universal settlement period is designed to facilitate the rapid licensing of new LPFM stations." See, FCC release [3 pages in PDF]. This settlement period applies to applications listed on Attachment A [6 pages in PDF].

On August 20, FCC Chairman Michael Powell announced a "Localism in Broadcasting Initiative". This speeding of licensing of LPFM stations is a part of that initiative. See, story titled "Powell Announces Localism in Broadcasting Initiative" in TLJ Daily E-Mail Alert No. 722, August 20, 2003. See also, FCC release on this initiative.

The FCC elaborated that "During this filing period, the Commission will waive Section 73.871 to permit settling applicants to file major change amendments specifying new FM channels. This limited waiver policy will allow settling applicants to use all available FM channels to resolve technical conflicts and obtain construction permits."

8/27. The Securities and Exchange Commission (SEC) criticized the state of Oklahoma for bringing criminal charges against MCI WorldCom. On August 27, Oklahoma charged WorldCom, Bernie Ebbers, Scott Sullivan, and other former employees of WorldCom by complaint [PDF] with felony violations of the Oklahoma Securities Act.

The SEC stated in a release that "Our goal and our hope is to coordinate federal and state enforcement actions in a manner that results in the most effective and efficient enforcement possible for violators of our securities laws. As such, we were disappointed that the SEC was not contacted by the Oklahoma Attorney General about the actions he announced today."

The SEC added that "We have closely coordinated our efforts with those of the United States Attorney's Office for the Southern District of New York, which has criminally charged five of WorldCom's former employees. We hope that the Oklahoma Attorney General's actions will not jeopardize the criminal cases being prosecuted by the U.S. Attorney's Office or the ongoing investigations."

8/28. The U.S. District Court (DC) issued an order [2 pages in PDF] in In Re Verizon Internet Services striking Doe's Motion to Expedite Hearing on Jane Doe's Motion to Stay. The Court summarized the proceeding. "On July 9, 2003, a subpoena was issued to Verizon Internet Services, Inc. by this Court. On August 7, 2003, Recording Industry Association of America ("RIAA") moved to enforce the subpoena. On August 21, 2003, intervenor applicant, Jane Doe ("Doe"), moved for leave to intervene, to stay the motion to enforce, and to expedite the hearing on her motion to stay." The Court noted that, in violation of the local rules, "Doe's motion to expedite the hearing was not accompanied by a proposed order nor any indication that RIAA was consulted."

8/28. The Boards of Directors of the Competitive Telecommunications Association (CompTel) and the Association for Communications Enterprises (ASCENT) announced that they have approved the proposed merger of the two groups. The merger still requires approval of the memberships. See, CompTel release.

8/28. The Department of Justice's Antitrust Division published a short document titled "An Antitrust Primer for Federal Law Enforcement Personnel". This document provides "federal law enforcement personnel with a quick overview of antitrust conspiracies that constitute felony violations of federal law".

8/28. The Federal Communications Commission (FCC) announced that it is seeking nominations for membership on its Intergovernmental Advisory Committee (IAC), which was previously known as the Local and State Government Advisory Committee. The FCC stated that this Committee provides "ongoing advice and information to the Commission on a broad range of telecommunications issues of interest to state, local and tribal governments, including cable and local franchising, public rights-of-way, facilities siting, universal service, broadband access, barriers to competitive entry, and public safety communications, for which the Commission explicitly or inherently shares responsibility or administration with local, county, state, or tribal governments." The deadline to submit nominations is September 29, 2003. See, FCC release [1 page in PDF] and FCC notice [3 pages in PDF].

8/26. The Office of the U.S. Trade Representative (USTR) released a document [9 pages in PDF] titled "U.S. Comments on Chairman's Cancun Ministerial Text: General Council Discussion". The 5th World Trade Organization (WTO) Ministerial Conference will be held in Cancún, Mexico on September 10-14, 2003, to discuss the Doha Development Agenda. See, WTO's Cancun web site.

Deadline to submit comments to the National Institute of Standards and Technology (NIST) regarding its second public draft [62 pages in PDF] of its publication titled "Guide for the Security Certification and Accreditation of Federal Information Systems". This is NIST Special Publication 800-37 authored by Ron Ross and Marianne Swanson. Comments may be submitted to sec-cert@nist.gov.

Labor Day. The FCC, USITC and other federal government agencies will be closed. The National Press Club will be closed.

9:30 AM. The Senate will return from its August recess. The Senate will begin consideration of HR 2660, the Labor/HHS and Education Appropriations bill.

The Treasury Department's and the Internal Revenue Service's (IRS) will hold a public meeting regarding their notice of proposed rulemaking (NPRM) regarding regulations that "affect certain taxpayers who participate in the transfer of stock pursuant to the exercise of incentive stock options and the exercise of options granted pursuant to an employee stock purchase plan (statutory options)." See, notice in the Federal Register, June 9, 2003, Vol. 68, No. 110, at Pages 34344 - 34370.

2:00 PM. The House will return from its August recess. Votes will be postponed until 6:30 PM.

POSTPONED. 1:00 PM. The House Commerce Committee's Subcommittee on Telecommunications and the Internet will hold a hearing titled "Digital Dividends and Other Proposals to Leverage Investment in Technology". The hearing will be webcast. See, notice. Location: Room 2123, Rayburn Building.

Deadline to submit comments to the Federal Communications Commission (FCC) in response to its notice of proposed rulemaking (NPRM) regarding making more spectrum available for unlicensed devices, including WiFi, in the 5 GHz band. See, stories titled "FCC Adopts NPRM to Increase Unlicensed Spectrum" in TLJ Daily E-Mail Alert No. 663, May 16, 2003; "FCC Releases NPRM Regarding Increasing Amount of Unlicensed Spectrum" in TLJ Daily E-Mail Alert No. 674, June 5, 2003, and "Delegates Discuss World Radiocommunications Conference" in TLJ Daily E-Mail Alert No. 703, July 22, 2003. See also, notice in the Federal Register, July 25, 2003, Vol. 68, No. 143, at Pages 44011 - 44020. This is ET Docket No. 03-122. The FCC adopted this NPRM on May 15, 2003, and released June 4, 2003.

10:00 AM. The House will meet for legislative business.

The Federal Communications Commission's (FCC) changes to its media ownership rules, announced on June 2, 2003, take effect. See, notice in the Federal Register that recites and describes the rules changes. See, Federal Register, August 5, 2003, Vol. 68, No. 150, at Pages 46285 - 46358.

9:00 AM. The House will meet for legislative business.

9:30 - 11:30 AM. The American Enterprise Institute (AEI) will host a seminar titled "The New World of E-Commerce Taxation". The speakers will be Michael Greve (AEI), Daniel Shaviro (NYU School of Law), and Kevin Hassett (AEI). See, notice. Location: 12th Floor, AEI, 1150 17th Street, NW.

Deadline to submit reply comments to the Federal Communications Commission (FCC) in response to its Notice of Inquiry [21 pages in PDF] in its proceeding titled "In the Matter of Inquiry Regarding Carrier Current Systems, including Broadband over Power Line Systems". See, notice in the Federal Register, May 23, 2003, Vol. 68, No. 100, at Pages 28182 - 28186. See also, story titled "FCC Announces NOI Regarding Broadband Over Powerlines" in TLJ Daily E-Mail Alert No. 628, April 24, 2003, and story titled "FCC Releases NOI on Broadband Over Power Lines" in TLJ Daily E-Mail Alert No. 656, May 7, 2003.This is ET Docket No. 03-104. For more information, contact Anh Wride at 202 418-0577 or anh.wride@fcc.gov.

12:00 NOON. Deadline to submit requests to testify orally at the September 18, 2003 hearing of the U.S. Trade Representative's (USTR) interagency Trade Policy Staff Committee (TPSC) to assist it in preparing its annual report to the Congress on the People's Republic of China's compliance with the commitments that it made in connection with its accession to the World Trade Organization (WTO). See, notice in the Federal Register, July 21, 2003, Vol. 68, No. 139, at Pages 43247 - 43248.

9:30 AM. The U.S. Court of Appeals (DCCir) will hear oral argument in Consumer Federation of America v. FCC, No. 02-1337. Judges Edwards, Randolph and Garland will preside. Location: 333 Constitution Ave. NW.

10:00 AM. The Supreme Court will hear oral argument in McConnell v. FEC, a constitutional challenge to the McCain Feingold campaign finance act. See, June 5, 2003 Order List [4 pages in PDF] at pages 3-4.

Deadline to submit reply comments to the Federal Communications Commision (FCC) in response to its notice of proposed rulemaking (NPRM) [7 pages in PDF] regarding the draft Nationwide Agreement [28 pages in PDF] of the FCC, the Advisory Council on Historic Preservation, and the National Conference of State Historic Preservation Officers, regarding undertakings for communications facilities, including communications towers and antennas, under the National Historic Preservation Act (NHPA). This proceeding is titled "In the matter of Nationwide Programmatic Agreement Regarding the Section 106 National Historic Preservation Act Review Process". It is WT Docket No. 03-128. For more information, contact Frank Stilwell at 202 418-1892 or fstilwel@fcc.gov. See, story titled "FCC Announces NPRM Regarding Communications Facilities and the National Historic Preservation Act" in TLJ Daily E-Mail Alert No. 677, June 10, 2003. See also, notice in the Federal Register, July 9, 2003, Vol. 68, No. 131, at Pages 40876 - 40887.

9:00 AM - 3:00 PM. The Executive Office of the President's (EOP) Office of Science and Technology Policy's (OSTP) President's Council of Advisors on Science and Technology (PCAST) will meet. The agenda includes (1) discussion of  the status of the work of its workforce education subcommittee, (2) discussion of the preliminary draft findings of its information technology manufacturing competitiveness subcommittee, and (3) a continuation of its discussion of nanotechnology and its review of the federal National Nanotechnology Initiative. See, notice in the Federal Register, August 27, 2003, Vol. 68, No. 166, at Pages 51577 - 51578. Location: Room 100 of the National Academy of Sciences Building, 500 5th Street, NW.

11:00 AM. The Cato Institute will host a panel discussion titled "Will Internet Telephony Bring about a Revolution in Telecom Policy?". The speakers will be Scott Marcus (Senior Advisor for Internet Technology at the FCC), Brad Ramsay (National Association of Regulatory Utility Commissioners), Link Hoewing (Verizon), Marilyn Cade (AT&T), and Jeff Pulver (Pulver.com). See, notice. Lunch will follow the program. Location: Cato, 1000 Massachusetts Ave., NW.