June 1, 2006 | By Derek Slater

EFF Victory: New Decision Protects Privacy of Password-Protected Websites

Today, the Eleventh Circuit's issued a decision in Snow v. DirecTV and preserved the legal protections for actually private websites while protecting your right to read public websites. EFF had filed a friend-of-the-court brief supporting this ruling.

The case involved a lawsuit against DirecTV for accessing the public website of anti-DirecTV activists run by plaintiff Michael Snow. The website had a banner and purported Terms of Service forbidding DirecTV representatives from entering the site or using its message board, but it was configured such that anyone in the public could enter the site, create a profile, and use the board.

The lower court had rightly dismissed the case, but for the wrong reasons. It held that the "Stored Communications Act" portion of the Electronic Communications Privacy Act of 1986 did not protect websites at all, even if they were configured to be private. It reached this privacy-destroying decision because DirecTV's lawyers had failed to make the better argument: that web sites *are* protected by the Stored Communications Act (or "SCA"), *except* when they are configured to be readily accessible to the general public.

Since DirecTV had dropped the ball in the lower court, EFF --representing the U.S. Internet Industry Association-- was compelled to jump into the case and make the correct argument to the appeals court. We also convinced DirecTV to include the same argument in its appeal brief. And today, we got the result: the Eleventh Circuit upheld the dismissal of Snow's case, but abandoned the lower court's reasoning and adopted ours!

According to the appellate panel, "We agree with the district court that Snow's complaint fails to state a cause of action for which relief can be granted, but on a different ground: Snow's complaint fails to allege, as the SCA requires, that the website was configured to not be readily accessible by the general public.... If by simply clicking a hypertext link, after ignoring an express warning, on an otherwise publicly accessible webpage, one is liable under the SCA, then the floodgates of litigation would open and the merely curious would be prosecuted. We find no intent by Congress to so permit.... In order to be protected by the SCA, an Internet website must be configured in some way as to limit ready access by the general public."

"The court interpreted the SCA correctly and properly balanced the rights of websurfers and website operators today," said EFF Staff Attorney Kevin Bankston. "A real privacy law disaster was averted today, and EFF is proud of its role in this victory."

Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Backdoors have been discovered in Arris cable modems. This is why we need a security research exemption to the DMCA. http://w00tsec.blogspot.com/2...

Nov 27 @ 2:15pm

Censorship powers, data retention, and vague hacking crimes: Pakistan's terrible cybercrime bill has it all: https://www.eff.org/deeplinks...

Nov 25 @ 5:11pm

While Bangladesh blocks social messaging apps, locals are turning to Tor and Twitter: https://globalvoices.org/2015...

Nov 25 @ 3:50pm
JavaScript license information