LoJack interception declared wiretap under ECPA

An Ohio district court recently found that using LoJack software to gain remote access to a stole computer may violate the Electronic Communications Privacy Act (ECPA).

In Clements-Jeffrey v. City of Springfield, Ohio, 2011 WL 3678397 (S.D. Ohio 2011), the school district was being sued for violation of the ECPA. After learning that the laptop was stolen, recover officers began to intercept email, record keystrokes, and capture screen shots. Ultimately, they were led to the new owner (a substitute teacher with the school) who did not realize the laptop had been stolen, but had purchased it from a student.

The court held that it would be okay to report IP addresses or geographic location, but that the wiretapping that occurred in this case was a violation of the ECPA. Further, "[t]he ECPA carves out no exception allowing a private entity to intentionally intercept electronic communications for the purpose of gathering information to facilitate recovery of a stolen laptop." The court also denied an existence of a good faith defense.