ISPs Can Be Sued for Releasing Data Without Signed Warrant
The ruling is significant because it opens ISPs to civil liability when they reveal personal information on Internet users and businesses without a signed warrant.
The U.S. District Court for the Eastern District of Virginia held July 15 that America Online Inc.’s release of personal data information to law enforcement officials, in response to a faxed warrant application that had not been signed by a judge, could subject AOL to civil liability under the Electronic Communications Privacy Act.
AOL released the name, address, phone numbers, screen name, along with other information about the use of AOL services, to two detectives in Fairfield, Conn., who were probing the origin of an allegedly threatening email message.
That message, which was made by GoMaryGoAway@aol.com, was sent to several local political activists and stated, “The end is near.”
Police detectives preparing a warrant application set out their belief that the person who sent the email was engaged in unlawful harassment.
Both detectives signed the warrant application and a signature line designated with “Signed (judge of the superior court)” was left blank.
A judge’s signature does not appear anywhere on the warrant application.
AOL received the warrant application by fax and forwarded it internally to its legal department, where an AOL compliance and fraud investigator concluded that the warrant was valid.
That investigator faxed the subscriber information to the detectives.
Several months later, the subscriber filed a lawsuit against AOL, the detectives involved in the warrant application and the city, alleging a violation of the Electronic Communications Privacy Act.
The AOL subscriber contended he suffered damage to his reputation and business, as well as emotional distress, after his political opponents, who received the information from the detectives, threatened to send the email to the local newspaper.
The case is Freedman vs. America Online Inc., No. 04-CV-475 ‘