Rent-to-Own Company Beats Screenshot Spyware Class Action

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Jimmy H. Koo

SEI/Aaron’s Inc.'s use of spyware to capture screenshots and log keystrokes on rent-to-own computers didn’t violate federal privacy law because the shots weren’t triggered by user communications, a federal trial court has ruled ( Krise v. SEI/Aaron’s, Inc. , 2017 BL 293997, N.D. Ga., No. 1:14-CV-1209-TWT, filed 8/22/17 ).

Under the court’s reasoning, companies may monitor computer-user activity as long as the methods employed aren’t activated by a user communication, such as sending an email or engaging in an online video chat.

In granting Aaron’s motion for summary judgment that ended the case, the U.S. District Court for the Northern District of Georgia held in an opinion filed Aug. 22 that the spyware’s monitoring function didn’t “automatically capture all communications simultaneously with their transmission.” The ECPA prohibits interception of electronic messages acquired “contemporaneous with transmission,” Judge Thomas W. Thrash said.

Atlanta-based rent-to-own company Aaron’s still faces ongoing privacy litigation over the spyware in several other federal court proceedings. The company has also come under fire from U.S. state, federal, and Canadian regulators for installing the spyware that remotely accessed personal data on the computers it rented, leased, and sold.

The company has settled charges with the California attorney general by agreeing to pay $28.4 million, and with the Federal Trade Commission by agreeing, without admitting any wrongdoing, to prohibit the use of the monitoring technology. Aaron’s franchisees previously settled charges with Canada’s Office of the Privacy Commissioner and the Vermont attorney general.

The regulators largely focused on what they alleged was the covert use of the surveillance tools. The court didn’t address such issues in the present case. Aaron’s said that the users had acknowledged, in an addendum to the user agreement, that the company could utilize remote monitoring software. Some of the plaintiffs said they hadn’t agreed to those terms.

Detective Mode

According to the second amended class complaint, Aaron’s computers installed software called “PC Rental Agent” (PCRA) that allowed the company to remotely shut down a computer for nonpayment and other reasons. The software also featured a “Detective Mode,” which could be remotely installed and activated, that let Aaron’s capture and transmit keystrokes and screenshots.

In January 2012, SEI/Aaron’s removed that software from all leased computers connected to the internet. Plaintiffs filed the class action complaint in 2014 over activity that took place before the software was removed.

The court explained that the U.S. Court of Appeals for the Eleventh Circuit prohibits capturing electronic communications “‘in flight.’” It distinguished PCRA from other types of software that are “always on” and constantly capture screenshots. PCRA, by contrast, took a screenshot at “predetermined intervals,” and no evidence shows that screenshots were “triggered by a communication,” the court said.

“Even if the Plaintiffs can show that a screenshot or two occurred in close proximity to an electronic communication, that does not mean the screenshot captured the communication simultaneously with its transmission,” the court concluded.

The court also granted summary judgment to Aaron’s on individual invasion of privacy claims from named plaintiffs, finding that one was filed too late and another lacked evidence that specific, private information had been taken.

Herman Gerel LLP and Edward C. Konieczny LLC represented the plaintiffs. Drew Eckl & Farnham LLP represented SEI/Aaron’s.

To contact the reporter on this story: Jimmy H. Koo in Washington at

To contact the editor responsible for this story: Donald Aplin at

For More Information

Full text of the court's opinion is available at

Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.

Request Bloomberg Law: Privacy & Data Security