Ninth Circuit Holds Electronic Communications Privacy Act Protects Communications of Foreign Citizens
John Haley | Bloomberg Law
The U.S. Court of Appeals for the Ninth Circuit upheld a district court’s quashing of a petition for an order for Microsoft to produce the e-mails of an Indian citizen finding that protections of the Electronic Communications Privacy Act apply equally to U.S. citizens and non-citizens alike.
Plaintiff Seeks Foreign Citizen’s E-Mails
Suzlon Energy Ltd. filed a civil fraud suit against Rajagopalan Sridhar and others in the Federal Court of Australia. Suzlon wanted to use e-mails sent and received by Sridhar to support its case. The e-mails were stored on servers in the United States owned by Microsoft Corp. Suzlon filed suit against Microsoft, claiming that, under 28 U.S.C. § 1782, the company was required to produce documents to support the Australian litigation. The district court initially agreed, and granted Suzlon’s petition for production of the documents. Microsoft filed objections, which the court deemed a motion to quash. Sridhar, an Indian citizen, intervened, objecting to Suzlon’s request for his e-mails.
Microsoft and Sridhar argued that the documents sought must be discoverable in the foreign proceeding, and any subpoenas must comply with the Federal Rules of Civil Procedure. The district court rejected both claims, noting the district court’s production order provided specified procedures and therefore the Federal Rules of Civil Procedure did not apply.
Microsoft and Sridhar also argued that production of the emails would violate the Electronics Communication Privacy Act (“ECPA”). The district court agreed, holding that the law protects e-mails from disclosure and applies to foreign citizens as well as citizens of the United States. Suzlon appealed to the Ninth Circuit.
ECPA Applies to Foreign Citizens
The Ninth Circuit stated: “The threshold question in this case is whether the plain language of the ECPA extends to foreign citizens.” Suzlon at 18683.
In relevant part ECPA provides:
(a) Prohibitions — Except as provided in subsection (b) or (c)—
(1) a person or entity providing an electronic communication service to the public shall not knowingly divulge to any person or entity the contents of a communication while in electronic storage by that service; and
(2) a person or entity providing remote computing service to the public shall not knowingly divulge to any person or entity the contents of any communication which is carried or maintained on that service
(A) on behalf of, and received by means of electronic transmission from (or created by means of computer processing of communications received by means of electronic transmission from), a subscriber or customer of such service;
(B) solely for the purpose of providing storage or computer processing services to such subscriber or customer, if the provider is not authorized to access the contents of any such communications for purposes of providing any services other than storage or computer processing; and
(3) a provider of remote computing service or electronic communication service to the public shall not knowingly divulge a record or other information pertaining to a subscriber to or customer of such service (not including the contents of communications covered by paragraph (1) or (2)) to any governmental entity.
An “electronic communication service” is “any service which provides to users thereof the ability to send or receive wire or electronic communications.” 18 U.S.C. § 2510(15). A “user” as “any person or entity who — (A) uses an electronic communication service; and (B) is duly authorized by the provider of such service to engage in such use.” Id. at 18684 (quoting 18 U.S.C. § 2510(13) (emphasis added by the court)).
The court noted that the Ninth Circuit previously held that “ECPA limits § 1782 by making it illegal for an entity that provides an electronic communication service to the public to produce the contents of its stored communications.” Id. (citing Theofel v. Farey-Jones, 359 F.3d 1066 (9th Cir. 2004)). Therefore, the court considered whether the protections of ECPA apply to all persons, or only to U.S. citizens. This required the court to construe the term “any person,” as defined by ECPA.
The plain text of the statute applies to “any person” without qualification. “Any person means any person, including foreign citizens,” the court stated. Id. at 18685. The court also noted that the statute lists numerous exceptions to Section 2702(a), but lack of citizenship is not among them. Furthemore, the statute limits the definition of a “user” in two specific ways, but does not require U.S. citizenship. The court also took note of a D.C. Circuit court ruling holding that the term “any person” in the Freedom of Information Act (“FOIA”) does not refer only to U.S. citizens. Therefore, the court found that a reading of the statute as a whole suggests that Congress intended the term “any person” to include people who are not U.S. citizens.
Suzlon argued that Congress enacted ECPA out of concern for protecting the Fourth Amendment rights of American citizens and therefore intended to exclude foreigners. The court disagreed, finding that “to fully protect American citizens it might be necessary to extend the ECPA to all domestic communications,” and observing that “Suzlon’s restrictive reading of the ECPA would put email service providers in an untenable position.” Id. at 18687. Excluding non-U.S. citizens would require e-mail providers like Hotmail to determine if, and when, a user became a citizen, was a resident alien, or for another reason had Fourth Amendment protection, the court observed. “This would be a costly, fact-intensive, and difficult determination.” Id. Finally the court rejected the idea that ECPA protection does not apply to civil litigation. The court found the plain language of the statute, a reading of the statute as whole, and the legislative history all support the conclusion that ECPA unambiguously applies to foreign citizens.
No Implied Consent
Suzlon argued that Sridhar consented to disclosure of his e-mails because Australian law requires production of certain documents in litigation. The court found that this reasoning would not apply to Microsoft, and that Sridhar reasonably relied on his Hotmail service agreement which stated that his e-mails would be disclosed only according to U.S. law.
The court held that ECPA protects the domestic communications of non-citizens, that Sridhar did not consent to disclosure, and therefore affirmed denial of an order for the production of his e-mails.
This document and any discussions set forth herein are for informational purposes only, and should not be construed as legal advice, which has to be addressed to particular facts and circumstances involved in any given situation. Review or use of the document and any discussions does not create an attorney-client relationship with the author or publisher. To the extent that this document may contain suggested provisions, they will require modification to suit a particular transaction, jurisdiction or situation. Please consult with an attorney with the appropriate level of experience if you have any questions. Any tax information contained in the document or discussions is not intended to be used, and cannot be used, for purposes of avoiding penalties imposed under the United States Internal Revenue Code. Any opinions expressed are those of the author. Bloomberg Finance L.P. and its affiliated entities do not take responsibility for the content in this document or discussions and do not make any representation or warranty as to their completeness or accuracy.
©2011 Bloomberg Finance L.P. All rights reserved. Bloomberg Law Reports ® is a registered trademark and service mark of Bloomberg Finance L.P.