Lazette v. Kulmatycki
949 F. Supp. 2d 748
N.D. Ohio2013Background
- Verizon provided a company Blackberry to Lazette for work; she used a personal Gmail on it for some messages.
- Kulmatycki, Lazette’s supervisor, allegedly accessed Lazette’s Gmail without authorization for eighteen months, reading about Lazette’s private matters.
- Lazette alleges Kulmatycki read and disclosed the contents of emails to others.
- Plaintiff asserts five claims: SCA (Stored Communications Act), Title III (OMRSA), Ohio invasion of privacy/seclusion, Ohio Rev. Code § 2913.04(B), and intentional infliction of emotional distress (IIED).
- Defendants move to dismiss; court denies in part and grants in part, with amendments allowed for IIED.
Issues
| Issue | Plaintiff's Argument | Defendant's Argument | Held |
|---|---|---|---|
| Whether SCA § 2701 applies to the Gmail access | Lazette asserts unauthorized access to her Gmail via Verizon device. | Kulmatycki’s access falls within authorized use or exempted facilities; device is not a ‘facility.’ | SCA applies; some opened-before-plaintiff emails constitute violation; but not for opened-before access. |
| Whether Verizon is vicariously liable under SCA § 2701 | Verizon is liable for Kulmatycki’s actions in scope of employment. | Exemption under § 2701(c)(1) may immunize provider. | Verizon’s vicarious liability survives; motion to dismiss denied. |
| Whether Title III claim under § 2520 is stated | Disclosures of emails fall within Title III civil liability. | Accessing stored emails is not interception under § 2510(4)–(5). | Title III claim dismissed. |
| Whether Ohio invasion of privacy/seclusion claim survives | Reading tens of thousands of private emails constitutes intrusion into seclusion. | Dependent on warnings and privacy expectations; prima facie insufficient. | Viable intrusion claim survives; further factual development required. |
| Whether O.R.C. § 2913.04(B) claim is stated | Unauthorized computer access under criminal-kickback-like statute is actionable. | Statute targets hacking; ownership of device not necessary. | Claim stated; statute broad enough to cover conduct. |
| Whether IIED claim survives or requires amendment | Severe emotional distress from invasion is plausible. | Plaintiff’s allegations are conclusory and insufficient under Twombly/Iqbal. | IIED claim denied at pleading stage; plaintiff granted four weeks to amend with plausible injury allegations. |
Key Cases Cited
- State Wide Photocopy Corp. v. Tokai Financial Services, Inc., 909 F. Supp. 137 (S.D.N.Y. 1995) (SCA purposes not exclusively hackers; broad application)
- Sherman v. Salton Maxim Housewares, Inc., 94 F. Supp. 2d 817 (E.D. Mich. 2000) (SCA § 2701 applies to unauthorized access generally)
- In re iPhone Application Litigation, 844 F. Supp. 2d 1040 (N.D. Cal. 2012) (Cell phone not categorically a ‘facility’; weighs device vs server)
- Crowley v. CyberSource Corp., 166 F. Supp. 2d 1263 (N.D. Cal. 2001) (If both accessed device and access point are facilities, odd results)
- Griggs-Ryan v. Smith, 904 F.2d 112 (1st Cir. 1990) (Implied consent in surveillance limited; not blanket permission)
- U.S. v. Workman, 80 F.3d 688 (2d Cir. 1996) (Implied consent considerations in monitoring/ interception)