Washington Journal of Law, Technology & Arts


The definition of authorization under the Stored Communications Act raises questions about implied authorization in situations where someone fails to secure an email account properly. The few cases that have addressed this issue under the federal act or its state equivalents have not created a bright-line rule. Instead, the question of authorization has been highly fact-dependent. Two leading interpretive theories have emerged on the question of authorization: the code-based theory and the trespass theory. While the code-based interpretation of authorization seems pleasing because it appears to provide highly predictive outcomes, it fails in some circumstances. This failure is especially obvious when someone inadvertently and unintentionally gives someone else permanent access to an email account by, for instance, saving their username and password in the browser of a shared computer. Courts interpreting cases in this context implicitly reject the code-based interpretation of authorization, which would provide no remedy, in favor of the trespass theory. Ultimately, the code-based model does not provide enough flexibility to fit all situations in which the courts wish to provide a remedy. The best test, therefore, involves aspects of both theories.

First Page