An Internet service provider that allowed an advertiser to capture users’ Internet communications is not an aider and abettor under the Electronic Communications Privacy Act of 1986, a federal appeals court has ruled. The U.S. Court of Appeals for the Tenth Circuit based its decision on the fact that the statute “creates no aiding-and abetting civil liability.” 

On December 28, a unanimous panel of the Tenth Circuit in Kirch v. Embarq Management Co. affirmed a summary judgment ruling in favor of the defendants.

In January 2010, Kathleen and Terry Kirch filed a purported class action against United Telephone Company of Eastern Kansas and Embarq, which are both subsidiaries of CenturyLink Inc.

The complaint accused the defendants of installing spyware devices on their broadband networks. They claimed the defendants illegally intercepted their Internet communications by allowing online advertising company NebuAd Inc. to track their Internet use and direct online advertising to particular users. From December 2007 to March 2008, NebuAd tracked the websites visited by Embarq users and sent them particular ads based on that information.

In August 2011 Judge Julie Robinson of the District of Kansas granted the defendants’ motion for summary judgment. Robinson ruled that Embarq had not intercepted the Kirches’ communications because the statute defines intercept as “acquisition of the contents” of a communication.

Robinson also held that Embarq could not be liable for aiding and abetting NebuAd. She added that even if it could, the plaintiffs consented to any interception by agreeing to Embarq’s privacy policy.

The plaintiffs appealed.

Judge Harris Hartz wrote the Tenth Circuit opinion, joined by judges Jerome Holmes and Michael Murphy.

Hartz wrote that Embarq accessed the data in the ordinary course of providing Internet services as an ISP, whichmeant it was not an interception under the statute:

“Because the [statute] creates no aiding-and-abetting civil liability, Embarq is liable only if it itself intercepted those communications. Also, although the district court relied on consent as an alternative ground for summary judgment, we need not consider the issue because we hold that there was no interception.”

Hartz added that the Tenth Circuit “need not decide where to draw the line between access to data andacquisition of data, because Embarq’s access was in the ordinary course of its core business as an ISP transmitting data over its equipment.”

Matthew Price, a Washington associate at Chicago’s Jenner & Block who argued for the defendants, declined to comment. Stinson Morrison Hecker in Kansas City, Mo., also represented CenturyLink.

“CenturyLink is pleased with the court’s ruling, which reflects our focus on protecting and respecting our customers and their information,” said spokesperson Mark Molzen in an email.

Rahul Ravipudi of Los Angeles-based Panish Shea & Boyle, who argued for the plaintiffs, did not respond to a request for comment. Nor did lawyers at Los Angeles-based Engstrom, Lipscomb & Lack, who also represented the plaintiffs.

Jeffrey Neuburger, a partner at New York-based Proskauer Rose, said the court essentially held that, because the statute has no cause of action for aiding and abetting, “the only way the ISP could be liable is if it, itself, intercepted the communications at issue.” Neuburger isn’t involved in the case.

Sheri Qualters is a reporter for The National Law Journal, a Legal affiliate based in New York.