PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Wiretap

To nobody’s surprise, my colleague and electronic surveillance law expert extraordinaire Orin Kerr at the VC beat everybody to the punch in announcing that the 1st Circuit reversed the panel in United States v. Councilman. As Kerr concisely explains the panel decision in an earlier post:

The Councilman case addresses an ambiguity in the line between the Wiretap Act and the Stored Communications Act. The question is, when is a file stored, and when is it in transit? This is a big question because on the Net communications are often at rest for very brief periods of time in the course of transmission, and the statutory text doesn’t make particularly clear whether access to a file that is at rest for a nanosecond is supposed to be covered by the Wiretap Act or the Stored Communications Act. Councilman involved an ISP employee who wrote and installed a computer program to scan incoming e-mail of the ISP’s customers; ISP employees would then read the e-mails and try to use them for the commercial advantage of the ISP. In a nutshell, the First Circuit held (by a vote of 2-1) that because the program scanned the e-mails while they were at rest for a nanosecond, the e-mails were in storage at that time and access to them was covered by the Stored Communication Act, not the Wiretap Act. Because Councilman had been indicted for violating the Wiretap Act, the Court affirmed the dismissal of Councilman’s indictment.

The 1st Circuit en banc reversed.  I’ll leave it to Orin to comment about the merits of the new en banc decision on the Wiretap Act and Stored Communications Act.  I’d like to focus on the opinion’s discussion of vagueness.  This was a criminal case.  The en banc court writes:

The vagueness doctrine bars enforcement of a statute whose terms are so vague that men of common intelligence must necessarily guess at its meaning and differ as to its application. . . .   Many statutes will have some inherent vagueness. . . . But a statute is unconstitutionally vague only if it prohibits . . . an act in terms so uncertain that persons of average intelligence would have no choice but to guess at its meaning and modes of application.  (internal quotations omitted).

The en banc court concludes that here a person of average intelligence would have adequate notice.

This seems like lip service to the vagueness doctrine.  What strikes me as interesting is that two judges in the 1st Circuit panel reached the opposite conclusion.  Does this mean that they are not people “of average intelligence”?   While I disagreed with the 1st Circuit panel’s prior decision in Councilman, the statute is very tricky and complicated on this point, and the judges were not morons for reaching the interpretation they did.  In fact, there were bills proposed in Congress to clarify the law after the Councilman panel decision came down.  Electronic surveillance law is very complicated, and before imposing criminal liability, the court should have more pause when recognizing the different ways the law might be interpreted.  It is my impression that this opinion is indicative of a general judicial reluctance to recognize vagueness arguments in criminal cases.  I don’t have stats to back me up, but I’ve rarely read many successful vagueness challenges.  If the law in this case isn’t vague, I wonder just how ridiculously ambiguous a statute must be to be vague.  Does it have to fool half the judges on a particular circuit?  I query whether the vagueness doctrine has any real meaning at all.

UPDATE: Orin Kerr at the VC has just posted his thoughts about the en banc decision.  Definitely worth reading.

* * * *

This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics. Professor Solove also posts at his blog at LinkedIn. His blog has more than 1 million followers.

Professor Solove is the organizer, along with Paul Schwartz, of the Privacy + Security Forum and International Privacy + Security Forum, annual events designed for seasoned professionals.

If you are interested in privacy and data security issues, there are many great ways Professor Solove can help you stay informed:
*
LinkedIn Influencer blog
*
Twitter
*
Newsletter

TeachPrivacy Ad Privacy Training Security Training 01