If The Drew Fits, Charge It?

Being fascinated with both the use (and misuse) of technology and criminal law in general, I have been intently following the Lori Drew case. For those of you who haven’t, however, Drew is the Missouri mother who — as a response to some animus between 13-year-old Megan Meier and Drew’s daughter — created a false persona, “Josh Evans,” on Myspace to flirt with and gain the trust of Meier, then insulted and demeaned her to the point where Meier committed suicide. Missouri state officials reviewed the case, but felt that there was no appropriate state statute under which to bring charges against Drew; federal prosecutors in Missouri declined to charge the case for similar reasons. However, federal prosecutors in California (where Myspace’s servers are located) disagreed; claiming jurisdiction, they charged and were subsequently able to indict Drew under 18 U.S.C. § 1030, the Computer Fraud and Abuse Act (CFAA). Specifically, the U.S. Attorney’s Office in California is charging her with violating 18 U.S.C. § 1030 (a)(2)(C), which makes it a crime for anyone to

intentionally access[] a computer without authorization or exceed[] authorized access, and thereby obtain[] . . . information from any protected computer if the conduct involved an interstate or foreign communication.

The indictment can be found here, if anyone is interested in reading it, but the gist of the argument that the AUSAs in California are making is that by giving fictitious profile information, Drew violated Myspace’s Terms of Service, thus “exceeding” the access authorized by Myspace. Then, as she used this fictitious profile to “obtain information” from Myspace’s servers — personal information about Megan, as best as I can tell — to commit the tort of infliction of emotional distress upon Meier, and since to access Myspace’s servers she was required to send packets of data across state lines, she met all the elements of the crime.

Continue ReadingIf The Drew Fits, Charge It?

Market Opportunity: Unforwardable Emails

I’ve seen a number of news items over the past few years in which internal firm or law school emails get leaked to online legal gossip sites, to the embarrassment of the originating institution. In my view, the frequency with which this occurs indicates a world in transition. Once, there were no online gossip sites worth worrying about, and firm memoranda about salaries, scandals, employment issues, or stolen lunches from the office refrigerator rarely made it past the walls of the institution. Now, there are such sites, and salacious and even mundane internal correspondence regularly leaks to them. This strikes me as a situation that can’t persist in its current form much longer. Either practices will change (i.e., no more emails about firm policies) or some sort of restrictions will be put in place. (A third option, that expectations of confidentiality concerning such matters will evaporate, strikes me as unlikely.)

The latest item to set off this thought in my head was this news item from the Wall Street Journal’s Law Blog (essentially a slightly more tony version of Above the Law). As I tell my Internet Law students, there are various ways of controlling a behavior such as forwarding emails. Law is one way, but not a likely one in this case. Informal social norms are another (“Give a hoot! Don’t redistribute!”). That seems unlikely here, too. But a third is some sort of technological solution. And here, I would think a technological solution is at least conceivable: an office network that offers, as an option, blocking redistribution of the content of certain emails.

Continue ReadingMarket Opportunity: Unforwardable Emails