Law360 Guest Article: When Hacking an Email Account Doesn't Violate the SCA


​In October 2011, a California federal grand jury indicted Christopher Chaney for having “gained unauthorized access to the e-mail accounts of over 50 individuals,” including those of celebrities Christina Aguilera, Scarlett Johansson, and Mila Kunis. U.S. v. Chaney, No. 2:11-CR-00958-SJO, at 2 (C.D. Cal. Oct. 11, 2011). Hacked pictures that circulated on the Web gave the sordid affair instant tabloid notoriety. The 26-count indictment charged Chaney with aggravated identity theft under 18 U.S.C. 1028A and with violations of the Wiretap Act, 18 U.S.C. § 2511 (part of the Electronic Communications Privacy Act, “ECPA”), and of the Computer Fraud and Abuse Act, 18 U.S.C. § 1030 (“CFAA”).

Significantly, the U.S. attorney did not charge Chaney with violations of the Stored Communications Act, 18 U.S.C. §§ 2701–2711 (“SCA”), which Congress enacted in 1986 to protect the privacy of electronic communication — such as emails.[1] See Orin S. Kerr, A User’s Guide to the Stored Communications Act, and a Legislator’s Guide to Amending it, 72 Geo. Wash. L. Rev. 1208 (2004); see also H.R. Rep. No. 99-647, at 62 (1986) (noting that § 2701(a) “addresses the growing problem of unauthorized persons deliberately gaining access to, and sometimes tampering with, electronic or wire communications that are not intended to be available to the public.”). As the House report further noted, “a hacker may stumble across sensitive ... information, and in any event invades the privacy of those whose communications are stored.” Id. at 63. Congress clearly had Chaney and his likes in mind when it drafted the SCA.

Excerpted from Law360, December 11, 2013. To read the full article, click on the PDF linked below.

When Hacking an Email Account Doesn't Violate the SCA.pdf

Related Practices

Email Disclaimer