TRANSACTIONAL LAW CORNER
TRANSACTIONAL LAW CORNER
A Wild Third Party: Privacy After Commonwealth of Pennsylvania v. Kurtz
GERARD E. REINHARDT
THE KURTZ RULE
A user has no privacy rights in either the content or metadata associated with internet searches or, by corollary, nonsecure email transmissions.
A nonsecure search platform is generally one that logs search queries, IP addresses, or click behavior, uses cookies, shares data with advertisers or data brokers, and lacks encryption. Google is an example of a nonsecure search platform, and Gmail, Hotmail, and Yahoo are examples of nonsecure email platforms.
PRIVACY, TECHNOLOGY, AND THE THIRD- PARTY DOCTRINE
The“ third-party doctrine” holds that, generally, a person lacks a reasonable expectation of privacy in information or materials when that person exposes that information to a third party. Florida recognizes the third-party doctrine. " In most cases, a voluntary disclosure to a third party of... privileged material... waives the privilege." 2
The Pennsylvania Supreme Court has recently issued an opinion that applies the third-party doctrine to nonsecure online searches. The court found that an individual has no reasonable expectation of privacy in the content and metadata associated with his use of a nonsecure online search platform based on the terms of Google’ s User Agreement, the common knowledge of Google’ s use of prompts to target ads, and the alternatives available to the use. The court further found that the same result obtains under the Pennsylvania Constitution. 3
The court’ s reasoning seems fully applicable to nonsecured email and artificial intelligence platforms.
A contrary holding from the Colorado Supreme Court 4 sets up jurisdiction for a Supreme Court challenge. Short of that, other states may adopt the Kurtz Rule, via either statute or judicial action.
BROADER IMPLICATIONS OF THE KURTZ RULE
The adoption of the Kurtz Rule, could raise some thorny questions outside the close of reverse keyword searches:
• Attorney-Client Privilege: Florida statute explicitly limits the scope of the attorneyclient privilege by excluding instances where the“ holder of the privilege, voluntarily discloses or makes the communication when he or she does not have a reasonable expectation of privacy”( emphasis added) 5.
Will attorney-client communications transmitted via a nonsecure email system( perhaps the client’ s Gmail account) destroy the privilege?
In case of such a failed privilege claim, would a malpractice action against the attorney who used a nonsecure email platform survive a motion to dismiss?
• Ethics: Is transmission of confidential client information via a nonsecure email system a violation of an attorney’ s ethical duty to maintain the confidentiality of such information 6?
• Trade Secret: The relevant Florida statute requires that a trade secret be“ the subject of efforts that are reasonable under the circumstances to maintain its secrecy”( emphasis added). 7 The federal trade secret statute includes a similar provision. 8
Can transmission via a nonsecure email system destroy the trade secret?
• Patent: Is transmission of an invention disclosure via a nonsecure email system a“ printed publication” under the Patent Act 9, and thus available as prior art to invalidate a patent claiming that invention based on a later-filed application?
• Copyright: Is transmission of an expressive work via a nonsecure email system a publication under the Copyright Act 10, which could impact the availability of statutory damages?
CONSIDERATIONS FOR TRANSACTIONAL ATTORNEYS
Prudent attorneys may wish to consider the following items:
• Avoid the use of nonsecure emails( e. g., Gmail) in communications with clients, colleagues, experts, and vendors. If a client currently uses such an email, urge
PBCBA BAR BULLETIN 24 the use of a secured email platform( e. g., Proton).
• Avoid the use of any nonsecure search engines( e. g., Google) or AI platforms( e. g., Gemini).
• In contractual notice provisions, specify only secured, encrypted email addresses.
• In contracts, include representations that no party has used nonsecure emails, search engines, or artificial intelligence tools to generate or communicate any material within the scope of the confidential material provision. Recite the secure modalities that may be so used. Include corresponding warranties.
• In conducting due diligence of a transaction involving Intellectual Property, explore the questions above regarding implications for patents, copyrights, and trade secrets. These questions will similarly apply in litigation.
• In discovery requests, specify that any email entries on a privilege log include the email platform, and if it is a nonsecure platform( e. g., Gmail, Hotmail, Yahoo), challenge the privilege based on the thirdparty doctrine.
1
Gerard Reinhardt is an attorney with over 25 years of experience in Intellectual Property. He is licensed to practice law in Florida, New York, Texas, and the District of Columbia. He is also registered to practice before the US Patent and Trademark Office. Gerard has litigated complex patent cases with the NY IP boutique Morgan & Finnegan for such clients as Exxon, IBM, and Bombardier, and practiced in-house with Merck in the life sciences and Hatch- Waxman spaces. In addition to a JD and MBA, Gerard holds BS and MS degrees in Chemical Engineering. Prior to starting the practice of law, Gerard practiced engineering for 15 years with Raytheon.
2
Rodriguez v. Lewis, 2025 U. S. Dist. LEXIS 270674, * 7, 2025 LX 605296( SDFL, 2025), quoting Visual Scene, Inc. v. Pilkington Bros., plc., 508 So. 2d 437, 440( Fla. 3d DCA 1987).
3
PA. CONST. art. 1, § 8.
4
Colorado v Seymour, 2023 CO 53, 23SA12( CO Sup. Ct. 2023).
5
Fla. Stat. § 90.507.
6
See FL Ethics Rule 4 1.6.
7
Fla. Stat. § 688.002.
8
18 USCS § 1839.
9
See 35 USC § 102( b).
10
See 17 USC § 412.