No. 19-1067 Appellant v. BRIEF FOR APPELLEES · 2019-05-16 · IN THE UNITED STATES COURT OF...
Transcript of No. 19-1067 Appellant v. BRIEF FOR APPELLEES · 2019-05-16 · IN THE UNITED STATES COURT OF...
IN THE UNITED STATES COURT OF APPEALS
FOR THE THIRD CIRCUIT
No. 19-1067
CAROL LEE WALKER,
Appellant
v.
SENIOR DEPUTY BRIAN T. COFFEY, In His Individual Capacity;
SPECIAL AGENT PAUL ZIMMERER, In His Individual Capacity
BRIEF FOR APPELLEES
APPEAL FROM THE JUDGMENT OF THE UNITED STATES
DISTRICT COURT FOR THE EASTERN DISTRICT OF PENNSYLVANIA
ENTERED DECEMBER 11, 2018
Office of Attorney General
1600 Arch Street
Suite 300
Philadelphia, PA 19103
Phone: (215) 560-2908
FAX: (717) 772-4526
DATE: May 8, 2019
JOSH SHAPIRO
Attorney General
BY: CLAUDIA M. TESORO
Senior Deputy Attorney General
J. BART DELONE
Chief Deputy Attorney General
Chief, Appellate Litigation Section
Case: 19-1067 Document: 003113232480 Page: 1 Date Filed: 05/08/2019
i
TABLE OF CONTENTS
Page
TABLE OF AUTHORITIES ................................................................................... iii
STATEMENT OF JURISDICTION.......................................................................... 1
STATEMENT OF ISSUES ....................................................................................... 2
STATEMENT OF THE CASE .................................................................................. 3
STATEMENT OF FACTS ........................................................................................ 6
STATEMENT OF RELATED CASES ...................................................................10
SUMMARY OF ARGUMENT ...............................................................................11
ARGUMENT ...........................................................................................................12
I. Walker’s Stored Communications Act Claims Against The
Defendants Were Properly Dismissed. ..........................................................13
A. Walker failed to state a claim under SCA § 2701(a). .........................16
1. Defendants themselves did not “access” a facility. ..................17
2. Defendants were in any event authorized to obtain
Walker’s emails. ........................................................................21
B. Walker also failed to state a claim under SCA § 2703. ......................30
II. Alternatively, The Defendants Were Entitled To Qualified Immunity
On Walker’s Stored Communications Act Claims Against Them. ...............37
A. Defendants in SCA civil cases may raise qualified immunity. ...........38
B. Qualified immunity applies because nothing defendants Coffey
and Zimmerer did violated clearly established law. ...........................41
1. The “clearly established law” standard is central to any
qualified immunity determination. ...........................................43
Case: 19-1067 Document: 003113232480 Page: 2 Date Filed: 05/08/2019
ii
2. No clearly established law undermines the defendants’
arguments regarding SCA § 2701 and SCA § 2703. ................45
3. Even if “electronic storage” warrants consideration,
divergent decisions on the issue reinforce defendants’
entitlement to immunity. ...........................................................48
CONCLUSION ........................................................................................................54
CERTIFICATE OF COUNSEL ..............................................................................55
CERTIFICATE OF SERVICE ................................................................................56
Case: 19-1067 Document: 003113232480 Page: 3 Date Filed: 05/08/2019
iii
TABLE OF AUTHORITIES
Page
Cases
Anderson Consulting LLP v. UOP,
991 F. Supp. 1041 (N.D. Ill. 1998) ......................................................................32
Anderson v. Creighton,
483 U.S. 635 (1987) ...................................................................................... 38, 42
Anzaldua v. Northeast Ambulance and Fire Protection Dist.,
793 F.3d 822 (8th Cir. 2015) ....................................................................... passim
Ashcroft v. al-Kidd,
563 U.S. 731, 741 (2011) .....................................................................................43
Ashcroft v. Iqbal,
556 U.S. 662 (2009) ........................................................................................6, 33
Berry v. Funk,
146 F.3d 1003 (D.C. Cir. 1998) ........................................................ 38, 39, 40, 41
Blake v. Wright,
179 F.3d 1003 (6th Cir. 1999) ...................................................................... 40, 41
Bohach v. City of Reno,
932 F. Supp. 1232 (D. Nev. 1996) .......................................................................23
Brown Jordan International, Inc. v. Carmicle,
846 F.3d 1167 (11th Cir. 2017) ........................................................ 18, 20, 51, 52
Brown v. Grabowski,
922 F.2d 1097, 1118 (3d Cir. 1990) ....................................................................46
Burns v. PA Dept. of Corrections,
642 F.3d 163 (3d Cir. 2011) .................................................................................13
Carroll v. Carman,
135 S.Ct. 348 (2014) ............................................................................................43
Case: 19-1067 Document: 003113232480 Page: 4 Date Filed: 05/08/2019
iv
Casey v. Planned Parenthood of Southeastern Pa.,
14 F.3d 848 (3d Cir. 1994) ...................................................................................25
City and County of San Francisco v. Sheehan,
135 S.Ct. 1765 (2015) ..........................................................................................44
City of Escondido, Calif. v. Emmons,
139 S.Ct. 500 (2019) ............................................................................................39
City of Grand Rapids v. Grand Rapids Police Command Officers Assn.,
346 F. Supp. 3d 1061 (W.D. Mich. 2018) ...........................................................40
City of Ontario, Cal. v. Quon,
560 U.S. 746 (2010) .............................................................................................15
Collegesource, Inc. v. Academyone, Inc.,
597 Fed. Appx. 116 (3d Cir. 2015) ......................................................................24
Curry v. Yachera,
835 F.3d 373 (3d Cir. 2016) .................................................................................13
Diana v. Oliphant,
441 Fed. Appx. 76 (3d Cir. 2011) ........................................................................40
Doe v. County. of Centre, Pa.,
242 F.3d 437 (3d Cir. 2001) .................................................................................39
Doe v. Delie,
257 F.3d 309 (3d Cir. 2001) .......................................................................... 44, 53
Dresser-Rand Company v. Jones,
957 F. Supp.2d 610 (E.D. Pa. 2013) ....................................................................20
Fraser v. Nationwide Mut. Ins. Co.,
135 F. Supp.2d 623 (E.D. Pa. 2001) ....................................................................49
Fraser v. Nationwide Mutual Ins. Co.,
352 F.3d 107 (3d Cir. 2004) .......................................................................... 23, 50
Freedman v. America Online Inc.,
303 F. Supp.2d 121 (D. Conn. 2004) .......................................... 34, 35, 36, 37, 46
Case: 19-1067 Document: 003113232480 Page: 5 Date Filed: 05/08/2019
v
Freedman v. America Online, Inc.,
325 F. Supp.2d 638 (E.D. Va. 2004) ...................................................................35
Hafer v. Melo,
502 U.S. 21 (1991) ......................................................................................... 33-34
Harlow v. Fitzgerald,
457 U.S. 800 (1982) ...................................................................................... 39, 42
Hassen v. Govt. of Virgin Islands,
861 F.3d 108 (3d Cir. 2017) ................................................................................... 6
Hately v. Watts,
917 F.3d 770 (4th Cir. 2019) ...............................................................................52
Hepting v. AT&T Corp.,
439 F. Supp. 2d 974 (N.D. Cal. 2006) .................................................................41
In re Google Inc. Cookie Placement Consumer Privacy Litigation,
806 F.3d 125 (3d Cir. 2015) .............................................................. 14, 16, 17, 18
In re iPhone Application Litigation,
844 F. Supp.2d 1040 (N.D. Cal. 2012) ................................................................18
In re: City of Philadelphia Litigation,
158 F.3d 711 (3d Cir. 1998) .................................................................................25
John K. Maciver Inst. for Public Policy, Inc. v. Schmitz,
885 F.3d 1004 (7th Cir. 2018) ...................................................................... 40, 41
Kane v. Barger,
902 F.3d 185 (3d Cir. 2018) .......................................................................... 45, 46
L.R. v. Sch. Dist. of Phila.,
836 F.3d 235 (3d Cir. 2016) .................................................................................43
Lazette v. Kulmatycki,
949 F. Supp.2d 748 (N.D. Ohio 2013) .................................................................17
Lonegan v. Hasty,
436 F. Supp.2d 419 (E.D.N.Y. 2006) ..................................................................40
Case: 19-1067 Document: 003113232480 Page: 6 Date Filed: 05/08/2019
vi
Long v. Insight Communications of Central Ohio, LLC,
804 F.3d 791 (6th Cir. 2015) ...............................................................................13
Malley v. Briggs,
475 U.S. 335 (1986) .............................................................................................41
Mammaro v. N.J. Div. of Child Prot. & Permanency,
814 F.3d 164 (3d Cir. 2016) .................................................................................44
McTernan v. City of York,
577 F.3d 521 (3d Cir. 2009) ................................................................................... 8
Mitchell v. Forsyth,
472 U.S. 511 (1985) .............................................................................................38
Mullenix v. Luna,
136 S.Ct. 305 (2015) ............................................................................................41
P.C. Yonkers, Inc. v. Celebrations the Party and Seasonal Superstore, LLC,
428 F.3d 504 (3d Cir. 2005) .......................................................................... 20, 21
Pearson v. Callahan,
555 U.S. 223 (2009) .............................................................................................42
Quon v. Arch Wireless Operating Co.,
445 F. Supp.2d 1116 (C.D. Cal. 2016) ......................................................... 14, 16
Quon v. Arch Wireless Operating Co.,
529 F.3d 892 (9th Cir. 2008) ...............................................................................15
Reichle v. Howards,
566 U.S. 658 (2012) ...................................................................................... 38, 43
Saucier v. Katz,
533 U.S. 194 (2001) .............................................................................................42
Sauers v. Borough of Nesquehoning,
905 F.3d 711 (3d Cir. 2018) .......................................................................... 42, 43
Tapley v. Collins,
211 F.3d 1210 (11th Cir. 2000) .................................................................... 40, 41
Case: 19-1067 Document: 003113232480 Page: 7 Date Filed: 05/08/2019
vii
Taylor v. Barkes,
135 S.Ct. 2042 (2015) ..........................................................................................37
Theofel v. Farey-Jones,
359 F.3d 1066 (9th Cir. 2004) .......................................................... 50, 51, 52, 53
United States v. Bansal,
663 F.3d 634 (3d Cir. 2011) .................................................................................47
United States v. Baroni,
909 F.3d 550 (3d Cir. 2018) .................................................................................43
United States v. Warshak,
631 F.3d 266 (6th Cir. 2010) .................................................................. 47, 50, 52
USA Mobility Wireless, Inc. v. Quon,
558 U.S. 1091 (2009) ...........................................................................................15
Vista Marketing, LLC v. Burkett,
812 F.3d 954 (11th Cir. 2016) ...................................................................... 51, 52
Walker v. Coffey ("Walker I"),
905 F.3d 138 (3d Cir. 2018) ......................................................................... passim
Walter v. Pike Cnty.,
544 F.3d 182 (3d Cir. 2008) .................................................................................42
WEC Carolina Energy Solutions, LLC v. Miller,
687 F.3d 199 (4th Cir. 2012) ...............................................................................21
Wilson v. Layne,
526 U.S. 603 (1999) .............................................................................................43
Statutes
5 U.S.C. § 7211 ........................................................................................................39
18 U.S.C. § 1030 ......................................................................................................20
18 U.S.C. § 1505 ......................................................................................................39
18 U.S.C. § 2510(1) .................................................................................................18
Case: 19-1067 Document: 003113232480 Page: 8 Date Filed: 05/08/2019
viii
18 U.S.C. § 2510(15) ...............................................................................................32
18 U.S.C. § 2510(17) ...............................................................................................49
18 U.S.C. § 2510(17)(B) ................................................................................... 49, 51
Stored Communications Act, 18 U.S.C. § 2701, et seq. .................................. passim
SCA § 2701 ...................................................................................... passim
SCA § 2701(a) ................................................................................. passim
SCA § 2701(a)(1) .....................................................................................19
SCA § 2701(a)(2) .....................................................................................19
SCA § 2701(c) .................................................................................. 22, 23
SCA § 2701(c)(1) .............................................................................. 22, 23
SCA § 2702 ........................................................................... 23, 31, 46, 47
SCA § 2702(a) .........................................................................................31
SCA § 2703 ...................................................................................... passim
SCA § 2703(a) .................................................................. 4, 30, 33, 47, 48
SCA § 2703(b) .............................................................................. 4, 30, 33
SCA § 2703(c) .........................................................................................35
SCA § 2705 ..............................................................................................33
SCA § 2707 ................................................................................................ 1
SCA § 2707(a) .........................................................................................13
SCA § 2710(a) .........................................................................................18
SCA § 2711(1) ............................................................................ 18, 32, 49
SCA § 2711(2) .........................................................................................32
28 U.S.C. § 1291 ........................................................................................................ 1
Case: 19-1067 Document: 003113232480 Page: 9 Date Filed: 05/08/2019
ix
28 U.S.C. § 1331 ........................................................................................................ 1
28 U.S.C. § 1343 ........................................................................................................ 1
42 U.S.C. § 1983 ........................................................................................................ 1
Other authorities
Orin S. Kerr, A User’s Guide to the Stored Communications Act, and a
Legislator’s Guide to Amending It, 72 GEO. WASH. L. REV. 1208 (2004)
(“Kerr SCA Guide”) ................................................................................... passim
2 Moore’s Federal Practice, § 12.34[4][a] (Matthew Bender 3d Ed.) ...................21
https://www.merriam-webster.com/dictionary/ ................................................ 19, 24
Case: 19-1067 Document: 003113232480 Page: 10 Date Filed: 05/08/2019
1
STATEMENT OF JURISDICTION
This is a civil rights action brought pursuant to 42 U.S.C. § 1983 and the
Stored Communications Act, 18 U.S.C. § 2701 et seq. The district court had
subject matter jurisdiction pursuant to 28 U.S.C. §§ 1331 and 1343. See also 18
U.S.C. § 2707.
This appeal is from a final order, entered on December 11, 2018 (App. 2).
The notice of appeal was filed on January 7, 2019 (App. 1). This Court has
appellate jurisdiction by virtue of 28 U.S.C. § 1291.
Case: 19-1067 Document: 003113232480 Page: 11 Date Filed: 05/08/2019
2
STATEMENT OF ISSUES
Invoking the Stored Communications Act (“SCA”), Carol Walker sued a
prosecutor and agent handling a criminal case against her because they requested
and obtained copies of certain emails from her employer.
I. Were Walker’s claims properly dismissed, where:
A. for purposes of SCA § 2701, the defendants did not
intentionally “access” the employer’s “facility,” and the employer
“authorized” the defendants to obtain the emails, and
B. for purposes of SCA § 2703, the disclosure of Walker’s emails
was voluntary, not compelled?
II. Alternatively, were the defendants entitled to qualified immunity,
given that:
A. SCA defendants may raise this defense, and
B. defendants’ actions were not contrary to clearly established
law?
Case: 19-1067 Document: 003113232480 Page: 12 Date Filed: 05/08/2019
3
STATEMENT OF THE CASE
This is the second appeal in this case. The litigation began when appellant
Carol Lee Walker, plaintiff in the district court, filed a civil rights action against
Brian T. Coffey, a prosecutor with the Office of Attorney General, and Paul
Zimmerer, an investigator in that office. Walker alleged that the defendants
violated the Fourth Amendment when – in connection with a then-pending
criminal matter against her and others – they sought and were provided with
certain personal emails to and from Walker that her employer, Pennsylvania State
University (“Penn State”) held in its computer system. The defendants’ motion to
dismiss this constitutional claim was granted, and this Court affirmed that
conclusion, finding that both defendants were shielded by qualified immunity.
Walker v. Coffey, 905 F.3d 138, 150 (3d Cir. 2018) (“Walker I”). The case was
remanded to enable Walker to pursue an alternative theory, based on the Stored
Communications Act, 18 U.S.C. § 2701 et seq. (“SCA”). Id., at 151.
Upon return to the district court, Walker filed her “Second Amended Civil
Action Complaint” (App. 32-53). The defendants again moved to dismiss, both on
the merits and on qualified immunity grounds (App. 55-69. See also App. 90-99).
Over Walker’s opposition (see App. 70-89), and after hearing oral argument (see
App. 100-212 – transcript), the district court granted the defense motion.
Case: 19-1067 Document: 003113232480 Page: 13 Date Filed: 05/08/2019
4
First, the district court decided that Walker had failed to state a claim under
SCA § 2701(a), which only pertains to actions taken without (or beyond) prior
“authorization.” According to the court, that statutory provision did not apply here
because, under the circumstances, Penn State was authorized to provide emails
from its own email system to the defendants, and voluntarily did so (See App. 6-8).
That the defendants had, admittedly, offered Penn State an incomplete and
unenforceable – but ultimately unchallenged – subpoena when requesting Walker’s
emails did not negate this conclusion (Id.).
Second, the district court considered whether Walker stated a claim under
SCA § 2703(a) or SCA § 2703(b) (or both). These govern when and how a
“governmental entity” may obtain emails that are “in electronic storage” from a
“provider of electronic communications services.” The court reasoned that “[t]he
government can always obtain documents through a party’s consent” and – in this
instance – “Penn State consented to the disclosure of Ms. Walker’s emails” from
its own records (App. 8-9). Hence, no claim was stated under SCA § 2703.
Third, the district court confirmed that, in principle, “qualified immunity is
available for Stored Communications Act claims” (See App. 10-12).
Finally, in the longest section of its decision, the district court held that,
even assuming the defendants violated the SCA in this particular case, they were
entitled to qualified immunity because the applicable law was not clearly
Case: 19-1067 Document: 003113232480 Page: 14 Date Filed: 05/08/2019
5
established when they obtained Walker’s emails (App. 13-21). Whether Walker’s
emails on Penn State’s server were in “electronic storage” for purposes of “backup
protection” was not clear (See App. 13-20). It also was not clear that – where, as
here, an employer “voluntarily produces information to which the employee does
not enjoy an expectation of privacy” – an investigator must still obtain a warrant or
a valid subpoena before obtaining the employee’s emails (See App. 20-21).
Case: 19-1067 Document: 003113232480 Page: 15 Date Filed: 05/08/2019
6
STATEMENT OF FACTS1
In July 2015, the Office of Attorney General filed criminal charges in the
Court of Common Pleas of Centre County, against Walker, her husband, and her
husband’s company (App. 33 – ¶¶ 6-7).2 Defendant Coffey was the assigned
attorney for the Commonwealth, while defendant Zimmerer was a “case agent”
working with defendant Coffey (App. 34 – ¶¶ 8-9).
Some (although not all) of the criminal charges against Walker and her co-
defendants were dismissed early on, but the case against them remained open (See
App. 34 – ¶¶ 11-12). At the time, Walker was employed by Penn State and, as an
employee, she had access to, and used, the Penn State email system (See App. 32,
34, 35 – ¶¶ 1, 13, 18-19). By policy, Penn State “recognizes … the reasonable
privacy expectations of its employees … in communications by mail, telephone,
1 Given the procedural posture of this case, the facts set forth in the operative
complaint must be taken as true, but any “bald assertions” and “legal conclusions”
in that pleading need not be credited. Ashcroft v. Iqbal, 556 U.S. 662, 678-679
(2009). Accord Hassen v. Govt. of Virgin Islands, 861 F.3d 108, 114-115 (3d Cir.
2017).
2 Parenthetical paragraph references in this summary (and elsewhere in this
brief) are to Walker’s second amended complaint (App. 32-53).
Case: 19-1067 Document: 003113232480 Page: 16 Date Filed: 05/08/2019
7
and other electronic means, subject only to applicable state and federal laws and
University regulations” (App. 35-36 – ¶ 23 and Ex. A thereto).3
While the criminal matter against Walker and her co-defendants was open
and pending, the defendants asked Penn State, informally, to produce Walker’s
computer files and emails, but at that point Penn State declined to do so voluntarily
(App. 36 – ¶¶ 24-25). Rather, according to Walker (averring on “information and
belief”), Penn State “demanded” a subpoena before it would produce her computer
files and emails (App. 36 – ¶ 26).
Soon thereafter, the defendants followed up: On October 21, 2015,
defendant Zimmerer went to the office of Penn State’s general counsel and met
with Assistant General Counsel Katherine Allen (App. 36-37 – ¶ 28 and Ex. B
thereto). In his follow-up Investigative Report, addressed to his superiors later the
same day, defendant Zimmerer stated: “A subpoena was presented to [Ms. Allen]
for PSU computer records to and from Carol Walker’s PSU computer email” (Id.).
A copy of the subpoena was attached to the report (See App. 37-38 – ¶¶ 29-35 and
Ex. C thereto).
3 On its face, the quoted Penn State “Privacy Statement” (App. 46-47) also
provides that exceptions to the broad policy will be authorized under certain
circumstances, in accordance with prescribed procedures (Id., at paragraphs A-C).
See also infra, at 26-28.
Case: 19-1067 Document: 003113232480 Page: 17 Date Filed: 05/08/2019
8
The subpoena was on a Centre County court form, with the caption and
docket number of the criminal case against “Carol Lee Walker, ETAL” typed in,
along with a description of materials to be produced by the person to whom the
subpoena was addressed, one John Corro, Penn State’s “General Counsel & Senior
Security/Systems Analyst” (App. 52). The pre-printed form itself indicates that the
subpoena was “witnessed” by the President Judge of the court (Id.). Below that
recitation, a handwritten signature appears on a line marked “Prothonotary” (Id.).
On the other side of the document, defendant Coffey is identified as the issuing
attorney, and his name and address are filled in (App. 52).
But the subpoena form lacks certain details. The blank spaces meant to
specify the time and place for the recipient to appear and testify were not filled in
(App. 52. See also App. 38 – ¶ 34). In fact, no court hearing on the pending
criminal matter was actually scheduled when defendant Zimmerer went to Penn
State and presented the subpoena form to Ms. Allen (App. 38 – ¶ 34).
Thus, the subpoena was incomplete on its face, and therefore would not have
been judicially enforceable.4 Walker has not alleged, however, that defendant
4 Throughout her complaint, Walker characterizes the subpoena form as
“purported,” “fraudulent,” “unlawful,” and “illegal” (See App. 36-42 – ¶¶ 27, 30,
32, 34, 35, 37-42, 44, 46, 61, 62). These are quintessential “bald assertions” and
“legal conclusions” and, as such, they are to be disregarded. See, e.g., McTernan
v. City of York, 577 F.3d 521, 531 (3d Cir. 2009).
Case: 19-1067 Document: 003113232480 Page: 18 Date Filed: 05/08/2019
9
Zimmerer (or defendant Coffey) deliberately misrepresented the import of the
subpoena to Ms. Allen when they met (or to any of her Penn State colleagues or
superiors), or that any Penn State officials were cowed, deceived, or misled by the
incomplete form, which they unquestionably received and reviewed. Nor has
Walker alleged that anyone connected with Penn State ever questioned,
challenged, or in any way objected to complying with the request that was
conveyed via that subpoena form.
In the end, having initially “demanded” a subpoena, Penn State softened its
stance, concluding that the incomplete subpoena form presented to counsel by the
defendants, and reviewed by her, was sufficient for the university’s purposes.
Thus, with that document in hand, Penn State chose to cooperate with the
defendants. Indeed, Ms. Allen specifically told defendant Zimmerer “that David
Dulabon of her office may assist with the subpoena” (App. 50 – Investig. Rept.).
Thereafter, with Mr. Dulabon’s (or someone’s) assistance, the defendants did
obtain the requested emails from Penn State (App. 40 – ¶ 43).
Case: 19-1067 Document: 003113232480 Page: 19 Date Filed: 05/08/2019
10
STATEMENT OF RELATED CASES
This case was previously before this Court, at No. 17-2172. See Walker I.
Otherwise there are no pending or completed federal cases to which it is related.
Case: 19-1067 Document: 003113232480 Page: 20 Date Filed: 05/08/2019
11
SUMMARY OF ARGUMENT
In connection with a pending criminal case, defendants Coffey and
Zimmerer asked Walker’s employer, Penn State, for certain emails, and those were
provided. This did not violate the SCA. As to § 2701(a): Defendants did not
themselves affirmatively “access” Penn State’s “facility” (its email system).
Moreover, they were “authorized” by Penn State to obtain the emails. Admittedly
the subpoena form defendants had presented at Penn State’s request was
incomplete, but university counsel reviewed it and authorized the production. As
to § 2703: This was not an improper compelled disclosure of electronically stored
information, because Penn State – a non-public service provider – agreed to it.
That being so, no subpoena was even required. Walker’s “illegal subpoena” theory
rests on a single, distinguishable district court case, and cannot carry the day.
Alternatively, and at a minimum, defendants were entitled to qualified
immunity on Walker’s claims. Qualified immunity is potentially available to civil
defendants on statutory as well as constitutional claims, including claims brought
under the SCA. Substantively, the “clearly established law” criterion for analyzing
qualified immunity defenses is itself clearly established. Here, even if the
defendants ran afoul of SCA technicalities (and they did not), the applicable law
was not clearly established, both in general and with regard to the definition of
“electronic storage … for purposes of backup protection.”
Case: 19-1067 Document: 003113232480 Page: 21 Date Filed: 05/08/2019
12
ARGUMENT
The facts of this case, involving one discrete incident in 2015, have not
changed since Walker I. And this Court’s observations about that incident are as
apt now as they were last year – even though the legal focus has shifted from the
Constitution to the Stored Communications Act. To recap:
o “[I]t is undisputed that the communications in question were sent or
received [to or] from Walker’s work email account.” Id., 905 F.3d at
148.
o “[A]lthough employees may have certain privacy interests in their
work-related documents and communications vis-à-vis outsiders, their
privacy interests vis-à-vis their employer are far more circumscribed.”
Id.
o “[E]mployers, as third parties who possess common authority over the
workplace, may independently consent to a search of an employee’s
workplace documents or communications.” Id., 905 F.3d at 148-149.
o “Upon receipt of the subpoena, Penn State exercised its independent
authority to consent to a search and produced Walker’s work emails.”
Id., 905 F.3d at 149.
o “Rather than contest the validity of the subpoena or otherwise limit
any search, the Assistant General Counsel instructed an employee of
her office to assist with the production of Walker’s emails.” Id., 905
F.3d at 149-150.
o “That decision was within the authority of Penn State – acting through
its attorney – as Walker’s employer.” Id., 905 F.3d at 150.
o “[D]espite the facial invalidity of the subpoena, [this Court declined]
to find that the University’s consent was coerced.” Id.
Case: 19-1067 Document: 003113232480 Page: 22 Date Filed: 05/08/2019
13
The central question now is whether, with all this in mind, dismissal of Walker’s
SCA claims was justified, just as dismissal of her Fourth Amendment claim was.
The answer to that question is “yes.”
* * * * *
Standard of review: This Court exercises plenary review over an order
granting a motion to dismiss for failure to state a claim upon which relief can be
granted. E.g., Curry v. Yachera, 835 F.3d 373, 377 (3d Cir. 2016). Similarly, an
order granting dismissal on the basis of qualified immunity presents a pure
question of law, subject to de novo review. Walker I, 905 F.3d at 143. See also,
e.g., Burns v. PA Dept. of Corrections, 642 F.3d 163, 170 (3d Cir. 2011).
I. Walker’s Stored Communications Act Claims Against The Defendants
Were Properly Dismissed.
Pursuant to SCA § 2707(a), “any provider of electronic communication
service, subscriber, or other person aggrieved” may bring a civil action for redress
from “any violation” of the law. Id. To be actionable under SCA § 2707(a), “the
conduct constituting the violation” must have been “engaged in with a knowing or
intentional state of mind[.]” Id. See also Long v. Insight Communications of
Central Ohio, LLC, 804 F.3d 791, 796-797 (6th Cir. 2015) (discussing “knowing
or intentional” requirement). One may readily assume that Walker was, and
continues to be, “aggrieved” by the events at issue. That alone does not mean that
Case: 19-1067 Document: 003113232480 Page: 23 Date Filed: 05/08/2019
14
she stated a cognizable SCA damages claim against the defendants for knowingly
or intentionally violating that statute.
The Stored Communications Act was enacted in 1986, as Title II of the
federal Electronic Communications Privacy Act. It “was born from congressional
recognition that neither existing federal statutes nor the Fourth Amendment
protected against potential intrusions on individual privacy arising from illicit
access to stored communications in remote computing operations and large data
banks that stored emails.” In re Google Inc. Cookie Placement Consumer Privacy
Litigation, 806 F.3d 125, 145 (3d Cir. 2015) (internal quotation marks and citation
omitted). The statute was crafted to “protect information held by centralized
communication providers.” Id., 806 F.3d at 147 (internal citations and quotation
marks omitted). Among other things, Congress was concerned about “the risk that
communications temporarily stored in these facilities could be accessed by
hackers.” Id.
In short, the SCA was meant “to provide some protection to electronic
communications.” Quon v. Arch Wireless Operating Co., 445 F. Supp.2d 1116,
1128 (C.D. Cal. 2016).5 The scope of the SCA is narrow, however. It “is not a
5 The Quon litigation continued well after issuance of the above-cited district
court decision, which held (inter alia) that the governmental defendants then
before the court were not liable under the SCA for disclosing the contents of
certain employee text messages. Id., 445 F. Supp.2d at 1129. That specific ruling
Case: 19-1067 Document: 003113232480 Page: 24 Date Filed: 05/08/2019
15
catch-all statute designed to protect the privacy of stored Internet communications;
instead it is narrowly tailored to provide a set of Fourth Amendment-like
protections for computer networks.” Orin S. Kerr, A User’s Guide to the Stored
Communications Act, and a Legislator’s Guide to Amending It, 72 GEO. WASH. L.
REV. 1208, 1214 (2004) (“Kerr, SCA Guide”).
Not only is the SCA less comprehensive than one might assume; in addition,
analyzing SCA issues can be vexing, because the statute is now quite old. As
written, it “reflects the technology of the 1980s[,]” effectively “freezing into the
law the understandings of computer network use as of 1986.” Id., at 1213-1214.
But after more than three decades, technology has changed significantly while, by
and large, the SCA has not. Consequently, applying the SCA to the facts of
Walker’s case (or any contemporary case) can sometimes feel like trying to put a
square peg into a round hole. See Anzaldua v. Northeast Ambulance and Fire
Protection Dist., 793 F.3d 822, 839 n.5 (8th Cir. 2015) (it is “not always easy to
square the decades-old [SCA] with the current state of email technology”). See
was not appealed, but the litigation went on. Among other things, the Ninth
Circuit found that Arch Wireless, a private entity, did violate the SCA. See Quon
v. Arch Wireless Operating Co., 529 F.3d 892, 903 (9th Cir. 2008). While
discretionary review of that conclusion was denied, see USA Mobility Wireless,
Inc. v. Quon, 558 U.S. 1091 (2009), the Supreme Court granted certiorari to
consider the Fourth Amendment aspects of the case, which the Court later decided
on the merits. See City of Ontario, Cal. v. Quon, 560 U.S. 746 (2010).
Case: 19-1067 Document: 003113232480 Page: 25 Date Filed: 05/08/2019
16
also Quon, 445 F. Supp.2d at 1128 (given statute’s age, courts must often struggle
to analyze problems involving modern technology).
Walker makes separate arguments based on SCA § 2701(a) and SCA § 2703
(See Brief for Appellant [“Brf.”], at 9-14 and 14-17, respectively). Both of these
challenges to the dismissal of her lawsuit fall short.
A. Walker failed to state a claim under SCA § 2701(a).
Section 2701 of the SCA “lays out a substantive criminal prohibition,”
punishable by fines or imprisonment for up to ten years, depending on the
circumstances. Kerr, SCA Guide, at 1238. Professor Kerr has bluntly criticized
this provision, noting that it is redundant and explaining, moreover, that its “vague
language has needlessly confused the courts, which have tried to use § 2701 in
civil cases to do far more than the SCA’s drafters ever intended.” Kerr, SCA
Guide, at 1240. To date, however, this Court and others have allowed aggrieved
parties to base civil complaints on alleged violations of SCA § 2701. See, e.g., In
re Google, Inc., 806 F.3d at 145-146; Anzaldua, 793 F.3d at 838-839.
Deciding whether a civil claim for relief has been stated under SCA § 2701
must begin with the words of that statutory provision. Pursuant to paragraph (a)
(and subject to certain prescribed exceptions), § 2701 is violated if someone either:
(1) intentionally accesses without authorization a facility through
which an electronic communication service is provided; or
Case: 19-1067 Document: 003113232480 Page: 26 Date Filed: 05/08/2019
17
(2) intentionally exceeds an authorization to access that facility;
and thereby obtains … authorized access to a wire or electronic
communication while it is in electronic storage in such system [.]
SCA § 2701(a) (emphasis added). Basically, this is meant to prohibit conduct,
including hacking, whereby a party’s electronic data is acquired by another party,
intentionally and without authorization. See Lazette v. Kulmatycki, 949 F. Supp.2d
748, 753 (N.D. Ohio 2013).
For a civil plaintiff to make out a claim under SCA § 2701, then, four
prerequisites must be pled and eventually proved: first, that the defendant(s)
intentionally “accessed” a “facility” that provides “electronic communication
service;” second, that in so doing the defendant(s) acted without “authorization”
(or in excess of authorization); third, that the defendant(s) thereby “obtain[ed]”
access to the plaintiff’s electronic communication; and fourth, that this occurred
while the subject electronic communication was “in electronic storage” in “such
system.” Walker’s attempted § 2701 claim against defendants Coffey and
Zimmerer was legally deficient in two different ways.
1. Defendants themselves did not “access” a facility.
As noted in In re Google, Inc., 806 F.3d at 146, in § 2701, the SCA uses, but
does not define, the term “facility.” Given this gap, this Court reasoned that a
facility, for this purpose, is something through which “electronic communication
Case: 19-1067 Document: 003113232480 Page: 27 Date Filed: 05/08/2019
18
service” is provided. Id., 806 F.3d at 146 & nn. 90-91. “Electronic
communication service,” in turn, is a statutorily-defined term, meaning “any
service which provides to users thereof the ability to send and receive wire or
electronic communications.” 18 U.S.C. § 2510(1) (incorporated by reference in
SCA § 2711(1)).
Penn State operates an email system that is used by employees and other
members of the University community (See App. 34 – ¶ 13). That being so – and
as Walker herself points out (see Brf., at 10) – Penn State’s system can be
considered a “facility” as that term is used in SCA § 2701(a). See Brown Jordan
International, Inc. v. Carmicle, 846 F.3d 1167, 1177 n.4 (11th Cir. 2017)
(“facility” includes “physical means or equipment for doing something;” program
providing ability to send and receive emails “is a facility through which an
electronic communication service is provided”). See also In re iPhone Application
Litigation, 844 F. Supp.2d 1040, 1057 (N.D. Cal. 2012) (commenting that
“computer systems of an email provider, a bulletin board system, or an ISP are
uncontroversial examples of facilities that provide electronic communications
services to multiple users”).
But did defendants Coffey and Zimmerer intentionally “access” this
“facility” – Penn State’s email system – as SCA § 2701(a) contemplates? Contrary
Case: 19-1067 Document: 003113232480 Page: 28 Date Filed: 05/08/2019
19
to Walker’s unexplained assumption, they did not.6 While they did ultimately
obtain certain emails from Penn State representatives, who responded to their
overtures, this was not a result of the defendants’ penetrating Penn State’s email
system – “accessing” it – themselves.
Just as the SCA does not define “facility,” it also does not define “access,”
but the ordinary meaning of “access” is not obscure. In contemporary English, it
may be either a noun or a verb. See, e.g., https://www.merriam-
webster.com/dictionary/access (visited Apr. 11, 2019). As used in SCA
§ 2701(a)(1) and (2), “access” is a transitive verb.7 As such, it means “to get at …
to be able to use, enter, or get near (something)[.]” Id. Synonyms include “enter”
and “penetrate.” Id. Thus, this use of “access” in SCA § 2701(a)(1) and (2)
contemplates an affirmative, intentional incursion, by an actor, into an electronic
communication system (the facility), as opposed to secondary receipt of
electronically stored information from a system’s manager, administrator, or other
6 Walker simply asserts, without elaboration, that the defendants “accessed a
‘facility’ when they obtained [her] emails from PSU” (Brf., at 10). She then
attacks the district court’s allegedly deficient analysis of two other entirely
different concepts, namely electronic storage and authorization (Id., at 10-14).
7 A transitive verb takes a direct object. In subsections (1) and (2) of SCA
§ 2701(a), the direct object of “access” is “a facility[.]” (It should also be noted
that, after the second semicolon in that statutory provision, “access” is used again,
but as a noun.)
Case: 19-1067 Document: 003113232480 Page: 29 Date Filed: 05/08/2019
20
overseer. Expressed in more legal terms: “Use of the computer is integral to the
[violation of this provision], and not merely incidental.” Dresser-Rand Company
v. Jones, 957 F. Supp.2d 610, 614-615 (E.D. Pa. 2013) (emphasis added).8
Examining individual cases validates this reading of “access.” That is, the
challenged “accessing” behavior must have entailed actual entry into, or
encroachment on, another’s computer or computer system to capture data or
information, not just the receipt of electronically-stored information from a helpful
intermediary, responding to an inquiry or request. See, e.g., Brown Jordan
International, 846 F.3d at 1171, 1177 (SCA defendant himself had used
company’s “generic password” to access others’ emails); Anzaldua, 793 F.3d at
838-839 (terminated employee, bringing SCA claim based on boss and ex-
girlfriend getting emails from his gmail account, sufficiently alleged “access” by
them). See also P.C. Yonkers, Inc. v. Celebrations the Party and Seasonal
Superstore, LLC, 428 F.3d 504, 506-507 (3d Cir. 2005) (CFAA civil defendant
8 Dresser-Rand is instructive although, as a district court decision, it is of
course not binding on this Court. In addition, Dresser-Rand arose under the
Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030, rather than under SCA
§ 2701(a). However, “Section 2701 [of the SCA] is a very close cousin” of CFAA
§ 1030. Kerr, SCA Guide, at 1239. As with SCA § 2701(a), the “basic mechanism
[of CFAA § 1030] is a prohibition on accessing a computer without authorization,
or exceeding authorized access,” Kerr, SCA Guide, at 1239. Furthermore, the two
referenced provisions include nearly identical terminology. As a result, CFAA
decisions aid in the interpretation of the SCA.
Case: 19-1067 Document: 003113232480 Page: 30 Date Filed: 05/08/2019
21
“accessed” plaintiff companies’ computer system electronically, from his own
home); WEC Carolina Energy Solutions, LLC v. Miller, 687 F.3d 199, 201 (4th
Cir. 2012) (CFAA civil defendant had downloaded proprietary information from
his employer’s computers).9
Based on Walker’s own recitation of events, she cannot establish that the
defendants intentionally accessed Penn State’s facility. She therefore cannot
satisfy the first requirement for her putative § 2701 claim. For that discrete reason,
the claim was subject to dismissal.10
2. Defendants were in any event authorized to obtain Walker’s
emails.
Aside from whether the defendants actually “accessed” Penn State’s email
system when they asked for and later were given Walker’s emails – and even
assuming arguendo that being handed something one has requested amounts to
intentionally “accessing” a “facility” – a separate, and crucial, question arises:
9 In Brown Jordan International, supra, a finding that the civil defendant
had violated the SCA was upheld on appeal. In Anzaldua, P.C. Yonkers, and WEC
Carolina Energy, statutory violations were not established, but those merits
determinations were based on grounds other than whether the “access” requirement
was satisfied. If anything, “access” by the defendants was not seriously disputed in
those cases, which turned on other issues.
10 “Dismissal under Rule 12(b)(6) is proper if the complaint lacks an
allegation regarding an element necessary to obtain relief.” 2 Moore’s Federal
Practice, § 12.34[4][a] (Matthew Bender 3d Ed.).
Case: 19-1067 Document: 003113232480 Page: 31 Date Filed: 05/08/2019
22
were the defendants “authorized” to do – and get – what they did? They were, and
for that reason they did not violate SCA § 2701.
The concept of authorization is central to SCA § 2701. Subsection (a) of
that provision only prohibits accessing a facility without authorization (or in excess
of authorization). Reinforcing that standard, subsection (c) goes on to say that
SCA § 2701(a) does not apply at all with respect to questioned conduct that was
authorized “by the person or entity providing a wire or electronic communications
service[.]” SCA § 2701(c)(1). The actions of defendants Coffey and Zimmerer
fall squarely within this authorization exception, as the district court properly
concluded (App. 6-8).
Again, what happened here was that the defendants asked Penn State for
certain emails and – after first telling the defendants to serve a subpoena and then
deciding that an incomplete (and unenforceable) one would fill that bill – Penn
State chose to furnish the requested emails to the defendants. It stands to reason
that Penn State, as an “entity providing a wire or electronic communications
service” to the University community, for University-related purposes (see App. 34
– ¶ 13), was “authorized” to obtain “wire or electronic communication[s]” from its
own system as necessary and disclose them to others as it saw fit.11 Its doing so in
11 Importantly, Penn State does not provide electronic communication or
computing services to the public. For that reason, the constraints upon voluntary
Case: 19-1067 Document: 003113232480 Page: 32 Date Filed: 05/08/2019
23
this instance was wholly consistent with SCA § 2701(c) and, concomitantly, did
not violate SCA § 2701(a). This Court decided as much in Fraser v. Nationwide
Mutual Ins. Co., 352 F.3d 107, 114-115 (3d Cir. 2004). There, the defendant
employer’s search of an employee’s emails was within the SCA § 2701(c)
exception because the employer, a communications service provider, administered
the email system that contained the employee’s emails.12 In fact, Walker does not
say otherwise (See Brf., at 25 n.6).
Because the conduct at issue – the obtaining of Walker’s emails – was
unquestionably authorized “by the person or entity providing a wire or electronic
communications service[,]” SCA § 2701(c)(1), the defendants did not violate SCA
§ 2701(a). That should be the end of it. Walker nevertheless contends that her
rights were violated when Penn State chose to share electronically-stored
information that it held in its system with the defendants pursuant to their request.
As Walker views the situation, even if Penn State oversees and controls its own
disclosure of “customer communications or records” that are applicable to persons
or entities that do provide services to the public, see SCA § 2702, have no bearing
here. See infra, at 31-32.
12 In Fraser, this Court followed Bohach v. City of Reno, 932 F. Supp. 1232
(D. Nev. 1996), which also arose in the employment context. Bohach recognized
that Ҥ 2701(c)(1) allows service providers to do as they wish when it comes to
accessing communications in electronic storage.” Id., 932 F. Supp. at 1236.
Case: 19-1067 Document: 003113232480 Page: 33 Date Filed: 05/08/2019
24
email system, it lacked “authorization” to do that. This contention cannot
withstand scrutiny.
The district court reasoned that authorization, in the SCA § 2701 context, is
comparable to consent, in the Fourth Amendment context (See App. 7-8 & n. 31).
This analytical approach was logical and sound.
Because the SCA does not specifically define “authorization,” the term
should be given its common meaning, not some technical or ambiguous
interpretation. Cf. Collegesource, Inc. v. Academyone, Inc., 597 Fed. Appx. 116,
129 (3d Cir. 2015) (non-precedential) (CFAA civil defendant’s access to servers
“was not ‘without authorization’ under any common meaning of that term”).
Contrary to Walker’s argument (see Brf., at 13-14), “authorization” and “consent”
cannot readily be differentiated here. They are overlapping, sometimes
interchangeable concepts; indeed, they may be synonyms for each other.13
Walker cannot avoid this Court’s conclusion, in Walker I, that Penn State
“consented” to the release of her emails to the defendants for Fourth Amendment
purposes. She nevertheless argues (again) that Penn State’s conduct could not
amount to “authorization” for SCA purposes because the defendants supposedly
13 See, e.g., https://www.merriam-webster.com/dictionary/authorization and
https://www.merriam-webster.com/dictionary/consent (both visited Apr. 11, 2019).
Case: 19-1067 Document: 003113232480 Page: 34 Date Filed: 05/08/2019
25
bamboozled the University when they proffered an incomplete and unenforceable
subpoena for the emails.
Walker’s argument is in serious tension with the analysis in Walker I, which
the district court was not free to ignore. See, e.g., Casey v. Planned Parenthood of
Southeastern Pa., 14 F.3d 848, 857 (3d Cir. 1994) (on remand after decision by
appellate court, “trial court must implement both the letter and spirit of the
mandate, taking into account the appellate court’s opinion and the circumstances it
embraces”) (internal citation omitted). The district court did just what Casey
demands (See App. 7-8).
Nor should this Court shut its eyes to Walker I and reexamine the import of
Walker’s own allegations (including, notably, the indisputable role of Penn State’s
in-house counsel in green-lighting the provision of Walker’s emails to the
defendants despite the subpoena’s gaps). “Under the law of the case doctrine, one
panel of an appellate court will not reconsider questions that another panel has
decided on a prior appeal in the same case.” In re: City of Philadelphia Litigation,
158 F.3d 711, 717 (3d Cir. 1998). Applying “general principles governing third-
party consent,” this Court in Walker I resolved questions that, for all practical
purposes, Walker wants to re-litigate now.14 She cannot do so.
14 As a reminder: The panel in Walker I explicitly concluded that Walker
did not have a reasonable expectation of privacy vis-à-vis her employer, Penn
Case: 19-1067 Document: 003113232480 Page: 35 Date Filed: 05/08/2019
26
Attempting to bypass Walker I and bolster her current lack-of-authorization
argument, Walker faults the district court for failing to analyze whether, under the
SCA, the defendants’ “illegal subpoena vitiated [Penn State’s] ability to authorize”
the defendants’ access to her emails (See Brf., at 13; emphasis by Walker). If, as
argued above, there is no practical difference between “consenting” to access and
“authorizing” access (even when one is presented with an incomplete subpoena),
this supposed lapse by the district court was no lapse at all. At this juncture,
however, Walker points to one previously unmentioned detail: Penn State’s own
privacy policy (See Brf., at 12, 13). On remand, she quoted this document in her
Second Amended Complaint (App. 35-36 – ¶ 23) and she attached a copy of the
full two-page “Privacy Statement” to that filing as an exhibit (App. 46-47). But
this additional data point neither salvages her claim nor undercuts the defendants’
defense.
Walker seems to assume that, absent a complete and enforceable subpoena,
the release of electronically-stored information cannot be deemed “authorized” for
SCA purposes if the holder of that information has generally pledged, in writing, to
State; that Penn State, as her employer, could independently consent to (read,
“authorize”) a search of her work emails; and that Penn State therefore could
voluntarily produce the requested emails to the defendants (and did so upon receipt
of the requested subpoena, notwithstanding its facial invalidity). Id., 905 F.3d at
149-150.
Case: 19-1067 Document: 003113232480 Page: 36 Date Filed: 05/08/2019
27
respect others’ privacy, as Penn State purportedly did. That, however, would
eviscerate the very concept of third-party consent in this context. The mere
existence of an internal policy such as Penn State’s cannot be controlling. If it
were, no non-public electronic communication service provider that is an employer
– and, as such, oversees and controls the information in its own system – would
ever be able to “authorize” the review or release of any emails in the employer’s
system that were received or generated by an employee.
Furthermore, and notwithstanding Walker’s characterization of Penn State’s
policy as “strict” (Brf., at 13), that “Privacy Statement” is quite elastic overall. In
it, the University does indicate that it will not infringe upon employees’ and
students’ “reasonable privacy expectations,” but absolute privacy is not guaranteed
(App. 46). Simultaneously, the University recognizes its duty to comply with
“applicable state and federal laws” (id.) – necessarily including the SCA. In
addition, and by its terms, the Penn State policy may be bypassed “when there is
good reason to believe that [an] individual employee … has violated law” and an
appropriate University official has authorized an exception to otherwise-applicable
restrictions (App. 46, 47).
That certainly appears to be what happened here: First, in the course of
investigating and prosecuting a pending criminal case against Walker and her
husband, the defendants sought information from Penn State. Then, following
Case: 19-1067 Document: 003113232480 Page: 37 Date Filed: 05/08/2019
28
review of that inquiry (including the incomplete subpoena form) by counsel for the
University, the requested emails were made available.15 That was permissible
under the terms of Penn State’s policy and, in turn, “authorized” for purposes of
SCA § 2701.
For that reason, too, Walker’s § 2701 claim was properly dismissed.
* * * * *
As posited earlier, at 17, a plaintiff who bases a civil action on SCA § 2701
is required to satisfy four prerequisites: Not only must the defendant have (1)
intentionally accessed a facility, and (2) done so without authorization; in addition,
the defendant (3) must have “thereby obtain[ed] … authorized access to a wire or
electronic communication,” and (4) this must have occurred while that wire or
electronic communication “[was] in electronic storage in such system[.]” See SCA
§ 2701. If, as defendants Coffey and Zimmerer now argue, Walker’s allegations
were insufficient with respect to the first or second of these requirements (or both),
there is no need to go further; her claim under SCA § 2701 was properly
dismissed, and the third and fourth requirements need not be dissected.
15 When and how Walker first became aware of this development is not
apparent. If she was not “notified in advance” of the defendants’ request or Penn
State’s response, it was probably because of the possibility, recognized in the
policy itself, that doing so “would compromise an on-going criminal investigation”
(See App. 47).
Case: 19-1067 Document: 003113232480 Page: 38 Date Filed: 05/08/2019
29
Nevertheless, for the sake of clarity and completeness, the latter
requirements should be touched upon quickly now. The third – “thereby
obtain[ing]” authorized access – is not in serious dispute; with Penn State’s
cooperation, the defendants did obtain “authorized access” to Walker’s emails.16
On the other hand, the fourth § 2701 requirement – that the accessed
communications must have been “in electronic storage” at the time – is contested.
Focusing only on authorization, the district court did not address the storage
issue as part of its SCA § 2701 merits analysis (See App. 6-8). Instead, the district
court grappled with storage at some length later, in conjunction with its discussion
of qualified immunity (See App. 13-20). Similarly, Walker’s present argument
with regard to storage is part of her attempt to negate the defendants’ qualified
immunity defense (Compare Brf., at 10 and Brf., at 23-27). Defendants Coffey
and Zimmerer will therefore defer any discussion of storage – and whether the law
on that sub-issue is or is not “clearly established” for qualified immunity purposes
– until Part II.B.3 of this brief, infra.
16 To be clear: while the defendants did obtain authorized access to the
emails they sought, they did not do so by affirmatively accessing Penn State’s
facility themselves.
Case: 19-1067 Document: 003113232480 Page: 39 Date Filed: 05/08/2019
30
B. Walker also failed to state a claim under SCA § 2703.
Separately, Walker argues that she stated a claim against defendants Coffey
and Zimmerer under SCA § 2703 (Brf., at 14-17). In this respect, too, her legal
theory is flawed, as the district court understood (See App. 8-9).
Broadly speaking, SCA § 2703 governs “compelled disclosure” of stored
communications. See generally Kerr, SCA Guide, at 1218-1226. Read together,
subsections (a) and (b) of SCA § 2703 spell out how a “governmental entity” may
“require” the disclosure, by a “provider,” of the contents of stored electronic
communications such as emails. At the pleading stage of this case, Walker averred
that the defendants violated SCA § 2703 because they “used an unlawful subpoena
to seize and/or require” Penn State to disclose the contents of her emails (App. 41-
42 – ¶¶ 57-63).
In its ruling refusing to allow Walker to go forward on this aspect of her
case, the district court quoted portions of SCA §§ 2703(a) and (b), but did not
delve into the details or subtleties of these statutory provisions in any way (See
App. 8-9). Instead, the district court took a different approach, emphasizing that
“[t]he government can always obtain documents through a party’s consent” (App.
9). If so, the court continued, there was no reason why Penn State could not
“cooperate with prosecutors as to its own records” (Id.). In that event, according to
the court, compliance with SCA § 2703 was not necessary in this instance (Id.).
Case: 19-1067 Document: 003113232480 Page: 40 Date Filed: 05/08/2019
31
In other words, SCA § 2703 governs situations when disclosure, by an
unwilling, non-consenting party or entity, may potentially be compelled despite the
resistance of that party or entity. “Because Penn State consented to disclosure of
Ms. Walker’s emails,” there was no need for the defendants to compel Penn State
to disclose anything. Ergo, Walker failed to state a claim against the defendants
for violating SCA § 2703 (App. 8-9).
While the district court did not mention SCA § 2702, that provision validates
the court’s approach to Walker’s § 2703 claim. On its face, SCA § 2702 explicitly
contemplates some voluntary disclosures of stored communications to third parties;
after all, it is captioned “Voluntary disclosure of customer communications or
records[.]”17 At the same time, SCA § 2702 curtails the ability of communications
service providers to voluntarily divulge the contents of electronic communications
to a “person or entity” to some extent. The question is whether any of the
“prohibitions” on voluntary disclosures set forth in SCA § 2702(a) constrained
Penn State’s decision to share Walker’s emails with the defendants. If not, Walker
has nothing to complain about.
“Importantly, § 2702 imposes restrictions only on providers of ECS
[electronic communication services] and RCS [remote computing services] that
17 In contrast, SCA § 2703 is captioned “Required disclosure of customer
communications or records.”
Case: 19-1067 Document: 003113232480 Page: 41 Date Filed: 05/08/2019
32
provide services ‘to the public.’ Nonpublic providers can voluntarily disclose
information freely without violating the SCA.” Kerr, SCA Guide, at 1220
(footnotes omitted; emphasis added).18 “If a University provides accounts to its
faculty and students … those services are not available to the public.” Id., at 1227
(citing Anderson Consulting LLP v. UOP, 991 F. Supp. 1041, 1042-1043 (N.D. Ill.
1998)).
Consistent with the district court’s view, then, Penn State, as a nonpublic
provider, could indeed voluntarily make Walker’s emails – retrievable from Penn
State’s own system – available to defendants Coffey and Zimmerer. And that –
consistent with the sequence of events summarized in Walker I, 905 F.3d at 149-
150 and reiterated in Walker’s Second Amended Complaint – is what Penn State
ultimately did, in response to the defendants’ initial and follow-up inquiries. Put
differently, the Stored Communications Act did not bar the defendants from
seeking information from Penn State (unquestionably a non-public provider), and it
also did not bar Penn State from voluntarily acceding to their request.
Discounting any possibility of voluntariness or consent on Penn State’s part,
Walker still insists that her § 2703 claim was viable. Her main argument rests on
18 For the definition of “electronic communication service” (ECS), see SCA
§ 2711(1), which incorporates 18 U.S.C. § 2510(15) by reference. For the
definition of “remote computing service” (RCS), see SCA § 2711(2).
Case: 19-1067 Document: 003113232480 Page: 42 Date Filed: 05/08/2019
33
the premise that the defendants improperly compelled Penn State to disclose her
emails to them, by handing them an “illegal” subpoena (See Brf., at 14-17).19 This
contention is not convincing.20
19 Before and after her main invalid-subpoena argument, Walker makes two
briefer points based on an explicit assumption, for the sake of argument, that the
defendants presented Penn State with a valid subpoena (See Brf., at 15). Even if
they did so, Walker suggests, there were two further problems:
First, no subpoena would be good enough to compel the disclosure of emails
that were in electronic storage for 180 days or less, because in that situation, a full-
blown warrant, not a mere subpoena, is mandatory under SCA § 2703(a). Whether
this is legally correct or not is beside the point, because the subpoena here, dated
October 20, 2015, sought emails dating back to 2008, far more than 180 days (See
App. 52).
Second, even if a subpoena was an option to compel the disclosure of Penn
State emails that were in electronic storage for more than 180 days, any such
subpoena allegedly was ineffective because Walker was not given advance notice
that a subpoena was forthcoming. Whether this categorical assertion is legally
correct or not is also beside the point, because SCA § 2705 allows delayed notice
in some situations, and this could certainly have been one of them.
In short, Walker’s two fallback points do not merit extended discussion
because neither would be dispositive. Everything still rests on whether, based on
all of Walker’s own factual allegations, she stated a viable SCA claim (despite the
incomplete subpoena).
20 One threshold detail warrants brief mention: SCA §§ 2703(a) and (b)
spell out when and how a “governmental entity” may require someone else to
disclose specified electronic communications. Walker averred that defendants
Coffey and Zimmerer are “governmental entities” for this purpose (App. 41 –
¶ 57), but this is a legal conclusion, which need not be credited. See, e.g., Ashcroft
v. Iqbal, 556 U.S. 662, 678 (2009). What is more, Walker’s complaint explicitly –
and somewhat inconsistently – indicates that each of the defendants is “an
individual,” being sued “in his individual capacity” (App. 32-33 – ¶¶ 2, 3).
Whether and to what extent this distinction has legal ramifications in the SCA
context, as it does in other kinds of cases, is nowhere addressed. Cf. Hafer v.
Melo, 502 U.S. 21, 25-27 (1991) (differentiating between personal and official-
Case: 19-1067 Document: 003113232480 Page: 43 Date Filed: 05/08/2019
34
Both to support her § 2703 illegal subpoena argument on the merits, and to
neutralize the consent issue, Walker relies on a single case, Freedman v. America
Online Inc., 303 F. Supp.2d 121 (D. Conn. 2004) (See Brf., at 15-17).21 Freedman,
however, obviously does not bind this Court and, moreover, cannot bear the weight
Walker asks it to carry.
Contrary to Walker’s suggestion (Brf., at 16), Freedman is not “on all fours”
with her case. Rather, the scenario at issue in Freedman was different from hers,
in a legally meaningful way.
In Freedman, two police officers involved in an investigation had prepared a
“Search and Seizure Warrant Application,” which was not signed or approved by a
judge, and faxed it to America Online, Inc. (AOL). Id., 303 F. Supp.2d at 123.
Evidently the officers did this “out of the blue,” entirely on their own initiative,
and without directing any “further communication” to AOL. Id. Solely by means
of that fax, then, the officers solicited personal “subscriber information” about the
plaintiff – not stored communications – from AOL, a commercial internet service
capacity actions). For now, the defendants will assume that they qualified as
governmental entities.
21 Addressing qualified immunity, Walker does cite additional cases to show
that the defendants “clearly” violated SCA § 2703 (Brf., at 28-29). These further
citations do not strengthen her position (on qualified immunity or on the merits).
See infra, at 46-47.
Case: 19-1067 Document: 003113232480 Page: 44 Date Filed: 05/08/2019
35
provider. Id.22 AOL went ahead and responded a few days later, apparently
without first reaching out to the officers informally or expressing any uncertainty
about their responsibilities. Put bluntly, AOL forwarded all of the requested
personal information to the officers via fax, no questions asked. Id.
Unlike Walker, who only sued defendants Coffey and Zimmerer, not Penn
State, the plaintiff in Freedman filed an 11-count complaint against AOL and the
two officers (and, incidentally, the town that employed them), alleging – among
other things – that the use of an invalid search warrant violated SCA § 2703(c).
Id., 303 F. Supp.2d at 123-124. On that claim, summary judgment was entered
against the officers, id., at 129,23 but the court’s rationale for that conclusion does
not carry over to this case.
In Freedman, the district court rejected the officers’ suggestion that their
original fax was “just” an innocuous “request;” rather, the court emphasized, the
apparently-unsolicited fax was clearly designed to induce compliance by coming
22 In contrast to Penn State (a non-commercial entity that happened to be
Walker’s employer), AOL is a commercial provider of electronic communication
services. For purposes of SCA § 2703, the plaintiff in Freedman was one of
AOL’s “customers” or “subscribers.”
23 The claim against AOL was adjudicated separately, after being transferred
to Virginia. See Freedman v. America Online, Inc., 325 F. Supp.2d 638 (E.D. Va.
2004).
Case: 19-1067 Document: 003113232480 Page: 45 Date Filed: 05/08/2019
36
across as “official” (even if it was unsigned). See id., at 127.24 But the court did
not articulate a legal rule to be applied in future cases. In no way did Freedman
conclude that every technically non-compliant but official-seeming document that
seeks subscriber information gives rise, in and of itself, to an actionable SCA claim
in favor of the affected subscriber, against law enforcement parties, regardless of
the surrounding circumstances.
The instant case is distinguishable from Freedman because, here, the
defendant-investigators did not blindside the entity in possession of the
information being sought. Unlike the officers in Freedman, defendants Coffey and
Zimmerer were in direct contact with Penn State and effectively reached an
agreement whereby the emails at issue would be made available.
Details regarding the exact nature of the defendants’ original (presumably
verbal) request to Penn State and the response thereto – when Penn State
“demanded” a subpoena (App. 36 – ¶¶ 24-26) – are unspecified and unknowable at
this stage. That exchange could have been angry, adversarial, and insistent, or it
could have been matter-of-fact, open, and friendly. It does not matter. There is no
question that, thereafter, the defendants approached Penn State a second time,
24 Freedman also dismissed the officers’ argument that AOL could have
chosen to overlook any deficiencies in the faxed document pursuant to some
“emergency exception” to SCA requirements. Id., at 127-128.
Case: 19-1067 Document: 003113232480 Page: 46 Date Filed: 05/08/2019
37
bearing a subpoena;25 that Assistant General Counsel Katherine Allen reviewed the
subpoena; that, notwithstanding any possible irregularity in that document, Ms.
Allen, a lawyer, nevertheless designated someone from her office to “assist with
the subpoena” (App. 50); and that the requested emails were then produced. If
faced with these facts and circumstances, there is no reason to believe that the
Freedman court would have found in Walker’s favor.
In sum, notwithstanding the outcome in Freedman, on the facts as pled by
Walker, there are no grounds to infer that the defendants improperly “compelled”
Penn State’s disclosure of her emails. They did not violate SCA § 2703.
II. Alternatively, The Defendants Were Entitled To Qualified Immunity
On Walker’s Stored Communications Act Claims Against Them.
As articulated earlier in this very case, “[q]ualified immunity shields
government officials from civil damages liability unless the official violated a
statutory or constitutional right that was clearly established at the time of the
challenged conduct.” Walker I, 905 F.3d at 143 (quoting Taylor v. Barkes, 135
S.Ct. 2042, 2044 (2015)). The district court has since determined, on remand, that
25 Defendants again acknowledge that the subpoena they presented was not
properly filled out and therefore unenforceable, and that this Court refused to
condone their actions in Walker I, 905 F.3d at 150. It does not follow, however,
that the defendants violated the SCA (as just explained) or – even if they somehow
acted improperly – that they forfeited their entitlement to qualified immunity. Id.
at 150 & n.63. See Part II, infra.
Case: 19-1067 Document: 003113232480 Page: 47 Date Filed: 05/08/2019
38
qualified immunity is potentially available to governmental parties sued for
damages under the Stored Communications Act in particular (see App. 10-12), and
that qualified immunity shields defendants Coffey and Zimmerer specifically from
liability on Walker’s SCA claims against them (see App. 13-21). Although Walker
questions both of these conclusions (Brf., at 18-30), her arguments lack merit.
A. Defendants in SCA civil cases may raise qualified immunity.
The district court found that “qualified immunity is available for Stored
Communications Act claims” and that defendants Coffey and Zimmerer could
therefore invoke it as a defense to Walker’s SCA damages claims against them
(App. 12). Walker disputes this threshold determination (Brf., at 18-21), but her
criticisms should be rejected.
Relying mainly on Berry v. Funk, 146 F.3d 1003 (D.C. Cir. 1998), Walker
would like this Court to conclude that qualified immunity only exists to protect
defendants who have been sued for violating the Constitution, as opposed to
federal statutes like the SCA (See Brf., at 18-20). While precedents arising from
constitutional claims have shaped qualified immunity jurisprudence over the years
in many ways,26 that does not mean qualified immunity is only available in
26 See, e.g., Reichle v. Howards, 566 U.S. 658 (2012) (First Amendment);
Anderson v. Creighton, 483 U.S. 635 (1987) (Fourth Amendment); Mitchell v.
Forsyth, 472 U.S. 511 (1985) (warrantless wiretap).
Case: 19-1067 Document: 003113232480 Page: 48 Date Filed: 05/08/2019
39
constitutional cases. At least one seminal qualified immunity decision, Harlow v.
Fitzgerald, 457 U.S. 800 (1982), says otherwise and cannot be overlooked.
Fundamentally, Harlow was a public employment dispute. The plaintiff had
sued two presidential aides on both constitutional claims, under the First
Amendment, and statutory claims, under 5 U.S.C. § 7211 and 18 U.S.C. § 1505.
See Harlow, 457 U.S. at 805 & n.10. Against that backdrop, the Supreme Court
held that “government officials performing discretionary functions generally are
shielded from liability for civil damages insofar as their conduct does not violate
clearly established statutory or constitutional rights of which a reasonable person
would have known.” Id., 457 U.S. at 818 (emphasis added).27 Since then,
qualified immunity issues have been litigated in cases involving both statutory and
constitutional violations of individuals’ rights. For example, in Doe v. County. of
Centre, Pa., 242 F.3d 437, 453-455 (3d Cir. 2001), this Court afforded qualified
immunity to county officials on damages claims under the Americans with
Disabilities Act and other federal statutes (as well as the Constitution).
Berry, a wiretap matter, did say – as Walker stresses (Brf., at 18-19) – that
qualified immunity could not be invoked in that type of case because the federal
27 Following Harlow, the “statutory or constitutional” formulation has been
reiterated countless times. See, e.g., City of Escondido, Calif. v. Emmons, 139
S.Ct. 500, 503 (2019). See also Walker I, 905 F.3d at 143.
Case: 19-1067 Document: 003113232480 Page: 49 Date Filed: 05/08/2019
40
wiretap statute contains its own “good faith” defense. Id., 146 F.3d at 1013. More
recently, however, two other courts of appeals have rendered precedential
decisions, declining to follow Berry and going the opposite way regarding the
availability of qualified immunity in wiretap cases. See Tapley v. Collins, 211 F.3d
1210, 1214-1216 (11th Cir. 2000); Blake v. Wright, 179 F.3d 1003, 1011-1013 (6th
Cir. 1999).28 Then, just last year, the Seventh Circuit took the same analytical
approach that had been taken in Blake and Tapley (and its own Wiretap Act case
law), in John K. Maciver Inst. for Public Policy, Inc. v. Schmitz, 885 F.3d 1004
(7th Cir. 2018). There, the Seventh Circuit definitively held that qualified
immunity is available to SCA defendants. Id., 885 F.3d at 1015. The district court
followed suit in this matter (See App. 10-12).
Based on Blake, Tapley, and Maciver, one cannot conclude – as Berry
essentially did – that statutory good-faith immunity and traditional qualified
immunity are co-extensive, or that qualified immunity is redundant in situations
28 Without detailed discussion, this Court, too – albeit in a non-binding
decision – has recognized that one who has been sued in a civil Wiretap Act case
may raise qualified immunity as a defense. See Diana v. Oliphant, 441 Fed. Appx.
76, 81 (3d Cir. 2011) (non-precedential). See also City of Grand Rapids v. Grand
Rapids Police Command Officers Assn., 346 F. Supp. 3d 1061, 1073-4 (W.D.
Mich. 2018) (affording qualified immunity to certain defendants in a wiretap case
in light of, e.g., Blake). Evidently, district courts in the Second Circuit, as well,
have “routinely allowed defendants to raise the defense [of qualified immunity] in
Wiretap Act cases.” See Lonegan v. Hasty, 436 F. Supp.2d 419, 430 n.5 (E.D.N.Y.
2006) (listing examples).
Case: 19-1067 Document: 003113232480 Page: 50 Date Filed: 05/08/2019
41
where statutory immunity may be available. To the contrary, these three post-
Berry decisions teach that, in a given matter, either type of immunity (or perhaps
both) may come into play.
Tellingly, Walker does not mention, let alone analyze, Blake, Tapley, or
Maciver in her brief, even though the district court cited, discussed, and relied
upon all three of them in arriving at – and explaining – its qualified immunity
conclusion. That amply-supported determination should not be disturbed.29
B. Qualified immunity applies because nothing defendants Coffey
and Zimmerer did violated clearly established law.
The defense of qualified immunity protects “all but the plainly incompetent
or those who knowingly violate the law.” Mullenix v. Luna, 136 S.Ct. 305, 308
(2015) (quoting Malley v. Briggs, 475 U.S. 335, 341 (1986)). Whether one can
29 Walker does mention one other decision that discusses immunity, Hepting
v. AT&T Corp., 439 F. Supp. 2d 974 (N.D. Cal. 2006), but it does not particularly
help her. Hepting concerned warrantless electronic surveillance. As to qualified
immunity, the court generally aligned itself with Berry, but it mentioned Blake and
Tapley as well and only actually decided that AT&T, a private communications
provider would not be permitted to raise this defense. Hepting, 439 F. Supp.2d at
1006-1010. In so holding, the court seemed to recognize that, when it comes to
immunity, the policies behind, and protections afforded to, governmental parties –
such as defendants Coffey and Zimmerer – may well be broader than those enjoyed
by private defendants such as AT&T. In other words, standing alone Hepting does
not negate defendants’ qualified immunity argument.
Case: 19-1067 Document: 003113232480 Page: 51 Date Filed: 05/08/2019
42
prevail on this defense hinges upon objective factors, not subjective good faith.
See Anderson, 483 U.S. at 639; Harlow, 457 U.S. at 819.
Analyzing qualified immunity in a given case typically necessitates
answering two questions: “whether the defendants’ conduct violated a statutory or
constitutional right” at all, and, legally, “whether the right at issue was clearly
established when the conduct took place.” Sauers v. Borough of Nesquehoning,
905 F.3d 711, 716 (3d Cir. 2018). See also, e.g., Saucier v. Katz, 533 U.S. 194,
201 (2001). These two inquiries do not have to be undertaken in sequence in every
case. Pearson v. Callahan, 555 U.S. 223, 236 (2009). This Court has discretion to
address either issue first, Sauers, 905 F.3d at 716, and may even bypass the first
inquiry altogether, Pearson, 555 U.S. at 237-241.
If, as explained in Part I above, Walker failed to state an actionable SCA
claim against defendants Coffey and Zimmerer – who therefore cannot be said to
have violated her rights under SCA § 2701 or SCA § 2703 at all – the qualified
immunity inquiry can stop there; the defendants are entitled to prevail on the merits
and on immunity grounds. See Saucier, 533 U.S. at 201. See also, e.g., Walter v.
Pike Cnty., 544 F.3d 182, 196 (3d Cir. 2008) (because plaintiff could not establish
constitutional violation, defendants were also entitled to qualified immunity). But
even assuming that some SCA violation may have occurred here (a point not
conceded), no “clearly established law” put the defendants on notice, in October
Case: 19-1067 Document: 003113232480 Page: 52 Date Filed: 05/08/2019
43
2015, that their conduct was improper. Thus, at a minimum, dismissal of the SCA
claims against the defendants on the basis of qualified immunity was justified.
1. The “clearly established law” standard is central to any
qualified immunity determination.
A right is “clearly established,” for qualified immunity purposes, when the
law is sufficiently clear that every reasonable official would have understood – at
the time of the challenged events – that what he or she was doing would violate
that right. E.g., Reichle, 566 U.S. at 664; Sauers, 905 F.3d at 719. “That does not
require a prior precedent with indistinguishable facts[.]” Sauers, 905 F.3d at 719.
On the other hand, “existing precedent must have placed the statutory or
constitutional question beyond debate.” Ashcroft v. al-Kidd, 563 U.S. 731, 741
(2011).
When making this assessment, a court must look first to applicable Supreme
Court precedent; a relevant Supreme Court holding that answers the question at
hand ends the inquiry. United States v. Baroni, 909 F.3d 550, 586 (3d Cir. 2018)
(citing L.R. v. Sch. Dist. of Phila., 836 F.3d 235, 247-248 (3d Cir. 2016)). If there
is no high-court precedent, controlling authority in the relevant jurisdiction may
suffice, see Reichle, 566 U.S. at 665-666; Wilson v. Layne, 526 U.S. 603, 617
(1999), although a single case from the defendant’s jurisdiction, even if
precedential, does not necessarily afford the requisite notice to a future civil
defendant, see Carroll v. Carman, 135 S.Ct. 348, 350 (2014).
Case: 19-1067 Document: 003113232480 Page: 53 Date Filed: 05/08/2019
44
Absent unquestionably binding, instructive Supreme Court or in-circuit case
law, a “robust consensus of cases of persuasive authority” in the Courts of Appeals
may be enough to “clearly establish the federal right the [plaintiff] alleges.” City
and County of San Francisco v. Sheehan, 135 S.Ct. 1765, 1779 (2015). See also
Mammaro v. N.J. Div. of Child Prot. & Permanency, 814 F.3d 164, 169 (3d Cir.
2016). Conversely, the existence of a circuit split on a determinative legal issue is
a powerful indicator that the law is not clearly established.
Walker largely acknowledges, as she must, that these principles apply in her
case (See Brf., at 21-23).30 But her attempt to undercut the defendants’ immunity
defense falls flat.
30 Citing Doe v. Delie, 257 F.3d 309, 321 n.10 (3d Cir. 2001), Walker also
notes that district court decisions “play a role in the qualified immunity analysis”
(Brf., at 22). While the cited Doe footnote does say that, qualified immunity
principles have continued to develop since then. That aside, the corresponding text
in Doe suggests, more narrowly, that district court opinions “may be relevant to the
determination of when a right was clearly established[.]” Id., 257 F.3d at 321
(emphasis added). Doe also explains why, in various circuits, district court cases
alone are not necessarily controlling when qualified immunity is at issue. Id., at
321 & nn. 10-11. Furthermore, Doe itself held – despite the existence of certain
similar district court cases – that the applicable law was not clearly established in
the situation presented, so the defendants were immune from the plaintiff’s
damages claims.
Case: 19-1067 Document: 003113232480 Page: 54 Date Filed: 05/08/2019
45
2. No clearly established law undermines the defendants’
arguments regarding SCA § 2701 and SCA § 2703.
Throughout the remand proceedings here, Walker charged the defendants
with violating both SCA § 2701 and SCA § 2703 (see, e.g., App. 41-42 – ¶¶ 56,
57, 63); the district court found that she had failed to state a claim under either
statutory section (see App. 6-8, 8-9); and she has addressed the purported merits of
those two claims separately in this Court (see Brf., at 9-14, 14-17). Now though,
as to qualified immunity, she only argues that “Coffey and Zimmerer Clearly
Violated Section 2703” (see Brf., at 27-30) without offering any meaningful
parallel argument with respect to her distinct claim under SCA § 2701.
Defendants submit that, based on their § 2701 merits argument, they did not
violate that provision at all. See 16-28, supra. Even if they did, they ought – at the
very least – to be afforded qualified immunity on that claim without further ado
because no clearly established § 2701 law (i.e., on “access” or “authorization”)
barred their actions. Walker does not cogently argue otherwise.31
31 At the end of her brief, Walker does cite Kane v. Barger, 902 F.3d 185,
195 (3d Cir. 2018), seemingly for the proposition that conduct which violates a
criminal statute – including SCA § 2701 – is, ipso facto, contrary to clearly
established law (Brf., at 30). That argument is baseless, as the district court
recognized (App. 19 & n.102). Kane concerned a claim against a police officer
who, while investigating a woman’s allegation of sexual assault, proceeded himself
to violate her undeniable right to bodily integrity in multiple ways. The pertinent
facts were so extreme that, “intuitively,” this Court found it “absurd” to analyze
whether the officer’s conduct – which contravened policy and possibly also
Case: 19-1067 Document: 003113232480 Page: 55 Date Filed: 05/08/2019
46
Walker’s no-immunity argument on her § 2703 claim is somewhat more
developed, and cannot go unanswered. The question is whether – in light of
available, controlling law on compelled, as opposed to voluntary, disclosures of
electronic communications – any reasonable prosecutor or agent would have
understood, in 2015, that presenting Penn State with an incomplete subpoena for
an employee’s emails clearly violated SCA § 2703, under these specific
circumstances. It did not. This is so because, as explained earlier, Penn State
voluntarily agreed to disclose Walker’s emails which, as a non-public provider, it
was permitted to do, notwithstanding SCA §§ 2702 or 2703.
Freedman, the only case explicitly relied upon by Walker in arguing the
merits of this issue (see Brf., at 16-17), is distinguishable and in any event cannot,
by itself – as a single, out-of-circuit, trial-level decision – rise to the level of clearly
established law for qualified immunity purposes (as the district court recognized,
App. 20-21 & nn. 104-105). See Brown v. Grabowski, 922 F.2d 1097, 1118 (3d
Cir. 1990). In addition to Freedman, Walker does now pull snippets from five
more court decisions and tries to characterize them as a “robust consensus of
appellate precedent” in support of her § 2703 compelled disclosure challenge
criminal statutes – was contrary to clearly established law (but the court did still
undertake the prescribed legal analysis and reject that officer’s qualified immunity
defense). Kane, 902 F.3d at 195-196.
Case: 19-1067 Document: 003113232480 Page: 56 Date Filed: 05/08/2019
47
against the defendants (Brf., at 27-29). But these cases, which differ starkly from
each other (and from this case), shed no light on the objective legal reasonableness
of the defendants’ actions here. Indeed, two were criminal matters;32 the other
three were resolved against the civil plaintiffs.
Throughout its legal life, the SCA has posed interpretive challenges.
Distinguishing “between voluntary disclosure regulated by § 2702 and compelled
disclosure regulated by § 2703” is one of them. See Kerr, SCA Guide, at 1224.
Though many interactions between law enforcement and internet service providers
“fall clearly into one of these categories,” others are in a “gray zone somewhere
between the two.” Id. To illustrate, Professor Kerr offers two examples (quoted in
the margin), each of which somewhat resembles the present scenario, although
neither is identical.33 This commentary highlights, quite vividly, how confusing
32 The lengthy decision in United States v. Bansal, 663 F.3d 634, 662 (3d
Cir. 2011), is particularly irrelevant. It does contain the language Walker
references (regarding § 2703(a) procedures that “law enforcement officers must
follow when compelling disclosure…”), but it involved a warrant, which was
properly obtained and executed (and the defendant’s many other challenges to his
conviction were rejected). As to United States v. Warshak, 631 F.3d 266, 291 (6th
Cir. 2010), see infra, at 50.
33 “A police officer contacts an ISP system administrator and explains that
he is investigating a child molestation case. The officer asks the system
administrator if he is interested in helping out the police by voluntarily disclosing
certain files. Wishing to be a good citizen, the system administrator agrees and
turns over the files to the agent. Is this a case of ‘compelled’ disclosure or
‘voluntary’ disclosure? Alternatively, imagine that a system administrator contacts
Case: 19-1067 Document: 003113232480 Page: 57 Date Filed: 05/08/2019
48
and unsettled the law has been, and still is. That, in a nutshell, is why – if the
defendants ran afoul of the SCA at all – they were rightly afforded qualified
immunity on Walker’s § 2703 claim against them.
3. Even if “electronic storage” warrants consideration,
divergent decisions on the issue reinforce defendants’
entitlement to immunity.
Analyzing qualified immunity, the district court addressed one more issue in
some depth: whether, in connection with Walker’s claims under both SCA § 2701
and SCA § 2703, it was clearly established that her Penn State emails were in
“electronic storage” as the statute specifies (App. 13-20).34 Finding a marked lack
of clarity on this point, the court afforded qualified immunity to the defendants on
this basis (App. 19-20). Walker disagrees (Brf., at 23-27).
If this Court accepts defendants’ merits arguments on these two claims, see
Parts I.A and I.B above, or their corresponding qualified immunity contentions, see
Part II.B.2, there is no need to venture into the “electronic storage” thicket. But
the FBI and wants to disclose files but then asks for a subpoena just to make sure
there was some sort of documentation of the disclosure. The FBI agent agrees,
forward a subpoena to the system administrator, and then accepts the files. Does
the presence of the subpoena turn what was a voluntary disclosure into a compelled
disclosure?” Kerr, SCA Guide, at 1224-1225.
34 SCA § 2701 regulates access to electronic communications “in electronic
storage;” SCA § 2703(a) governs compelled disclosures of electronic
communications “in electronic storage.”
Case: 19-1067 Document: 003113232480 Page: 58 Date Filed: 05/08/2019
49
doing so, as Walker urges, will not change the outcome of this appeal. It will only
reinforce the defendants’ entitlement to qualified immunity, because – as is true on
other issues – the law on this precise point is not clearly established.
Through SCA § 2711(1), the definition of “electronic storage” at 18 U.S.C.
§ 2510(17) is incorporated into the SCA. Accordingly, the term “electronic
storage” means “(A) any temporary, intermediate storage of a wire or electronic
communication incidental to the electronic transmission thereof; and (B) any
storage of such communication by an electronic communication service for
purposes of backup protection of such communication.” Walker contends that her
Penn State emails were in “electronic storage” pursuant to subparagraph (B) of this
provision because they were “stored” by Penn State after being delivered (See Brf.,
at 23-27). The issue, however, is not simply whether the emails were on Penn
State’s server but whether they were held there “for purposes of backup
protection” as § 2510(17)(B) requires. That is not clear. There certainly is no
Supreme Court pronouncement on this point. Nor is there binding precedent from
this Court. And there also is no “robust consensus” among other Courts of
Appeals.
More specifically, in Fraser v. Nationwide Mut. Ins. Co., 135 F. Supp.2d
623 (E.D. Pa. 2001), the district court concluded that “messages that are in post-
transmission storage, after transmission is complete, are not covered by part (B) of
Case: 19-1067 Document: 003113232480 Page: 59 Date Filed: 05/08/2019
50
the definition of ‘electronic storage.’” Id., at 636. On appeal, this Court affirmed
“through a different analytical path, assuming without deciding that the e-mail in
question was in backup storage.” Fraser, 352 F.3d at 114 (emphasis added). To
date, that issue has not resurfaced in this Court.
As she did below, Walker urges this Court to adopt the broad approach to
“electronic storage” taken in Theofel v. Farey-Jones, 359 F.3d 1066 (9th Cir. 2004)
(Brf., at 24). Theofel questioned the district court’s reasoning in Fraser, finding
instead that storage of a message on a provider’s server after delivery does satisfy
the “backup protection” requirement. Theofel, 359 F.3d at 1075. Here, the district
court – like others before it – declined to follow Theofel, characterizing that
opinion as “oft-cited and widely disputed” (App. 16-19). Post-Theofel, no
consensus among the Courts of Appeals has emerged.
Walker herself correctly notes that the Sixth Circuit “cast doubt on Theofel”
in Warshak, 631 F.3d at 291 (Brf., at 27).35 It has not been the only Court of
Appeals to do so. Later, taking a cue from Warshak, the Eighth Circuit thoroughly
explained that, while some trial courts had followed Theofel, others had “openly
disagree[d] with,” or “dispute[d],” or “distinguish[ed]” it. Anzaldua, 793 F.3d at
35 Warshak’s criticism was based in part on the scholarly observation that
the analysis in “Theofel is quite implausible and hard to square with the statutory
text” regarding “electronic storage.” See Kerr, SCA Guide, at 1217.
Case: 19-1067 Document: 003113232480 Page: 60 Date Filed: 05/08/2019
51
840-841. Ultimately, though, the Eighth Circuit found it unnecessary to explicitly
resolve the “backup protection” issue because, even under Theofel’s reasoning, that
plaintiff could not prevail for other reasons.
Anzaldua was decided in the summer of 2015, a couple of months before the
events at issue here. Later – and well after those events – the Eleventh Circuit also
encountered, but did not have to decide, a similar “electronic storage” question.
Remarking that “[m]uch debate surrounds the issues” being raised, that court
declined to “wade into the discussion” because it was undisputed that at least some
emails “accessed” by the defendant were maintained in electronic storage. See
Vista Marketing, LLC v. Burkett, 812 F.3d 954, 963-964 (11th Cir. 2016). A year
later, the same court again opted not to grapple with “this complicated issue … of
first impression in [the] circuit” because it had not been “fairly presented” below.
See Brown Jordan International, 846 F.3d at 1175-1177.
In sum, in October 2015, there was no hint of a “robust consensus” in the
federal appellate courts showing definitively (i.e., clearly establishing) that the
emails defendants obtained from Penn State were, indeed, in “electronic storage …
for purposes of backup protection” as 18 U.S.C. § 2510(17)(B) dictates.36 The
36 Concomitantly, existing law could not be read to say that reasonable
people in defendants’ respective positions would have understood this to be the
case.
Case: 19-1067 Document: 003113232480 Page: 61 Date Filed: 05/08/2019
52
Ninth Circuit had decided Theofel; the Sixth had expressed doubt about it in
Warshak; the Eighth was disinclined to find a “Theofel” problem in Anzaldua but
based its decision on other grounds; and the other nine circuits had not weighed in
at all.37 After October 2015, the Eleventh Circuit twice acknowledged but did not
embrace Theofel. See Vista Marketing; Brown Jordan International. And there
things stood – one court of appeals articulating the legal interpretation Walker
supports; three others neither accepting nor rejecting that view; and the other eight
still saying nothing pertinent – until March 6, 2019.
Six days before Walker filed her opening brief, the Fourth Circuit endorsed
Theofel. See Hately v. Watts, 917 F.3d 770 (4th Cir. 2019). For present purposes,
however, this late-breaking development does not alter the “clearly established”
calculus for this case. The majority of the Courts of Appeals still have not taken a
position on the contours of the “electronic storage” concept, especially the “backup
protection” proviso. That is, there still is no “robust consensus” at the court-of-
appeals level in support of Walker’s legal position. And absent such a consensus,
37 Walker mentions two additional appellate decisions, issued by the First
and Second circuits in 2005 (Brf., at 24), but they are irrelevant. Neither focuses
on whether any emails there at issue were in “electronic storage … for purposes of
backup protection.”
Case: 19-1067 Document: 003113232480 Page: 62 Date Filed: 05/08/2019
53
the applicable law – which was not clearly established in 2015 – remains
unsettled.38
Consideration of Walker’s “storage” argument is not essential, but if it is
explored, the outcome of this case will not change. Dismissal was correct, either
on the merits or on qualified immunity grounds.
38 Aside from Theofel, Walker mainly relies on trial-level “electronic
storage” decisions to support her “clearly established law” argument (See Brf., at
23-27). These will not be separately discussed. Even assuming they might have a
role in the analysis, per Doe, they are not controlling. Crucially, there are
numerous other trial-level decisions, going the other way, as the district court took
care to explain (App. 16-19).
Case: 19-1067 Document: 003113232480 Page: 63 Date Filed: 05/08/2019
54
CONCLUSION
For the foregoing reasons, this Court should affirm the judgment of the
district court.
Respectfully submitted,
JOSH SHAPIRO
Attorney General
By: /s/ Claudia M. Tesoro
CLAUDIA M. TESORO
Senior Deputy Attorney General
Bar No. 32813 (Pa.)
J. BART DeLONE
Chief Deputy Attorney General
Chief, Appellate Litigation Section
Office of Attorney General
1600 Arch Street
Suite 300
Philadelphia, PA 19103
Phone: (215) 560-2908
FAX: (717) 772-4526
DATE: May 8, 2019
Case: 19-1067 Document: 003113232480 Page: 64 Date Filed: 05/08/2019
55
CERTIFICATE OF COUNSEL
I, Claudia M. Tesoro, Senior Deputy Attorney General, hereby certify as
follows:
1. I am a member of the bar of this Court.
2. The text of the electronic version of this brief is identical to the text of the
paper copies.
3. A virus detection program was run on the file and no virus was detected.
4. This brief contains 11,969 words within the meaning of Fed.R.App.P.
32(a)(7)(B). In making this certificate, I have relied on the word count of the
word-processing system used to prepare the brief.
/s/ Claudia M. Tesoro
CLAUDIA M. TESORO
Senior Deputy Attorney General
Case: 19-1067 Document: 003113232480 Page: 65 Date Filed: 05/08/2019
56
CERTIFICATE OF SERVICE
I, Claudia M. Tesoro, Senior Deputy Attorney General, hereby certify that
the foregoing Brief For Appellees is this day being filed electronically, using the
Court’s CM/ECF system, and thus will be served electronically on any/all Filing
User(s) involved in this case, including counsel for appellant at
[email protected] and [email protected] .
I further certify that seven copies of this Brief were duly sent to the Clerk of
the United States Court of Appeals for the Third Circuit in Philadelphia,
Pennsylvania.
/s/ Claudia M. Tesoro
CLAUDIA M. TESORO
Senior Deputy Attorney General
DATE: May 8, 2019
Case: 19-1067 Document: 003113232480 Page: 66 Date Filed: 05/08/2019