Theofel v. Farey-Jones

The Cyber Blog IndiaCase Summary

Liability for using an unlawful subpoena to gain access to emails stored by an internet service provider

Theofel v. Farey-Jones
359 F.3d 1066
In the United States Court of Appeals for the Ninth Circuit
Case Number 02-15742 and 03-15301
Before Circuit Judge Fletcher, Circuit Judge Kozinski, and Circuit Judge Trott
Decided on February 17, 2004

Relevancy of the Case: Liability for using an unlawful subpoena to gain access to emails stored by an internet service provider

Statutes and Provisions Involved

  • The Electronic Communications Privacy Act, 18 USC § 2701 (“ECPA”)
  • The Computer Fraud and Abuse Act, 18 USC § 1030 (“CFAA”)
  • The Federal Wiretapping Act, 18 USC § 2511, 2520

Relevant Facts of the Case

  • The defendant sought access to Integrated Capital Associates’ (ICA) emails in a litigation. The lawyer subpoenaed all emails sent or received by anyone at ICA without limitation of time and scope. The subpoena went to ICA’s internet service provider, NetGate.
  • NetGate, lacking legal representation, acknowledged the substantial volume of emails involved.
  • Instead of full compliance, it opted for a Baskin-Robbins approach and provided a free sample of 339 emails on its website. The defendant read these messages online without informing the opposing counsel.
  • Upon discovery, ICA officers requested the court to quash the subpoena and impose sanctions. Moreover, ICA employees, whose emails were read by the defendant, have filed a civil suit.

Prominent Arguments by the Counsels

  • The plaintiff’s counsel argued that NetGate’s authorisation was invalid due to the patently unlawful subpoena. The counsel claimed the violation of the Federal Wiretapping Act and the Computer Fraud and Abuse Act.
  • The defendant’s counsel submitted that the messages they read were not in electronic storage. Hence, the claim under ECPA is not maintainable. NetGate authorised their entry; therefore, any loss or damage suffered does not fall under the ambit of CFAA. The counsel relied on the Noerr-Pennington doctrine to claim immunity, which exempts public authorities from civil liability.

Opinion of the Bench

  • The defendant is not liable if the plaintiff authorised his entry, but an overt manifestation of assent or willingness will not be effective.
  • NetGate was unaware of the subpoena’s invalidity and thereby committed the mistake of invading privacy.
  • It is undisputed that an electronic communication service stores the messages on NetGate’s server after delivery.

Final Decision

  • The court dismissed the federal claims.

Yagyanseni Acharya, an undergraduate student at VIT School of Law, Chennai, prepared this case summary during her internship with The Cyber Blog India in January/February 2024.