Joffee et al. v. Google, Inc., 2013 WL 4793247 (9th Cir. 2013)

Breanne M. Hoke

In Joffe et al. v. Google, the U.S. Court of Appeals for the Ninth Circuit unanimously ruled that Google could be sued for illegal wiretapping under the federal Wiretap Act, 18 U.S.C. § 2511,[1] when the company collected data from unencrypted Wi-Fi networks through its use of Street View photographs.[2] The Ninth Circuit’s ruling bolsters the legal positions of consumer advocacy groups and government regulators to pursue privacy violations against Google. It also follows the current trend to expand the scope of privacy jurisprudence to reach Internet based companies to protect the public.

In 2007, Google launched its “Street View” feature, which provides street level photographs of locations through its Google Maps service.[3] Google was able to create these comprehensive images by attaching cameras to vehicles that drove on public roads and captured their surroundings. From 2007 to 2010, Google also mounted Wi-Fi antennas onto its cars to collect data from nearby unencrypted Wi-Fi networks.[4] Google collected both “basic data” that helped the company provide “location-based” services, and “payload data,” which includes all data transmitted by a device connected to a Wi-Fi network (i.e. emails, usernames, passwords, videos, and documents).[5]

In response to Google’s payload data collection, consumers filed a putative class action asserting that Google had violated the federal Wiretap Act, 18 U.S.C § 2511, and various other state wiretap statutes.[6] The federal Wiretap Act, 18 U.S.C § 2511 imposes liability on a person who “intentionally intercepts . . . any wire, oral, or electronic communication,” subject to exceptions.[7] Google argued its actions were lawful under the exceptions because the Wi-Fi signals were “electronic communications” that are “readily accessible to the general public.”[8] The Wiretap Act provides that the exception, “readily accessible to the general public,” is limited to “radio communication.”[9] However, the Act fails to define that term, which left the district court to interpret whether data transmitted over a Wi-Fi network is a “radio communication.”[10]

The district court interpreted “radio communication” to be limited to “traditional radio services,” and not to encompass other technologies that use radio waves.[11] The court further addressed whether the term, “readily accessible to the general public” applied to electronic communications that are not radio communications in light of the 1986 amendments to the Act.[12] It determined that Wi-Fi signals were not “readily accessible to the public” because Wi-Fi technology, like cellular phones, is designed to transmit radio waves in private communications to select recipients.[13] Therefore, Wi-Fi technology intentionally makes third party monitoring difficult, and its use should be subject to greater protection than unencrypted public radio.[14] Based on its statutory interpretation, the district court denied Google’s motion to dismiss, and Google filed an interlocutory appeal to the Ninth Circuit.

The Ninth Circuit affirmed the lower court’s ruling. First, the court ruled that Google did not meet the first prong of the exception under 18 U.S.C. § 2511(2)(g)(i) because data transmitted over Wi-Fi networks does not meet the ordinary or historical definition of “radio communication.” [15] The court disagreed with Google’s broad interpretation that radio communications refers to any information transmitted using radio waves, and ruled that Congress intended radio communication to be limiting when it excluded television broadcasts.[16] The Ninth Circuit supported its reasoning by finding radio communications to be generally understood as predominantly auditory broadcasts, which necessarily excludes data transmitted via Wi-Fi networks.[17] It then determined that Congress also intended radio communications to be limited to predominantly auditory broadcasts in order to read the term coherently and consistently with the entire Wiretap Act.[18]

Secondly, the Ninth Circuit ruled that Google did not meet the second prong of the exception under 18 U.S.C. § 2511(2)(g)(i) because Wi-Fi transmissions are not “readily accessible to the general public.”[19] It reasoned that Wi-Fi transmissions do not travel far outside the home, and therefore, are not “readily available” for the public to capture.[20] Additionally, Wi-Fi transmissions of payload data are not readily available because it is difficult for the public to access this data without “sophisticated hardware and software.”[21] Because the Ninth Circuit found that Google’s actions did not fall under the exceptions of 18 U.S.C § 2511(2)(g)(i), in regards to “radio communications,” or within the plain meaning of “readily accessible to the public,” it freed the consumers to pursue their case against Google.

The Ninth Circuit’s decision effectively extended the privacy protections granted in the Wiretap Act to unencrypted Wi-Fi data transmissions.[22] This decision affects Google on several different fronts. First, when the FCC originally investigated Google’s Wi-Fi interceptions, it decided not to pursue action against Google under § 705(a) of the Communications Act because the FCC considered § 705 to be limited by the federal Wiretap Act, 18 U.S.C § 2511.[23] Thus, the decision may subject Google to FCC liability under § 705(a) of the Communications Act. Secondly, the FTC is continuing to investigate Google’s Wi-Fi interceptions, and has already informed Google that it needs to institute internal policies and procedures that protect the privacy of the public.[24] This request, albeit vague, will affect Google’s internal policies as it expands into new technological areas that potentially infringe upon individuals’ privacy, such as Google’s facial recognition technology.[25] The FTC’s request for better internal policies will also undoubtedly be industry wide for Internet based businesses. Therefore, Joffe notifies such companies to create substantial internal privacy safeguards when developing and implementing new technologies through the collection of individuals’ private data. Lastly, the case demonstrates that class action consumer lawsuits have standing to file suit for privacy violations against Internet companies.

[1] 18 U.S.C § 2511 (1986).

[2] Joffe et al. v. Google, Inc., 2013 WL 4793247 (9th Cir. 2013). (you’re citing to the case, which must follow the BB rules in the white pages. The case name should not be italicized per Rule 10, and the signal see generally provides background material with a parenthetical – you’re naming the case in your sentence with the holding so no signal is necessary).

[3] Joffe, at *1.

[4] Id.

[5] Id.

[6] Id.; 18 U.S.C. § 2511.

[7] 18 U.S.C. § 2511(g)(i) (excluding “electronic communications” that are “readily accessible to the general public” from liability under the Wiretap Act).

[8] Id.

[9] 18 U.S.C. § 2511.

[10] In re Google Inc. St. View Elec. Commc’ns Litig., 794 F.Supp.2d at 1076-81 (N.D. Cal. 2011).

[11] Joffe, at *2.

[12] In re Google Inc. St. View, at 1082; Electronic Communications Privacy Act, 18 U.S.C. § 2510, et seq. (1986).

[13] In re Google Inc. St. View, at 1082-83.

[14] Id. (citing S. Rep. No. 99-541, at 6 (1986)).

[15] Joffe, at *5-13; 18 U.S.C. § 2511(2)(g)(i).

[16] Id. at *5-6.

[17] Id. at *6-7.

[18] Id. at *7-13 (comparing the term “radio communications” with the term “communication by radio” found in 18 U.S.C. § 2511(2)(g)(ii) to distinguish that radio communications were limited to primarily auditory broadcast whereas communication by radio were more expansive, and finding these definitional distinctions avoided inconsistencies within the statute, and provided appropriate statutory protection).

[19] Id. at *13-15; 18 U.S.C. § 2511(2)(g)(i).

[20] Joffe, 2013 WL 4793247 at *14.

[21] Joffe, at 14.

[22] See John Seiver, 9^th Circuit Joffe v. Google “Street View” Decision Raises Questions About Wiretap Act’s “Radio Transmissions” Exception, Privacy & Security L. Blog (Sept. 18, 2013), https://www.jdsupra.com/legalnews/9th-circuit-joffe-v-google-street-view-05738/.

[23] See David M. Silverman, FCC: Google’s Collection of Unencrypted Data Does Not Violate Communications Act, Privacy & Security L. Blog, (April 17, 2012) https://www.privsecblog.com/2012/04/articles/dataprotection/fcc-googles-collection-of-unencrypted-data-does-not-violate-communications-act/.

[24] FTC Letter to Google, Inc., (Oct. 27, 2010), available at https://www.ftc.gov/enforcement/cases-proceedings/closing-letters/google-inquiry.

[25] See In the matter of Face Facts: A Forum on Facial Recognition, FTC Project No. P115406, Comments of Computer and Communications Industry Association (Dec. 8, 2011), available at .