Remedies exist for the victims of cyber-privacy violations

keyboard_1500Perhaps the most common call I get from prospective clients involves a complaint that someone, usually a spouse in a divorce or child custody situation, or a rogue employee about to separate from his employer, has accessed the caller’s email account and read the caller’s emails without authorization.  In plain language, someone has “hacked” their email account.   Unfortunately, this type of cyber privacy violation is becoming extremely common.  With the growth in popularity of texting on mobile devices, interception of mobile communications has also become extremely common place, and is a major piece of my practice as well.

Luckily, the law has many powerful remedies for the unauthorized interception of electronic communications as I will describe below. However, to take advantage of these remedies you must act fast, usually within 180 days if the intrusion is to your email account.  The critical evidence that you and your attorney need to prove your case is usually stored by the email service providers for only six months (or less in some circumstances).  You may have even less time to act to preserve evidence in the case of intrusions to mobile communications.  Do not hesitate to contact an attorney who is knowledgeable in the field of electronic privacy violations as soon as you have reason to believe you have been hacked.

Both federal and state statutes protect email and mobile communications from unauthorized interception and disclosure.  Besides making these privacy violations a crime that can be prosecuted by state and federal authorities, many of these statutes also include a private right of action allowing victims whose electronic communications (or data) have been hacked to sue the party responsible for the interception, and in many cases to collect potentially large liquidated and punitive damage awards.

For example, the federal Electronic Communications Privacy Act (“ECPA”, 18 U.S.C. § 2510-22) makes it a crime to intercept various types of communications including email and smartphone texts, chats, iMessages, etc.  (For a complete discussion of this Act see https://it.ojp.gov/privacyliberty/authorities/statutes/1285).

Civil damages under ECPA start at $10,000, but can grow if the violation persists over time.  A liquidated damage award of $100 per day can be imposed if it exceeds the $10,000 minimum.  ECPA also awards attorney fees and costs involved with litigation.   In South Carolina, our state statute (SC Code of Laws §17-30-135) that mirrors the ECPA’s private right of action imposes even larger liquidated damages of “five hundred dollars a day for each day of violation or twenty-five thousand dollars, whichever is greater”, and also awards punitive damages and a “reasonable attorney’s fee and other litigation costs reasonably incurred.”

Another federal statute, the Stored Communications Act (“SCA”, 18 U.S.C. §§ 2701-12.) protects the contents of files, including emails, texts, iMessages, and etc., stored by service providers, and imposes a $1000 per occurrence liquidated damage for unauthorized access.  Punitive damages are also assumed in this statute.  The Fourth Circuit has interpreted “per occurrence” to be per email.   This statute can usually be invoked in any circumstance in which a victim’s online accounts are accessed without authorization and the contents of files stored there are read or copied.   Increasingly, I have seen this statute come into play with privacy violations involving online storage accounts such as Apple’s iCloud, or data storage accounts such as Dropbox, or social media accounts such as Facebook.

Another federal statute frequently used to provide civil remedies for cyber privacy violations is the Computer Fraud and Abuse Act (“CFAA”, 18 USC §1030).   CFAA imposes a range of criminal and civil penalties for unauthorized access to “protected computers”.  In reality any computer (including a smartphone) involved in interstate commerce could be considered an “protected computer” under CFAA.  Therefore, CFAA has been used in many situations to fashion a remedy where a cyber-privacy violation doesn’t fit the scenarios addressed in SCA or ECPA.

You must act quickly to preserve evidence and have your best chances of receiving an appropriate remedy.

  • If you believe that your electronic communications or data have been intercepted or accessed from online storage without your authorization, and you would like to pursue a just remedy, call or email Abrams Cyber Law & Forensics, LLC today.  (843) 216-1100.  steve@abramscyberlaw.com.

Don’t overlook smartphones, tablets when doing discovery in litigation

mobile_1500

The amount of time the average American spends daily on their smartphone (not including voice calls) has increased from 46 Minutes in 2011 to 3 hours and 8 minutes in 2016.  It’s estimated we’ll add another 10 minutes in 2017.   During the same period the amount of time we spend on our desktop / laptop computers has decreased from 2 hours and 20 minutes in 2011 to 2 hours and 11 minutes today.  That downward trend will continue next year as we rely on our mobile devices more and our computers less. These statistics are from a study published by eMarketer.com. Read more

The practice of law needs to adapt to the information age.

The “information revolution” has had profound effects on how we live our lives and interact with one another.  Digital information is now the predominant thing of value and means of commerce in our economy.   What people and businesses once stored on paper in file drawers and in their wallets are now stored in their smartphones and on “the Cloud.”  This transformation to an information age society requires lawyers to profoundly shift their thinking about how to fulfill their obligations of being a zealous advocate for their clients.

This paradigm shift is all encompassing.  Lawyers must change how they prosecute their clients’ cases to preserve and collect relevant digital information from all manner of sources including computers, smartphones, tablets, digital cameras, digital storage media, social media and cloud-based storage.

Once this data is amassed by law firms it must then be adequately catalogued, maintained, and most importantly secured from unauthorized disclosure.  Threats to the security of this confidential digital data held in trust by law firms come from within and without.

The digital age has also brought with it new torts that could never have been imagined before the advent of the Internet.  Internet and electronic privacy violations and defamations are now widespread occurrences.  Federal and state law provides for potentially huge liquidated civil damage awards to the victims of these privacy violations and defamations but the procedures for properly handling these matters, especially in quickly obtaining the evidence held by Internet Service Providers, requires a certain level of expertise and knowledge of the inner workings of Internet technology.

Abrams Cyber Law & Forensics is a new breed of law firm focused like a laser beam at these three new challenges of legal practice in the digital information age.   We can help other law firms with issues related to cyber practice.  We are experts in digital forensics and e-discovery.  We can help secure your data and that of your clients.  We can help you maximize liquidated and tort damage recovery for cyber-age torts.  In coming blog posts I will be taking each of these areas separately and in more detail to help my readers manage the new challenges and opportunities for their law practice in the information age.