January 2, 2007

Unauthorized Visit to Clickwrap-Surrounded Web Site Does Not Violate Federal Law

Holland & Knight Newsletter
Trisha M. Rich

When a Web site tries to limit access only by means of a clickwrap contract, unauthorized visitors are not in violation of the federal law, according to a recent decision in the U.S. Court of Appeals for the Eleventh Circuit.   

In Snow v. DirecTV, Inc., et al., the plaintiff had created a Web site that he intended to serve as a “private support group” for individuals who “have been, are being, or will be sued by any Corporate entity.”  The Web site contained an electronic bulletin board that allowed Web site users to share messages with each other.  To gain access to the Web site, a user must register, create a password, and agree to the Web site’s terms and conditions, including the operator’s admonition that the site “expressly forbids access by DIRECTV and its agents.” 

The plaintiff brought suit against DIRECTV, Inc., two of the company’s outside law firms and a number of individual users, claiming that on multiple occasions DIRECTV employees and agents had accessed the bulletin board without authorization.  He originally filed suit in the United States District Court for the Middle District of Florida; that court ruled that personal jurisdiction was lacking under Florida’s long-arm statute and that the complaint failed to state a cause of action.  The district court reasoned that the Web site’s pages were not “in electronic storage,” and thus were not protected against unauthorized access under the language of the federal Stored Communications Act, 18 U.S.C.A. § 2701 et seq. The plaintiff appealed to the Eleventh Circuit.

While the Eleventh Circuit affirmed the lower court’s opinion, its reasoning took a different path.  The appeals court held that the plaintiff’s method of setting up his site did not take it out of the class of electronic communications that are deemed to be “readily accessible to the general public,” and therefore, are not subject to protection under the Stored Communications Act.  The Act provides:  “it shall not be unlawful … to intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public.” 

In reaching its holding, the Eleventh Circuit reasoned that the “legislative history and the statutory structure clearly show that Congress did not intend to criminalize or create civil liability for acts of individuals who ‘intercept’ or ‘access’ communications that are otherwise readily accessible by the general public.”  Because any member of the general public could register and gain access to the site, the appeals court held, it was “readily accessible to the general public,” regardless of the fact that some members of the public would necessarily have to violate the site’s terms and conditions in gaining access.  

The Ninth Circuit Court of Appeals had previously heard a similar case, Konop v. Hawaiian Airlines, Inc., in which a Web site had been set up to allow discussions between members of a labor union.  Unauthorized members of the employer group accessed the Web site, using employee names and passwords.  The Ninth Circuit held that the defendants were in violation of the Stored Communications Act.  The Eleventh Circuit, however, distinguished Konop from Snow, reasoning that in Konop, users were required to provide the name of an eligible employee, which was information that was not publicly available.  Because the plaintiff in the Eleventh Circuit case had no such limitation on his Web site, the court reasoned that the Web site was not configured in such a way that it limited access by the general public.

Latest Insights