Ehling v. Monmouth-Ocean Hospital Service Corp.

961 F. Supp. 2d 659 (D. N.J. 2013)

Opinion By District Judge Martini

Plaintiff Deborah Ehling filed this action against Monmouth-Ocean Hospital Service Corp. ("MONOC"), Vincent Robbins, and Stacy Quagliana (collectively "Defendants"). For the reasons set forth below, Defendants' motion for summary judgment is GRANTED.

* * * Plaintiff Deborah Ehling is a registered nurse and paramedic. Defendant MONOC is a non-profit hospital service corporation dedicated to providing emergency medical services to the citizens of the State of New Jersey. Defendant Vincent Robbins is the President and CEO of MONOC. Defendant Stacy Quagliana is the Executive Director of Administration at MONOC. Plaintiff was hired by MONOC in 2004 as a registered nurse and paramedic. In July of 2008, Plaintiff took over as President of the Professional Emergency Medical Services Association-New Jersey (the "Union"). * * *

Facebook is a widely-used social-networking website. The website provides a digital medium that allows users to connect and communicate with each other. Every Facebook user must craete a Profile Page, which is a webpage that is intended to convey information about the user. The Profile Page can include the user's contact information; pictures; biographical information, such as the user's birthday, hometown, educational background, work history, family members, and relationship status; and lists of places, musicians, movies, books, businesses, and products that the user likes. AFacebook user can connect with other users by adding them as "Facebook friends." Facebook userscan have dozens, hundreds, or even thousands of Facebook friends. In addition to having a Profile Page, each user has a webpage called a News Feed. The News Feed aggregates information that has recently been shared by the user's Facebook friends. By default, Facebook pages are public. However, Facebook has customizable privacy settings that allow users to restrict access to their Facebook content. Access can be limited to the user's Facebook friends, to particular groups or individuals, or to just the user.

Facebook provides users with several means of communicating with one another. Users can send private messages to one or more users. Users can also communicate by posting information to their Facebook "wall," which is part of each user's Profile Page. A Facebook "wall post" can include written comments, photographs, digital images, videos, and content from other websites. To craete a Facebook wall post, users upload data from their computers or mobile devices directly to the Facebook website. Facebook then saves that data onto its computers (called "servers"). New wall posts are typically distributed to a user's Facebook friends using the News Feed feature. Users' most recent wall posts also appear at the top of their Profile Pages. A user's Facebook friends can comment on the wall posts, indicate that they "like" the wall posts, or share the posts with other users. Facebook users typically do not post information to their Facebook walls with the intent to delete it later. Instead, Facebook designed its website so that its servers would save this data indefinitely. As more and more wall posts are added, earlier wall posts move lower and lower down on the user's Profile Page, and are eventually archived on separate pages that are accessible, but not displayed.

During the 2008-2009 timeframe, Plaintiff maintained a Facebook account and had approximately 300 Facebook friends. Plaintiff selected privacy settings for her account that limited access to her Facebook wall to only her Facebook friends. Plaintiff did not add any MONOC managers as Facebook friends. However, Plaintiff added many of her MONOC coworkers as friends, including a paramedic named Tim Ronco. Plaintiff posted on Ronco's Facebook wall, and Ronco had access to Plaintiff's Facebook wall. Unbeknownst to Plaintiff, Ronco was taking screenshots of Plaintiff's Facebook wall and printing them or emailing them to MONOC manager Andrew Caruso. Ronco and Caruso became friends while working together at a previous job, but Ronco never worked in Caruso's division at MONOC. The evidence reflects that Ronco independently came up with the idea to provide Plaintiff's Facebook posts to Caruso. Caruso never asked Ronco for any information about Plaintiff, and never requested that Ronco keep him apprised of Plaintiff's Facebook activity. In fact, Caruso was surprised that Ronco showed him Plaintiff's Facebook posts. Caruso never had the password to Ronco's Facebook account, Plaintiff's Facebook account, or any other employee's Facebook account. Once Caruso received copies of Plaintiff's Facebook posts, he passed them on to Quagliana, MONOC's Executive Director of Administration.

On June 8, 2009, Plaintiff posted the following statement to her Facebook wall:

An 88 yr old sociopath white supremacist opened fire in the Wash D.C. Holocaust Museum this morning and killed an innocent guard (leaving children). Other guards opened fire. The 88 yr old was shot. He survived. I blame the DC paramedics. I want to say2 things to the DC medics. 1. WHAT WERE YOU THINKING? and 2. This was your opportunity to really make a difference! WTF!!!! And to the other guards . . . go to target practice.

After MONOC management was alerted to the post, Plaintiff was temporarily suspended with pay, and received a memo stating that MONOC management was concerned that Plaintiff's comment reflected a "deliberate disregard for patient safety." * * *

Federal Stored Communications Act

Plaintiff asserts a claim for violation of the Federal Stored Communications Act (or "SCA"). Plaintiff argues that Defendants violated the SCA by improperly accessing her Facebook wall post about the museum shooting. Plaintiff argues that her Facebook wall posts are covered by the SCA because she selected privacy settings limiting access to her Facebook page to her Facebook friends. Defendants disagree and argue that, even if the SCA applies, the facts in this case fall under one of the SCA's statutory exceptions. For the reasons set forth below, the Court finds that non-public Facebook wall posts are covered by the SCA, and that one of the exceptions to the SCA applies. The Court will address each issue in turn.

* * * The first issue before the Court is whether the SCA applies to Facebook wall posts. Very few courts have addressed this issue. For the reasons set forth below, the Court finds that Facebook wall posts fall within the purview of the SCA.

In 1986, Congress passed the Electronic Communications Privacy Act, which was intended to afford privacy protection to electronic communications. Title II of the Electronic Communications Privacy Act contains the SCA, which was designed to "address[ ] access to stored wire and electronic communications and transactional records." "The legislative history of the [SCA] suggests that Congress wanted to protect electronic communications that are configured to be private." Because the SCA was passed in 1986, the statute "is best understood by considering its operation and purpose in light of the technology that existed in 1986." Computer networking was in its infancy in 1986. In the mid-1980s, "personal users [had just begun] subscribing to self-contained networks, such as Prodigy, CompuServe, and America Online." After connecting to a network via a modem, users could download or send e-mail to other users, access a closed universe of content, and post messages on electronic bulletin board systems ("BBS's"). * * * Notably, the SCA was enacted before the advent of the World Wide Web in 1990 and before theintroduction of the web browser in 1994. "Despite the rapid evolution of computer and networking technology since the SCA's adoption, its language has remained surprisingly static." Thus, the "task of adapting the Act's language to modern technology has fallen largely upon the courts."

The SCA provides that whoever "

1. intentionally accesses without authorization a facility through which an electronic communication service is provided; or

1. intentionally exceeds an authorization to access that facility;

and thereby obtains, alters or prevents the authorized access to a wire or electronic communication while in electronic storage in such a system" shall be liable for damages.

The statute further provides that "[i]t shall not be unlawful . . . [to] access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public." In other words, the SCA covers:

1.electronic communications,

2.that were transmitted via an electronic communication service,

3.that are in electronic storage, and

4.that are not public.

Facebook wall posts that are configured to be private meet all four criteria.

First, Facebook wall posts are electronic communications. The SCA defines "electronic communication" as "any transfer of signs, signals, writing, images, sounds, data, or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectronic or photooptical system." To craete Facebook wall posts, Facebook users transmit writing, images, or other data via the Internet from their computers or mobile devices to Facebook's servers. Thus, Facebook wall posts are electronic communications.

Second, Facebook wall posts are transmitted via an electronic communication service. The SCA defines "electronic communication service" as "any service which provides to users thereof the ability to send or receive wire or electronic communications." Facebook provides its users with the ability to send and receive electronic communications, including private messages and Facebook wall posts. Accordingly, Facebook is an electronic communication service provider.

Third, Facebook wall posts are in electronic storage. The SCA distinguishes between two different types of electronic storage. The first is defined as "any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof." The second type of storage is defined as "any storage of such communication by an electronic communication service for purposes of backup protection of such communication." Unlike email, Facebook wall posts are not held somewhere temporarily before they are delivered. Rather, the website itself is the final destination for the information. Thus, Facebook wall posts are not held in temporary, intermediate storage. However, Facebook does store electronic communications for backup purposes. When Facebook users post information, the information is immediately saved to a Facebook server. When new posts are added, Facebook archives older posts on separate pages that are accessible, but not displayed. Because Facebook saves and archives wall posts indefinitely, the Court finds that wall posts are stored for backup purposes. * * *

Fourth, Facebook wall posts that are configured to be private are, by definition, not accessible to the general public. The touchstone of the Electronic Communications Privacy Act is that it protects private information. The language of the statute makes clear that the statute's purpose is to protect information that the communicator took steps to keep private. Cases interpreting the SCA confirm that information is protectable as long as the communicator actively restricts the public from accessing the information. Facebook allows users to select privacy settings for their Facebook walls. Access can be limited to the user's Facebook friends, to particular groups or individuals, or to just the user. The Court finds that, when users make their Facebook wall posts inaccessible to the general public, the wall posts are "configured to be private" for purposes of the SCA. The Court notes that when it comes to privacy protection, the critical inquiry is whether Facebook users took steps to limit access to the information on their Facebook walls. Privacy protection provided by the SCA does not depend on the number of Facebook friends that a user has. "Indeed, basing a rule on the number of users who can access information would result in arbitrary line-drawing" and would be legally unworkable. * * *

Accordingly, the Court finds that non-public Facebook wall posts are covered by the SCA. Because Plaintiff in this case chose privacy settings that limited access to her Facebook wall to only her Facebook friends, the Court finds that Plaintiff's Facebook wall posts are covered by the SCA.

* * * Having concluded that the SCA applies to the type of communication at issue in this case, the Court next evaluates whether either of the SCA's statutory exceptions apply. The SCA "does not apply with respect to conduct authorized

1.by the person or entity providing a wire or electronic communications service; [or]

2.by a user of that service with respect to a communication of or intended for that user."

For the reasons set forth below, the Court finds that the authorized user exception (the second exception) applies in this case.

The authorized user exception applies where

1.access to the communication was "authorized,"

2."by a user of that service,"

3."with respect to a communication . . . intended for that user."

Access is not authorized if the "purported 'authorization' was coerced or provided under pressure." In this case, all three elements of the authorized user exception are present.

First, access to Plaintiff's Facebook wall post was "authorized." The undisputed evidence establishes that Ronco voluntarily provided Plaintiff's Facebook posts to MONOC management without any coercion or pressure. Caruso testified at his deposition that Plaintiff's Facebook friend Ronco voluntarily took screenshots of Plaintiff's Facebook page and either emailed those screenshots to Caruso or printed them out for him. This information was completely unsolicited. Caruso never asked Ronco for any information about Plaintiff and never requested that Ronco keep him apprised of Plaintiff's Facebook activity; in fact, Caruso was surprised that Ronco showed him Plaintiff's Facebook postings. Caruso never had the password to Ronco's Facebook account, Plaintiff's Facebook account, or any other employee's Facebook account. * * *

Plaintiff provided no evidence to support her theory that access to her Facebook page was unauthorized. In the Amended Complaint, Plaintiff alleged that Defendants gained access to her Facebook page because a "member of upper management summoned a MONOC employee, who was also one of Ms. Ehling's Facebook friends, into his office" and "coerced, strong-armed, and/or threatened this employee into accessing his Facebook account on the work computer in the supervisor's presence." After discovery, it became clear that this was not the case. Instead, the evidence reflected that Ronco voluntarily shared this information with Caruso. Plaintiff now surmises that Ronco must have shared the information for "compensation or privileged treatment or a really good deal." But this theory does not make sense in light of MONOC's management structure. Ronco never worked in a division that Caruso oversaw, and Caruso never had control over Ronco's pay or bonuses, so Caruso was not in a position to offer Ronco any sort of benefit. Furthermore, Plaintiff's theory is pure speculation. Plaintiff * * * produced no other evidence that Ronco provided information in exchange for compensation (or some other benefit). Thus, the undisputed evidence shows that access to Plaintiff's Facebook wall post was authorized.

Second, access to Plaintiff's Facebook wall post was authorized "by a user of that service." A "user" is "any person or entity who

uses an electronic communications service; and

is duly authorized by the provider of such service to engage in such use."

It is undisputed that Ronco was a Facebook user: Plaintiff acknowledged that she added Ronco as a Facebook friend and postedon Ronco's Facebook wall.

Third, Plaintiff's Facebook wall post was "intended for that user." Based on the privacy settings that Plaintiff selected for her Facebook page, Plaintiff's wall posts were visible to, and intended to be viewed by, Plaintiff's Facebook friends. On June 8, 2009, when Plaintiff posted the comment about the museum shooting, Ronco was one of Plaintiff's Facebook friends. Thus, the post was intended for Ronco.

In conclusion, access to Plaintiff's Facebook wall post was authorized by a Facebook user with respect to a communication intended for that user. Therefore, the authorized user exception applies and Defendants are not liable under the SCA. Accordingly, the motion for summary judgment on . . . is GRANTED.

Plaintiff [also] asserts a claim for common law invasion of privacy. Plaintiff's claim is premised on Defendants' alleged unauthorized "accessing of her private Facebook postings" regarding the museum shooting. * * * A claim for invasion of privacy under New Jersey law will succeed if a plaintiff brings forth evidence showing that

there was an intentional intrusion "upon the solitude or seclusion of another or his private affairs," and that

this intrusion would highly offend the reasonable person.

In this case, Plaintiff failed to show that there was an intentional intrusion by any of the Defendants. * * * The evidence does not show that Defendants obtained access to Plaintiff's Facebook page by, say, logging into her account, logging into another employee's account, or asking another employee to log into Facebook. Instead, the evidence shows that Defendants were the passive recipients of information that they did not seek out or ask for. Plaintiff voluntarily gave information to her Facebook friend, and her Facebook friend voluntarily gave that information to someone else. This may have been a violation of trust, but it was not a violation of privacy.

Accordingly, the motion for summary judgment is GRANTED. * * *

Case Questions

1. What were the legal issues in this case? What did the court decide?
2. Why did the Facebook post qualify as a "stored communication"? Why did the manager's accessing of that post not violate the Stored Communications Act?
3. Why did the plaintiff's privacy tort claim also fail?
4. Would the outcome of the case have been different if one of the managers had demanded the coworker's Facebook password and viewed the post that way?
5. Should the nurse have been disciplined for the statement she made on Facebook? Why or why not? What are some practical implications of this case for employers and employees?
6. Give at least two APA references and in text citations. NO AI ANSWERS!