Posts Tagged ‘internet’

Standing to Sue the NSA?

Monday, November 2nd, 2015

A couple of weeks ago, Wikimedia’s lawsuit against the NSA got thrown out. Wikimedia (and the ACLU, NACDL, Amnesty International, and many more) claimed the NSA was violating everyone’s rights with its “upstream” surveillance of internet communications. The court dismissed the case because nobody could prove that they had “standing” to bring the case in the first place. The plaintiffs failed to establish that the NSA had actually intercepted any actual communications. They relied on statistics — there are gazillions of communications that go over the wires being monitored, so there must have been improper interceptions. The court said “must have been” isn’t good enough, there isn’t standing, good day.

This isn’t the first time that’s happened. A few weeks before that, a Pennsylvania divorce lawyer had his case against the NSA shot down for the same reason — he couldn’t prove that he himself had been harmed, because he couldn’t show that any of his communications had actually been intercepted. So no standing, case dismissed.

These cases rely on the 2013 Supreme Court ruling in Clapper v. Amnesty International, which held that merely “possible” injury isn’t enough to assert standing in a case like this. You need to show that the injury is real, and either actually happened or is truly imminent. Even if there’s a reasonably good chance that your communications were intercepted, that’s not good enough. There’s no res ipsa loquitur when it comes to standing here.

Of course, that’s nonsense, because the whole doctrine of res ipsa is basically “yeah, the plaintiff can’t prove you harmed him, but come on! It’s pretty obvious you must have.” It’s rebuttable, but the doctrine at least lets the plaintiff into the courthouse. [Yes I know Fourth Amendment and First Amendment jurisprudence aren’t exactly the same as that of negligence in Torts, but come on.]

It doesn’t matter, though, because this is what the Supreme Court always does in cases like this. None of this is a surprise to anyone.

In Clapper, the appellants wanted the Court to say  §1881a of FISA is unconstitutional, as is the NSA’s surveillance of communications. The Supreme Court did not want to deal with these issues. This “no standing” decision is their way of saying that.

An important fact about the Supreme Court is that it doesn’t have to take every case that comes its way. It gets to pick and choose, for the most part. They exercise this discretion, for the most part, based on purely nonpolitical considerations such as how busy they are. Or because a given case isn’t the right one to make a ruling with, and they’re waiting for a better one to come along. (Sometimes they do appear to cross the line with their discretion, see Bush v. Gore, and when that happens the entire authority of the Court gets called into question. A lesson that has to get re-learned every now and then.)

Prudence is another consideration that the Court takes into account when accepting or rejecting a case. In other words, “we’d better not get involved in this issue.”

If you look back at all the times the Court has skirted an issue by saying a party had no standing, it’s hard to find a definition of standing that reconciles them all. I’ll go so far as to say that they are irreconcilable. There is no consistent theory that explains them all. Except, that is, the consideration of Prudence. When you take into consideration the Court’s desire to not go sticking its nose in a sensitive matter, everything becomes clear.

It’s been the Court’s practice to do this for a long time, now. This very fact was taught in the very first class of my first year of law school, back in 1993, and it was already an old habit long before then. So it cannot have come as a surprise to anyone. I’ll bet you a dollar that even if you did find proof that your personal communications had been intercepted — and after Snowden and all the other post-Clapper revelations, it’s easier to meet some of the Court’s conditions — they’d still find a way to say you lacked standing. They’ve left themselves plenty of wiggle room, there.

That doesn’t mean you don’t keep trying! Just don’t be surprised if they keep refusing to get to the merits. They don’t want any part of it.

Top 5 Ways to Increase Your Blog Traffic

Tuesday, August 16th, 2011

 

If you’re trying to market your law firm online, no doubt you have a blog.  You know how important a blog can be for building your brand, and maximizing your SEO.  You’re doing everything right — loading up on keywords, submitting your posts to social media sites, and asking visitors to bookmark you — but when you look at your numbers each month, you’re still not getting all the hits you deserve.  What’s going on?  And how can you fix it?

What’s going on is that every law firm and solo out there has a blog these days, and it seems like everyone is doing the same thing.  After all, there are only so many ways to optimize your site if you aren’t constantly generating fresh content.  So if you’re like most blawgers out there, you’re getting lost in the crowd.

One way to stand out, of course, is to write lots of original content about topics that interest you, so that your interest draws in others similarly interested, and engage with your audience as it grows over time.  But this can be time-consuming, and who has that kind of time? Anyway, you don’t want potential clients to think you have this much time on your hands — they might wonder why you’re not busier, instead!  Furthermore, let’s face it, not everyone is a Kurt Vonnegut or Dave Barry.  We’re lawyers, not essayists.  In a way, it’s unfair that the essayists are drawing hits away from you, the lawyer.

Fortunately, we here at the Criminal Lawyer have learned a few secrets of maximizing blog traffic with a minimum of effort.  And now, for the FIRST TIME EVER, we are going to share with you the 5 easy techniques you can use to DRAMATICALLY INCREASE YOUR BLOG TRAFFIC RIGHT NOW:

 

TIP #1 — Lists, Lists, Lists!

Holy mother of God in a sidecar with rainbow sprinkles and a lobster bib, if you aren’t using lists, then you’d better start.  Articles with names like “The Top 5 Ways to…” or “The 10 Most Badass…” are proven to grab more online attention than anything that isn’t porn.

Online readers don’t stop to chew over ideas and digest careful arguments.  They nibble; they graze.  Give them bite-sized nuggets of pithy observations, and they’ll come back for more.

A bonus of the list is that it can automatically double your hits, by the simple method of breaking the post into two pages.  By spreading the list across three pages, you can even triple your hits WITH A SINGLE POST.  (But don’t get too crazy — studies have shown that online readers lose patience if they have to click through to every part of the list.  Don’t make it a slideshow.)

 

TIP #2 — Don’t Write for You; Write for Your Audience!

So you’re super-interested in this nifty case that just came down, and you think you have some ideas about why the court ruled that way and what it might mean for other similar cases?  Good for you.  Make a note of it for your own files.  But unless it’s a case that’s been all over TV news this week, I’ve got two words for you: BO RING!

How many people do you think share your interest in this little bit of legal arcana? A couple dozen?  Maybe?

Well, if you want a couple dozen hits, then by all means, knock yourself out.  But if you want MAJOR BLOG TRAFFIC, my friend, then you’re going to have to knock it off.

Write instead for the masses.  Don’t be a snob about it — what, are you too good for their attention?  Are you too good for their money if they decide to retain you?  Didn’t think so.

Look, if a topic is (more…)

Hey feds, get off of my cloud (Followup)

Tuesday, May 17th, 2011

Last month, we posted on the senate hearings on whether the feds need to get a warrant before getting emails and other stuff stored in the cloud.  The Obama administration would rather let the feds continue to get such stuff without bothering to get a warrant, as they now can do under (very outdated) current law.  As we put it:

As the law currently stands, if an email is more than 180 days old, the feds are allowed to snag it without a warrant, under the 1986 Electronic Communications Privacy Act.  In yet another bit of Orwellian fractal weirdness, the ECPA was designed to ensure that online communications had just as much privacy protection as anything in the offline world.  (Given the erosion of Fourth Amendment protections in the brick-and-mortar world, a cynic might be tempted to crack that the ECPA has lived up to its expectations.)

And we quoted Sen. Patrick Leahy, who last year argued to drag law enforcement and the Fourth Amendment into the modern era:

Today, ECPA is a law that is often hampered by conflicting privacy standards that create uncertainty and confusion for law enforcement, the business community and American consumers.

For example, the content of a single e-mail could be subject to as many as four different levels of privacy protections under ECPA, depending on where it is stored, and when it is sent. There are also no clear standards under that law for how and under what circumstances the Government can access cell phone, or other mobile location information when investigating crime or national security matters. In addition, the growing popularity of social networking sites, such as Facebook and MySpace, present new privacy challenges that were not envisioned when ECPA was passed.

Simply put, the times have changed, and so ECPA must be updated to keep up with the times.

Well, today Sen. Leahy proposed a new bill that might do just that.  The bill (pdf here) would get rid of that 180-day loophole, and require the feds to get a warrant no matter how old the email or data might be.

-=-=-=-=-

Obviously, we’re in favor of that.  But this bill goes farther than that.  If adopted, this bill would also:

  1. Prohibit cloud services from knowingly (more…)

Hey, feds, get off of my cloud

Friday, April 8th, 2011

Our jury’s still out, and there’s so much stuff to catch up on.  There’s the 5th Circuit’s denial of Jeff Skilling’s appeal, even though the Supreme Court had struck down the “honest services fraud” charge last summer.  We were so ready to write something about it yesterday, but work intervened, and now we’re not in the mood.  Maybe this weekend.

Instead, we’re all intrigued about the Senate hearings earlier this week on whether federal law enforcement ought to get a warrant before doing any search and seizure out there in the cloud.  Apparently, the Obama administration says the warrant requirement is just too much of a hassle.

The term “cloud computing” covers a lot of things, but for these purposes we’re talking about people storing data not on their own hard drives, but out there somewhere in the ether of the internet.  Of course, “out there somewhere” means “stored on someone else’s servers.”  Which means it’s there for the taking (or destruction) if those remote servers were to be compromised.  And of course, that means it’s out there for the seeing if law enforcement decides to go poking around in the cloud.

As the law currently stands, if an email is more than 180 days old, the feds are allowed to snag it without a warrant, under the 1986 Electronic Communications Privacy Act.  In yet another bit of Orwellian fractal weirdness, the ECPA was designed to ensure that online communications had just as much privacy protection as anything in the offline world.  (Given the erosion of Fourth Amendment protections in the brick-and-mortar world, a cynic might be tempted to crack that the ECPA has lived up to its expectations.)

As Vermont senator Patrick Leahy put it last September, when the Senate first starting considering changes to the ECPA, the statute

was a careful, bipartisan law designed in part to protect electronic communications from real-time monitoring or interception by the Government, as emails were being delivered and from searches when these communications were stored electronically. At the time, ECPA was a cutting-edge piece of legislation. But, the many advances in communication technologies since have outpaced the privacy protections that Congress put in place.

Today, ECPA is a law that is often hampered by conflicting privacy standards that create uncertainty and confusion for law enforcement, the business community and American consumers.

For example, the content of a single e-mail could be subject to as many as four different levels of privacy protections under ECPA, depending on where it is stored, and when it is sent. There are also no clear standards under that law for how and under what circumstances the Government can access cell phone, or other mobile location information when investigating crime or national security matters. In addition, the growing popularity of social networking sites, such as Facebook and MySpace, present new privacy challenges that were not envisioned when ECPA was passed.

Simply put, the times have changed, and so ECPA must be updated to keep up with the times

Think of it this way:  You’re storing your emails on a third party’s servers.  Isn’t there some lessening of your privacy expectations in that situation?  And on top of that, until maybe six or seven years ago, it wasn’t that outrageous to deem emails left on a third party’s servers for more than six months — instead of storing them to one’s own hard drive or local server for preservation — to be “abandoned.”  AOL users lost their emails after just a month or so.  If you didn’t actively save it to your hard drive, you didn’t want it.  (Forget, of course, the user’s reasonable expectation that the email would no longer exist in the first place.  Do not waste brain cells wondering whether one can abandon something that one believes to have already been destroyed.)

The point is, the law sort of made sense back in the 80s.  And it still kinda made sense when Google was new and Facebook was still in the future.

But now, things have changed.  In ways that are both dramatic and obvious to anyone who might be reading this post.  Now, by default, the vast majority of users do not store their emails locally (if they even know how to do so).  Emails are almost always accessed through a third party’s servers.  Almost nobody downloads their emails — and even if they do, the original remains on the server.

The vast majority of users expect that their emails, protected by their usernames and passwords, will remain private.  Even though the emails are stored out there in the cloud, the ordinary reasonable expectation is that they are private.

As we all know, the Fourth Amendment prohibits the search and seizure of stuff where there is a reasonable expectation of privacy, unless law enforcement gets a warrant based on a showing of probable cause to believe that particular evidence of a particular crime will be discovered by the search.  (For those of you desiring a quick primer on the various exceptions that apply, you can certainly do worse than to listen to N. Burney and G. Mehler’s brilliant CLE lecture, “Search and Seizure in 60 Minutes“)

The exceptions to the Fourth Amendment essentially boil down to situations where the evidence would cease to exist if a warrant were sought, or there’s some other thing we want the police to be able to do (such as make sure people are safe) that might be deterred if they weren’t allowed to use evidence observed in the process.  None of the exceptions are based on a policy of “we probably wouldn’t have probable cause to search in the first place.”

But that is precisely the policy offered by the Obama administration this week.  We kid you not.  Here’s associate deputy attorney general James A. Baker, testifying on why the administration doesn’t want to have to get a warrant to search the cloud:

In order to obtain a search warrant for a particular e-mail account, law enforcement has to establish probable cause to believe that evidence will be found in that particular account. In some cases, this link can be hard to establish.

And if they aren’t allowed to search in cases where they cannot establish probable cause in the first place?  The consequences would be dire, he (more…)

Online Advice

Thursday, February 10th, 2011

We’ll admit to a guilty pleasure.  Sometimes we surf over to Avvo and check out the questions people are asking criminal lawyers here in NY, and the answers various lawyers are providing.  It can be cringe-worthy, but once in a while it can be instructive.

We cringe when people ask for actual legal advice.  We cringe harder when lawyers venture to offer it.  We cringe the most when someone basically admits to a crime in posing their question, for all the internet to see.

We like it, though, when someone is looking for basic information, and they’re asking about something we haven’t come across in our own practice.  That happens often enough to keep us surfing back at least once a week.  There’s always room to learn, even if we’re only learning that we’re ignorant of something.  (And there are certainly areas of criminal defense where our ignorance is complete.)

Many of the questions, however, are just wasting space by asking the same thing that’s been asked over and over again.  The place really needs to put up a FAQ section.  Stuff like no, New York law does not provide for the expungement of criminal records.  Yes, having sex with someone under 17 is against the law.  No, there is no such thing as expungement here.  Yes, you do have to go to court.  No, we still don’t do expungement.  Yes, it would be a good idea to get a lawyer.  You’re not getting your record expunged.  And other things like that.

And far too many of the answers are just as much of a waste of space.  When the answer is obviously “go get a lawyer, your question cannot be answered here,” some lawyers will go ahead and offer some fluff instead about what law seems to apply, or just make a sales pitch.  Sometimes, though, there’s nothing more you can say beyond “go get a lawyer.”

We don’t answer many questions ourselves.  It’s usually not worth our time, frankly, and nothing could induce us to give actual legal advice to someone based on an incomplete query over a public forum.  But now and then we’ll see a question that (1) seeks basic information, rather than legal advice, (2) has been sitting unanswered for a while, and (3) we actually can provide a useful response.  That’s becoming rarer and rarer these days, however.  Mostly because there are fewer and fewer questions remaining unanswered.  Which is a good thing, all in all.

One thing that really bugs the crap out of us, however, is how Avvo sells this whole question thing as (more…)

More Google Mistrials

Friday, January 21st, 2011

Back in the infancy of this blog, we wrote a piece called “No More Google Mistrials: A proposal for courts to adapt to modern life.”  In it, we lamented that our jurisprudence hadn’t caught up with the realities of the internet age, and that mistrials were still being called whenever jurors got caught looking stuff up online.  We pointed out that it wasn’t exactly a new phenomenon — people had been Googling stuff for years — so it was high time the courts got caught up.

Amazingly, this post seems to have escaped the notice of the “they” who make up the rules of how a trial is to proceed.  Heavens forfend, but it might even be possible that a number of judges may never have even heard mention of it.  Stranger things have happened, though we can’t think of any offhand.

Be that as it may, the internet is forever, and it seems to get read from time to time.  Mainly by members of the press, it appears, and usually right after yet another Google mistrial has been declared.  That’s when we seem to field calls about it, anyway.

And that’s what happened earlier this week.  We were on our way to handle a case out in the rust belt, and were driving past Wilkes-Barre, Pennsylvania (a town near and dear to our heart ever since we landed a small plane there in a freakishly windy day back in our teens, a simple refueling that wound up involving the National Guard, a mistaken identity, extremely obliging air traffic controllers, and an absurd amount of adrenaline — though that’s a story for another time).  When we happened to get a call from a reporter right there in Wilkes-Barre, calling to discuss a Google mistrial that had just happened there.  (You can read the resulting article here.)

We basically said the same things in the interview as we’d written a couple of years ago, which is news enough right there.  Our opinions and positions do tend to evolve as we learn new facts or new ways of looking at old facts, so it was a nice surprise to read our old blog post for the first time since we’d written it and find that it’s pretty much what we’d just said.

But on second thought, we actually said some new stuff in this interview.  Some new policy considerations came to mind.  The reporter gets the credit for this, because unlike most reporters who just want a quick sound bite so they can get back to banging out their story by deadline, this reporter debated us.  She flatly challenged our position, saying that few if any would agree with us, and demanding that we defend it.  It was a pretty skillful interview.  Pity none of the good stuff made it into the article.  We blame the editors, of course.

So for the benefit of those who have bothered to read this far, here’s the good stuff:

-=-=-=-=-

We don’t want jurors going out and (more…)

MySpace Judge Agrees with Us

Friday, July 3rd, 2009

 

Remember the Lori Drew case? She’s the mom who was convicted last Thanksgiving for creating a fake MySpace persona, which she then used to harass a teenaged girl until the girl committed suicide.

After she was convicted, we argued that her conviction stretched the meaning of the statute too far. Here’s what we wrote:

The underlying statute, the Computer Fraud and Abuse Act, is a federal law intended to prevent hacking. Drew created a fictitious MySpace account, which was used to harass the girl. In doing so, Drew violated MySpace’s terms of service, though she apparently never read them. By violating the terms of service, Drew got unauthorized access to MySpace’s servers, and the prosecution went out on a limb to argue that this technically violated the CFAA.

But does it really?

Plenty of pundits are now doubting that the verdict will survive an appeal. Congress clearly intended the law to criminalize hacking into someone else’s computer. That’s different from creating a fictitious screen name — a very common and socially acceptable occurrence.

Terms of service are conditions imposed by websites which govern permissible use, and which almost always prescribe penalties that may be imposed for violations. These penalties normally range from warnings and temporary disabling of access, to permanent denial of access. The relationship is essentially contractual.

But if the prosecution’s theory is upheld on appeal, then breaching such conditions would have criminal consequences.

Criminalizing this kind of behavior isn’t exactly far-fetched. Crime is essentially that behavior which society considers so threatening that the guilty must be punished with a restriction on liberty or a loss of property. The existence of a civil remedy does not preclude something from being criminal — a thief is civilly liable to return what he stole, but still faces jail regardless. And there may be something to an argument for criminalizing the false personas on social networking sites frequented by minors, to protect society from predators.

But that’s clearly not what Congress was trying to do here. Furthermore, the prosecution’s stretched interpretation is just too overbroad. Rather than being narrowly tailored to focus on those who violate the TOS of a child-used site for the purpose of committing a nefarious or dangerous crime, the prosecution’s theory simply criminalizes all violations of any site’s TOS agreement. A court of appeals is likely to find that an improper application of the law.

Lori Drew was scheduled to be sentenced today. (Well, technically yesterday. Thursday. We’re still working, so it’s still Thursday to us.)

But she wasn’t sentenced. Instead, Judge Wu threw out her conviction. According to CNN, he refused to uphold the jury’s verdict because the guilty verdict would set a bad precedent that anyone who violates a site’s TOS could also be found guilty of a misdemeanor. Criminalizing all violations of a site’s TOS agreement is not what the law is designed to do. Because it technically allows such improper application of the law, it is probably unconstitutional for vagueness.

This was just an oral decision. Wu is expected to issue his written decision soon.

Great minds think alike!

No More Google Mistrials: A Proposal for Courts to Adapt to Modern Life

Wednesday, March 18th, 2009

google-mistrial.png

“Google mistrials” are in the news again. Every few years, we hear about mistrials being declared because jurors were caught researching the facts online. It’s not a new phenomenon — there have always been jurors who felt the urge to find out for themselves what really happened — all that’s new is how easy the Internet makes it. And even Google mistrials have been happening for many years.

Jurors naturally want to investigate on their own. It’s normal. After all, the whole purpose of a jury is to arrive at an official version of the facts, jurors do take this job seriously, and they commonly feel hamstrung by rules of evidence that keep them from seeing the whole picture. Taking the initiative can be thought of as a means to achieving true justice. Such initiative is even the major plot device of that old classic “Twelve Angry Men,” commonly seen as a drama that epitomizes true justice.

The justice system, on the other hand, has evolved over the centuries to ensure justice in quite a different way. Instead of allowing trial juries to investigate the facts, the courts carefully limit the facts to which juries are exposed. Before being spoon-fed to the jurors, facts must first be sifted through rules of admissibility, to ensure that only relevant and reliable information is made available. Then both sides in the trial get to challenge, cross-examine and argue about that evidence. This testing by fire, even if intended to obfuscate rather than clarify the facts, is generally seen as serving the higher goal of a just result.

So unlike “Twelve Angry Men,” when a juror in real life goes out into the world beyond the courtroom, and finds evidence that was not presented at trial which could affect the outcome of the case, justice is deemed to have been frustrated. A mistrial is declared, and everyone has to do it over again. The judge, jury, court employees, lawyers, witnesses and parties will have wasted their time, effort and money.

But it used to take some effort to cause such mistrials, and so they were rare. Jurors may have WANTED to go out and do some research on their own, but few had the time and resources to match their inclination. Nowadays, however, everyone is a research specialist. In everyone’s pocket is a miniature Hitchhiker’s Guide to the Galaxy, a phone or PDA with full access to the Internet. Looking up individuals, events, photos, aerial images, detailed maps, weather, weapons, forensics, public records, and practically anything else is now fast, effortless and free.

There are no obstacles to such research, and so everyone does it. And they do it all the time. It’s not a here-and-there thing like visiting a library; it’s part of the habits of people’s daily lives. The simple fact is that it is something people do naturally and routinely throughout their day. Telling someone not to go online these days is as inane as telling them they can’t talk about their day with their spouses and best friends.

Beyond simple inanity, ensuring that jurors comply with a no-Googling rule is simply unworkable in real life. Access to the Internet is ubiquitous in modern life. It’s everywhere. Unless courts are willing to confiscate all wireless devices of any sort at the courthouse, and then sequester every jury at great expense to ensure that they don’t access the web after hours, then courts are simply not going to be able to prevent Googling from happening. Jurors are going to be instructed not to do it, they’re going to do it anyway in ever-increasing numbers, and so mistrials are going to happen in ever-increasing numbers.

It’s time for modern jurisprudence to catch up to modern reality. Independent juror research simply cannot be grounds for mistrial any more.

It’s not such a stretch, by the way. We already allow jurors to take into the jury room any common knowledge and common sense they already possess. In fact, we insist on it. All that would be required of the law would be a presumption that anything available on the net is common knowledge.

That’s a simple fix, and an intellectually honest one.

What would that mean? That would mean that lawyers would have to be a little more diligent in investigating their cases. They’re going to have to presume that anything on the Internet is common knowledge. So if that common knowledge is wrong, they’re first going to have to realize it’s out there, and then debunk it.

So what? That’s what any good lawyer does now, anyway. If there’s a common perception that happens to be a mis-perception, then effective counsel will do their best to educate the jury to at the very least minimize the effects of that misperception. We do this all the time, in all sorts of cases. Prosecutors try to nullify the perception that circumstantial evidence is somehow less reliable than direct evidence. Defense attorneys try to undo the perception that an eyewitness identification is as damning as it gets. There are tons of examples for every kind of case that goes to trial.

The risk, of course, is that by attempting to debunk an attitude, one may merely highlight it to a juror who wouldn’t have otherwise have thought it. That’s the same risk we take now. We try to minimize it during jury selection, if we can. And we judge the risks and take the course we judge to be best.

In short, the law needs to accommodate modern reality by treating data commonly available as if it people were commonly aware of it. The law may already do so, and the courts just haven’t gotten around to realizing it yet. It really may be nothing more than a simple matter of re-interpretation of a longstanding rule.

So no more Google mistrials, please. Efficiency would be improved, and justice would be served.

MySpace Conviction Probably Exceeded Scope of Law

Tuesday, December 2nd, 2008

 

We were away last week, achieving an unqualified victory in a case brought by the Antitrust Division. But while we were gone, Lori Drew got convicted of three criminal counts of accessing a computer without authorization. Drew is the mom who was accused of harassing a teenaged girl over the Internet to the point where the girl committed suicide.

The underlying statute, the Computer Fraud and Abuse Act, is a federal law intended to prevent hacking. Drew created a fictitious MySpace account, which was used to harass the girl. In doing so, Drew violated MySpace’s terms of service, though she apparently never read them. By violating the terms of service, Drew got unauthorized access to MySpace’s servers, and the prosecution went out on a limb to argue that this technically violated the CFAA.

But does it really?

Plenty of pundits are now doubting that the verdict will survive an appeal. Congress clearly intended the law to criminalize hacking into someone else’s computer. That’s different from creating a fictitious screen name — a very common and socially acceptable occurrence.

Terms of service are conditions imposed by websites which govern permissible use, and which almost always prescribe penalties that may be imposed for violations. These penalties normally range from warnings and temporary disabling of access, to permanent denial of access. The relationship is essentially contractual.

But if the prosecution’s theory is upheld on appeal, then breaching such conditions would have criminal consequences.

Criminalizing this kind of behavior isn’t exactly far-fetched. Crime is essentially that behavior which society considers so threatening that the guilty must be punished with a restriction on liberty or a loss of property. The existence of a civil remedy does not preclude something from being criminal — a thief is civilly liable to return what he stole, but still faces jail regardless. And there may be something to an argument for criminalizing the false personas on social networking sites frequented by minors, to protect society from predators.

But that’s clearly not what Congress was trying to do here. Furthermore, the prosecution’s stretched interpretation is just too overbroad. Rather than being narrowly tailored to focus on those who violate the TOS of a child-used site for the purpose of committing a nefarious or dangerous crime, the prosecution’s theory simply criminalizes all violations of any site’s TOS agreement. A court of appeals is likely to find that an improper application of the law.