US court says 'pocket-dialed' calls are not private

People who don't take basic steps against pocket dialing haven't shown they have an expectation of privacy

A federal appeals court in Ohio has ruled that a person who accidentally "pocket dials" someone shouldn't expect any overheard conversation to be considered private.

The case involves the chairman of the Airport Board in Kenton, Kentucky, which oversees the Cincinnati/Northern Kentucky International Airport. The chairman, James Huff, was on a business trip in Italy with his wife and a colleague when he accidentally pocket-dialed the secretary of the airport's CEO back in the U.S.

The secretary, Carol Spaw, said "hello" a few times and soon figured out the call wasn't meant for her. But she overheard Huff and his colleague talking about personnel matters, including the possibility that the airport's CEO -- Spaw's boss -- might be replaced. The inadvertent call continued after Huff got back to his hotel room with his wife.

The call lasted 91 minutes and Spaw stayed on the line the entire time, court records show. Spaw claims that she thought Huff was discussing a plan to illegally discriminate against the CEO, a woman. She says she felt obliged to record the call and report it.

Spaw took handwritten notes for most of the call, but managed to record the last four minutes after a colleague brought her an iPhone. By that time, Huff was back in his hotel room, where he discussed personal matters with his wife Bertha but also shared some details of the personnel discussion from earlier.

Huff and his wife sued Spaw, alleging she had breached their privacy by violating a law often called the Wiretap Act, which prohibits interception of "wire, oral or electronic communications."

However, the catch is that the law applies only where people can show they had a reasonable expectation of privacy. And that's not case with pocket-dialed calls, the appeals court ruled, upholding in part a lower court's decision.

Citing case law, the Sixth Circuit Court of Appeals said people must "exhibit" that they have an expectation of privacy, by taking reasonable steps to ensure their conversation won't be overheard.

Huff admitted in his deposition that he was aware of the risk of making pocket-dialed calls, and that he'd made them himself in the past. The appeals court noted that methods exist to prevent such calls, including locking a phone or using an app designed for that purpose, but Huff didn't use any of them. So while he may have intended his call to be private, he didn't do enough to show that he had that expectation.

The appeals court drew a parallel with a person not drawing the curtains in their home.

"Under the plain-view doctrine, if a homeowner neglects to cover a window with drapes, he would lose his reasonable expectation of privacy with respect to a viewer looking into the window from outside of his property," the court said.

The same applies to pocket-dialed calls, according to the court. If a person doesn't take reasonable steps to keep their call private, their communications are not protected by the Wiretap Act.

The court also cited a case in which police discovered a defendant's child pornography using Limewire, the peer-to-peer file sharing service. The defendant there claimed the evidence had been gathered in a warrantless search, but a different appeals court said the defendant had failed to demonstrate an expectation of privacy, because he "opened up his download folder to the world."

"The principle that a person does not exhibit a reasonable expectation of privacy when he knew or should have known that the operation of a device might grant others access to his statements or activities" is applicable to the Wiretap Act as well, the appeals court said.

However, it noted, the same may not apply to Huff's wife, Bertha, who couldn't be expected to know that a person she was talking to had a smartphone in their pocket and hadn't taken steps to secure it.

"If Bertha waived her reasonable expectation of privacy from pocket-dials by speaking to a person who she knew to carry a pocket-dial-capable device, she would also waive her reasonable expectation of privacy from recordings and transmissions by speaking with anyone carrying a recording-capable or transmission-capable device, i.e., any modern cellphone," the court said.

"The district court's holding would logically result in the loss of a reasonable expectation of privacy in face-to-face conversations where one party is aware that a participant in the conversation may have a modern cellphone."

That doesn't necessarily mean Spaw is liable, however, because liability applies under the Wiretap Law only when a person "intentionally" uses a "device" to intercept oral communications.

The appeals court sent the case back to the lower court to decide if Spaw's actions -- including transcribing notes from the call and recording part of it -- constituted an "intentional use of a device" to intercept Bertha Huff's communications.

James Niccolai covers data centers and general technology news for IDG News Service. Follow James on Twitter at @jniccolai. James's e-mail address is james_niccolai@idg.com

Join the CSO newsletter!

Error: Please check your email address.

Tags securityprivacy

More about IDGNewsTwitter

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by James Niccolai

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place