The National Law Journal takes a look at Crispin v. Christian Audigier Inc., 2010 U.S. Dist. Lexis 52832 (C.D. Calif. May 26, 2010), a recent court decision (pdf) that the Journal says “appears to be the first to apply the Stored Communications Act, enacted in 1986, to content on today’s social networking sites.”

The plaintiff, an artist named Buckley Crispin, claimed that the defendants, Christian Audigier Inc. and its sublicensees, used his artwork in violation of their oral agreement. The defendants sought information from MySpace and Facebook, including Crispin’s subscriber information and all communications by Crispin referring to any of the defendants. A federal magistrate declined to quash certain of the defendants’ subpoenas, rejecting among other arguments that the information they sought was protected by the SCA.

The district court’s decision offered answers to two key questions. First, the holding explains that the SCA’s protections reach at least some of the content hosted on social networking sites and that such content will be precluded from discovery from those sites. Second, the decision suggests that privacy settings matter. The private messaging features of social networking sites were protected because the court considered them to be as private as e-mail. Moreover, the court found that the SCA’s protections applied to wall postings and comments only to the extent that those communications were not available to the general public.

The Stored Communications Act was designed to protect the privacy of certain digital information. Although the district court in Crispin eventually concluded that some content on MySpace and Facebook is protected, the SCA does not easily apply to these new technologies. That is because the SCA “freez[es] into the law” the way that computers were used in 1986, in particular by extending its protections to two specific types of network service providers — electronic communication services and remote computing services. When the SCA was drafted, subscribers used third-party network services for two main purposes — sending communications, such as e-mail, and outsourcing resource-intensive computing tasks, such as storing large files or processing data. [...]

The decision leaves a number of questions unanswered. First, does the SCA protect forms of content that are radically different from anything that existed in 1986? [...]

The decision does not address how restricted access to content must be in order for that content to be considered private. Is content private if one must be a site subscriber to access it, or must access be limited to a user’s “friends,” which on Facebook may number in the thousands? Finally, it does not address the interaction between a provider’s policies and an individual’s privacy choices. What if a user is unaware of these distinctions? May a user avoid discovery simply by modifying his or her settings at the time of trial?

This entry was posted on Wednesday, September 1st, 2010 and is filed under Anonymity, Identification, Security, Technology. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Possibly related posts:

• ReadWriteWeb: On Privacy in Social Networks: What Drives Users?
• Lauren Gelman: Privacy, Free Speech, and ‘Blurry-Edged’ Social Networks
• MIT Technology Review: Social Networks Keep Privacy in the Closet