crime


The House Judiciary Committee is considering a bill (.pdf) to amend the Computer Fraud and Abuse Act, 18 USC 1030. I’ve redlined the current statute (.doc) to show how the law would look should this bill pass, and inserted comments where relevant.

I’ve heard that the bill is intended to fix what’s come to be known as “The Lori Drew Problem“: criminalizing terms of service violations. By my analysis, it does the opposite. The text could clear the way for such prosecutions while introducing new legal uncertainties, expanding the scope of the CFAA and greatly increasing penalties, without resolving the underlying problem, which is that the phrase “exceeds authorized access” — as well as the new phrase “in excess of authorization” in the bill — are subject to conflicting interpretations.

The bill also dramatically increases penalties while introducing new ambiguous language that muddies rather that clarifies the reach of this expansive law in other areas as well. For the reasons set forth in the comments to my attached redline, this legislation needs to be scrapped.

This legislative push comes just a few days following the Ninth Circuit’s opinion in United States v. Nosal. There, the Court sitting en banc reversed the panel decision and held that violations of an employer’s computer use restrictions are not penalized under the statute, because “exceeds authorized access” doesn’t mean merely violating a policy, it means obtaining data you are not allowed to see. While a very welcome decision, this creates a Circuit split with the Fifth, Seventh and Eleventh Circuits. We don’t yet know whether the government will petition for, or the Supreme Court will grant cert in Nosal. What we do know is that if Congress wants to resolve the ambiguity, the current bill will only make matters worse.

The recent Department of Justice decision to indict Megaupload for copyright infringement and related offenses raises some very thorny questions from a criminal law perspective.  A few preliminaries: I’m responsible for the musings below, but I thank Robert Weisberg of Stanford Law School for taking the time to talk through the issues and giving me pointers to some relevant cases. Also, an indictment contains unproven allegations, and the facts may well turn out to be different, or to imply different things in full context.

DMCA SAFE HARBOR: BELIEVE IT AND IT WILL BECOME REAL: As a matter of criminal law, the discussion of whether Megaupload did what it needed to do to qualify for the DMCA Safe Harbor misses the point. Did they register an agent? Did they have a repeat infringer policy? These are all interesting CIVIL questions. But from a criminal law perspective, the important question is did Defendants BELIEVE they were covered by the Safe Harbor? This is because criminal infringement requires a showing of willfulness.  The view of the majority of Federal Courts is that “willfulness” means a desire to violate a known legal duty, not merely the will to make copies.

In other words, for criminal liability, it doesn’t really matter whether the service qualifies, so long as Defendants believed it qualified. If so, they were not intentionally violating a known legal duty, and so their conduct would not satisfy the willfulness element of the offense. For criminal liability after the DMCA safe harbor, as in horseshoes, close may be good enough.

SECONDARY COPYRIGHT LIABILITY AND CRIMINAL LAW:

The heart of this case is whether and when an enterprise can be held criminally liable for the conduct of its users. (For example, both copyright infringement claims (Counts 4 and 5) identify aiding and abetting as a basis for the charge.)

Aiding and abetting is something like the civil liability inducement theory the U.S. Supreme Court created in the 2005 Grokster case.  Experts opine that the indictment makes out a pretty good inducement case against Megaupload. But the first question from a defense perspective has to be “Can the Grokster theory of CIVIL liability even be the basis for CRIMINAL copyright claims?” This has never been decided by any Court.

However, the pending Second Circuit case of Puerto 80 Projects v. USA (“Rojadirecta“), raises the issue squarely. There, the plaintiff is challenging the ICE seizure of its Rojadirecta domain names based on an allegation of criminal copyright infringement. For background on the case, and on the ICE domain seizures, check out Techdirt’s coverage.

Rojadirecta’s lawyers at Durie Tangri have challenged the U.S. Government’s assertion that criminal liability arises from linking to infringing content. The lawyers argue that judge-made secondary infringement liability theories, including Grokster style inducement, cannot be the basis for a criminal copyright violation because the criminal copyright statute doesn’t mention secondary liability. Congress considered and rejected statutes that would have created such liability, in COICA and PROTECT IP. In sum, due process doesn’t allow incarceration under a civil legal theory that the Supreme Court dreamed up in 2005. The issues yet to be decided in Rojadirecta apply to the Megaupload case as well.

AGREEMENT + CIVIL VIOLATION = PRISON?: Count 2 is a conspiracy to commit copyright infringement claim, and references unknown parties as members of the conspiracy. Conspiracy entails an agreement to commit an offense and an overt act in furtherance of that agreement.  The act in furtherance need not itself be illegal, but there must be an agreement to do an illegal act. The list of overt acts show that the object of the conspiracy was infringement by Mega users. If Defendants agreed with each other to induce others to infringe, and Rojadirecta’s lawyers are correct that inducement is not a crime, there’s a conspiracy only to violate a CIVIL law. If the idea is that Mega conspired with its users to infringe, those users may or may not have been criminally infringing copyright. They were located all over the world, and may or may not have acted willfully, i.e. intended to violate U.S. law. Again, the government would basically have alleged an agreement to violate a U.S. CIVIL law, including by many people who are not subject to U.S. rules.

Is it a federal crime to conspire to induce others to violate a U.S. civil law?

The answer to that is an obvious “no”. The conspiracy statute itself makes clear that the object of the conspiracy must be an offense or fraud against the United States, in other words, a federal crime. 18 U.S.C. 371. It is true that Oliver North and John Poindexter were prosecuted for conspiracy to violate Boland Amendment, which prohibited Defense Department spending on the Nicaraguan Contras, but was not itself a crime. And there is a 1979 case (U.S. v. Ruffin, 613 F.2d 408 (2nd cir. 1979), where the defendant was convicted of conspiracy when he convinced an unwitting person to divert federal funds to the defendant’s personal benefit. But both cases constituted fraud involving U.S.taxpayer dollars, which is also a basis for conspiracy liability. Civil violations simply are not.

For these reasons, prosecuting this case against Mega, especially if Defendants get good criminal lawyers who also understand copyright law, is going to be an uphill battle for the government.

A few other points. Some direct infringement convictions look easy, but COUNT 4 IS WEIRDLY INCOMPLETE: I agree with the copyright law experts interviewed by Ars Technica that the most damning allegations in the indictment are the claims of direct infringement, particularly for the prerelease movies. Interestingly, the indictment identifies four films that the defendants supposedly distributed before release: The Green Hornet, Thor, Bad Teacher, Twilight–Breaking Dawn Part 1. But Count 4 only charges one such act of prerelease infringement, the movie Taken.  What about the other films? Why were those not also charged?  

Finally, this case is extremely interesting from a JURISDICTIONAL standpoint. One of the very first issue to be litigated will be extradition to the United States. Does the United States have jurisdiction over anyone who uses a hosting provider in the Eastern District of Virginia? What about over any company that uses PayPal? That’s a very broad claim of power, and I expect it will be vigorously contested.

A look at the most recent court opinion on cell phone location tracking: http://bit.ly/o171vy
Isn’t it great that when your car, or phone, or laptop gets lost or stolen, you can use modern technology to find your stuff and get it back? One might think only paranoid Luddites or the thieves themselves would oppose such an innovation. But the joy of a ubiquitous communications/tracking network is tempered by the threat to privacy — and potential liability — for enlisting SkyNet to peer into our cars, purses and bedrooms.

Part One: The Wiretap Act and Find My Computer

Last month, in Clements-Jeffrey v. Springfield, a quirky case involving sex and a stolen laptop, a U.S. District Court judge in Ohio ruled that a laptop-tracking company could be liable for intercepting sexually explicit communications in an effort to identify thieves who stole the computer one plaintiff was using to communicate with the other. …

For more, click here

Granick Slatecard
STATEWIDE ELECTION, JUNE 2010

Friends, Romans, Republicans:

Welcome to the Granick Slate Card for the June 8, 2010 California Primary Election. The hot national issues are Drill, Baby, Drill and Arizona checking the IDs of suspected non-Amuricans, in other words “illegal” people. Will we confront these issues in this election? Not so much. Primaries are really about picking our best candidate for the general election and punishing those incumbents who’ve done us wrong. I’m a registered Democrat, so my picks are for those races. Unfortunately, time is short so my explanations are terse, or non-existent, but as usual I have lots of links to other authorities if you want to check my math. So, without further ado, the picks.

STATE OFFICES
Governor (Dem): Jerry Brown

Lt. Governor (Dem): Gavin Newsom
I’m not a huge fan of Newsom’s anymore. I think he started strong and then got personally ambitious and distracted, leaving a lot of San Francisco’s needs on the table. Still, he’s an interesting and smart politician and I think the job of Lt. Governor requires ambition if one is to make anything of it.

(more…)

New Research Suggests That Governments May Fake SSL Certificates | Electronic Frontier Foundation.

Prepaid Providers Seek to Put Locks On Your Phone and Their Hands In Your Pocket.

<a href=”http://www.eff.org/deeplinks/2009/07/facebook-and-phone-lock-in”>Facebook and the Phone Companies Try to Lock You In</a>
The awesome Ars Technica picks up my deeplink about an important new Ninth Circuit case interpreting the Computer Fraud and Abuse Act.

Are employees who use their workplace computers contrary to the interests of their employers criminals under the Computer Fraud and Abuse Act? Yesterday, the Ninth Circuit Court of Appeals said disloyal keyboarding is not a crime in LVRC Holdings v. Brekka.

Click through for more.

I’m blogging again, starting with this post on EFF Deeplinks about the September 2008 amendments to the Computer Fraud and Abuse Act.

Here’s the upshot:

The amendments broaden the already extensive reach of the law, and fail to clarify the most vexing question about the statute, the definition of “unauthorized access”. However, they do shed some light on the issue of what constitutes the necessary element of “damage”, showing that several cases holding that mere unauthorized viewing of data is sufficient for a CFAA claim were wrongly decided. As a result, the new amendments may give internet innovators, researchers and speakers some arguments that could keep search engines, vulnerability reporting and other legitimate uses of computer systems legal.

Click through for more CFAA wonking out.

GRANICK SLATE CARD
PRIMARY ELECTION, June 3, 2008

Friends, Romans, Republicans*:

Welcome to the Granick Slate Card for the June 3, 2008 Primary Election. Lots of fun stuff on the ballot, though unfortunately we can’t vote for who is more wronged, Obama because Hillary insists that Florida and Michigan voters be counted even though Obama didn’t campaign there because they weren’t supposed to count, or Hillary because Obama insists that she death wished him by even mentioning RFK. Debate it elsewhere, we aren’t even talking about it here. No, we are not.

*Actually, its a primary and I’m registered Democrat, so the candidate picks below are only helpful for Democratic voters. If you aren’t registered D, see the “Some Housekeeping” section.

Some Housekeeping:

Its recently come to my attention that some fair citizens of San Francisco* are registered Independent, meaning American Independent Party. The AIP is not the fair-minded agnostic who just wants a chance to vote their conscience in a open primary, no. It is, according to those perennially youthful lads Matier and Ross, “anti-immigrant, anti-abortion, anti-NAFTA and anti-tax party”. For those of you in the same boat as Ms. Siebel, you might want to re-register. To become the independent voter you always wanted to be, you should pick “decline to state”. You can do so here.

*Who else made this gaffe? Why, future First Lady Jennifer Siebel did! So you are in good company. Reportedly, she went to Stanford!

Now that that’s settled, we’re off to the races.

United States Representative; District 8: Nancy Pelosi, Democratic

Pelosi is powerful. Pelosi brings home the bacon. Pelosi will face anti-war mom Cindy Sheehan in November. Pelosi will win this primary. Pelosi.

State Senator; District 3; Mark Leno

This is a tight race and, to my mind, one of two reasons to turn out and vote next Tuesday. Assemblyman Mark Leno is running against the incumbant Carole Migden and former Assemblyman Joe Nation. Nation made a name for himself with pro-environment legislation, before terming out of the State Assembly in 2006. He’s generally considered the most conservative person running for this seat, possibly because he says he’ll work across party lines, possibly because he takes money from the landlords promoting Prop 98 (see below) and also possibly because he’s the only straight guy. Hey, straight people can be liberals, too!

My vote goes for Leno. He’s been effective, principled and pragmatic. The Chron, which endorsed him, says “Leno’s work in shepherding his same-sex marriage legislation – bringing it from pipe dream to passage in 2005 and 2007, only to be vetoed each time by Gov. Arnold Schwarzenegger – was a textbook example of how an understated tenacity can pay off in the world of politics.” He was also instrumental in passing a state health care bill last year.

Sadly, Senator Migden’s personal and professional judgement make it impossible for me to vote for her, especially with Leno in the race. Remember the hit-and-run freeway crash, which she blamed on medication she is taking for previously undisclosed cancer, and the record fine from the Fair Political Practices Commission for campaign-finance law violations that included use of donations for personal expenses? How about the time she punched the “yes” button of a Republican legislator when he was in the toilet or something while her bill was being voted on in the Assembly? If there weren’t another great candidate, you might force yourself to overlook these things, but there’s Leno.

State Assembly: Tom Ammiano

He’s movin’ on up from the Board of Supervisors. He’s funny. He’s from New Jersey. He worked his ass off for this city. He authored the city’s domestic partners law. He authored the living wage law. He created the Children’s Fund and the the Rainy Day Fund law. He looks great in a dress. We’ll miss you, Tom, and we’re proud of you.

Democratic Party County Central Committee; San Francisco County

Here’s who I know who is running in my district, the 13th.

Michael R. Farrah, Jr.

Here’s who the Bay Guardian endorses:

13th Assembly District

Bill Barnes, David Campos, David Chiu, Chris Daly, Michael Goldstein, Robert Haaland, Joe Julian, Rafael Mandelman, Aaron Peskin, Eric Quezada, Laura Spanjian, Debra Walker

12th Assembly District

Michael Bornstein, Emily Drennen, Hene Kelly, Eric Mar, Jake McGoldrick, Trevor McNeil, Jane Morrison, Melanie Nutter, Connie O’Connor, Giselle Quezada, Arlo Hale Smith

Superior Court Judge; San Francisco County: Mary Mallen (Not Thomas Mellon)

Current Judge Mellon should not be retained due to a general disrespect for public defenders and apparent fear of the people who appear before him as defendants and witnesses (see here. Gerardo C. Sandoval, a former public defender, is a doofus. That super doofus Sean Hannity outsmarted him. Mallen, another former public defender is my choice.

State Propositions

Proposition 98: End Rent Control, and Then Some: NO
Proposition 99: Protect Homeowners from Eminent Domain: Yes

These propositions are an effort to redo a previous proposition on eminent domain that was narrowly defeated by Californians in November of 2006. 98 takes all the parts of that proposition and makes it worse by including language that would defeat rent control. 99 is more narrowly tailored to prevent the government from taking a single family dwelling to sell that land to another private party.

The problem is that eminent domain, often used by government and environmentalists to stop private property owners from destroying communal resources, has more recently be used to take the little guy’s land and give it to developers or other property owners. The US Supreme Court approved the practice, so people feel that ED is out of control. Still, government power over real estate serves an important social function when properly deployed for parks, wetlands, reasonable rent control and the like. Proposition 98 has no balance whatsoever. It would encourage property owners to sue the government whenever it restricts the ways owners use their land, including zoning, land use and environmental reglations. Proposition 98 bars state and local governments from using eminent domain to acquire an owner-occupied residence, as defined, for conveyance to a private person or business entity. This one is balanced and acceptable.

Local Measures

Proposition A School Parcel Tax – Yes

$198 per parcel annually for schools. An effort to fix underfunding because of the anti-property tax movement of the 1970’s.

Proposition B Changing Qualifications for Retiree Health and Pension Benefits and Establishing a Retiree Health Care Trust Fund – Yes

This prop increases the years of service required for City employees to qualify for employer-funded retiree health benefits from 5 to 10 or 20 years, while increasing retirement benefits for those who do qualify. A way to save the city money while providing for long-term employees.

Proposition C Forfeiture of Retirement Benefits for Conviction of a Crime Involving Moral Turpitude in Connection with City Employment – No

Not a big enough problem to be worth the litigation over whether something is morally turpitudinous enough to merit the penalty. And yes, that is a word.

Proposition D Appointments to City Boards and Commissions – No

Another one of these non-binding policy statements San Franciscans love, this one saying more men and women of all races, ethnicities, sexual orientations and types of disabilities be appointed so that the interests of these people is better represented. It is both banal and false. Banal because everyone in San Francisco believes in equal opportunity for all who want to be in public service and false because the proposition assumes that identity politics is the truest way to egalitarianism, which I don’t believe is borne out by history.

Proposition E Requiring Board of Supervisors’ Approval of Mayor’s Appointments to the Public Utilities Commission and Creating Qualifications for Commission Members – No

This is another one of those salvos in the ongoing fight between our allegedly conservative mayor and the allegedly progressive Board of Supervisors over who has the most control. Right now, the mayor appoints people to the Public Utilities Commission (PUC) and the Board can only reject that person with a 2/3 vote. This would change that to a majority vote. A 2/3 vote should be enough of a safeguard against political hacks, without making PUC appointments a political football. If you trust the supervisors but not the mayor, you’ll vote the other way on this.

Proposition F — No
Proposition G – YES

This is the other reason to vote in this election and is a hot political potato.

Hunters Point is neglected and languishing. Previous voter-approved ideas, like a shopping mall, have failed because there was not a comprehensive vision or a financial plan to make improvements work. Until now. Proposition G was placed on the ballot to get voter support for a Lennar Corp. development plan. The plan is elaborate, and promises parks, businesses, housing, clean up of the Navy Yard with federal money, a way to keep the 49ers and a way to use the land if they leave for Santa Clara. While Lennar’s initial promise was for 25% affordable housing, the corporation has upped its ante to 32%, (and thrown in a chunk of change for job training and home ownership programs) due to opposition from Prop F. It has also promised to build some of the housing for the poorest people, and some for the lower middle class. The plan, if it happens in this economic market, will be great for the area. That is why Sophie Maxwell, the supervisor for Bayview/Hunters Point is in favor of G.

Proposition F is the poison pill for Proposition G. Pushed by people who don’t trust Lennar’s promises can be enforced would require 50% of the housing to be affordable. The problem is that Prop F doesn’t say how that plan could be financed. Lennar says it can’t afford to do the development at that rate. Also, during the debate on KQED the other day, one of the Prop G proponents said that no project in the City has ever had more than 30% affordable housing. So if F passes, then the most likely scenario is that, once again and still, Hunters Point sits neglected. Lennar will drop its plan, and the area is unlikely to get another suitor.

Affordable housing is really important, as is avoiding gentrification that drives current residents away, as is avoiding the “barbell effect” where the really poor and the super rich can get access to homes in the city, and everyone else has to leave. The Lennar plan provides that housing, maybe not as much as you’d theoretically like, in the context of a well-conceived detailed plan that can actually happen. F puts the kibosh on that progress. And waiting carries its own price. Black residents are already being forced out of the Bayview area by a mixture of gentrification and violence. There’s always something not to like, but that is not a good excuse anymore. Vote yes on G and no on F.

Proposition H Prohibiting Elected Officials, Candidates, or Committees They Control from Soliciting or Accepting Contributions from Certain City Contractors – No

This is a poorly crafted rule that does not define the “controlled committees” that it allegedly regulates. As a result is will not make government cleaner. Both the Chronicle and the Bay Guardian are against it.

Thats all, folks. Remember to vote early, vote often. Polls are open from 7A to 8P. Viva la democracia.

HELPFUL LINKS

To find your polling place, go here,/a>: http://smartvoter.org/ca/sf/ (A great site with tons of resources, btw)
SF Chronicle
Endorsements: http://www.sfgate.com/endorsements/
SF Bay Guardian Endorsements: www.sfbg.com

–clipandvote—-clipandvote—-clipandvote—-clipandvote—-clipandvote—-clipandvote—-

United States Representative; District 8: Nancy Pelosi, Democratic

State Senator; District 3; Mark Leno

State Assembly: Tom Ammiano

Democratic Party County Central Committee

Michael R. Farrah, Jr.

13th Assembly District

Bill Barnes, David Campos, David Chiu, Chris Daly, Michael Goldstein, Robert Haaland, Joe Julian, Rafael Mandelman, Aaron Peskin, Eric Quezada, Laura Spanjian, Debra Walker

12th Assembly District

Michael Bornstein, Emily Drennen, Hene Kelly, Eric Mar, Jake McGoldrick, Trevor McNeil, Jane Morrison, Melanie Nutter, Connie O’Connor, Giselle Quezada, Arlo Hale Smith

Superior Court Judge; Mary Mallen (Not Thomas Mellon)

Prop A: Schools: Yes

Prop B: Retirement: Yes

Prop C: Moral Turpitude: No

Prop D: Policy on Appointments: No

Prop E: PUC Appointments: No

Prop F: Poison Pill: No

Prop G: Lennar Plan for Hunters Point: Yes

Prop H: Controlled Committees: No

To subscribe to the Granick Slate Card, visit http://
lists.granick.com/listinfo.cgi/slatecard-granick.com. The Granick
Slate Card issues before every California election and may be copied and freely shared for any non-commercial purpose, with author attribution. Derivative works need not make any attribution.
My recent post on the EFF blog talks about the difficulty that web security researchers have doing their work, in light of the Computer Fraud and Abuse Act and similar state statutes. While pen testers and other hired security guns can get written authorization to do security audits, members of the public have little leeway to explore the ways a website works or breaks, even when that vulnerability means that customer data is exposed to fraudsters. Read the post –Computer Crime Laws Chill Discovery of Customer Privacy Threats | Electronic Frontier Foundation– for more about the issue.

In yesterday’s Circuit Court column “Free the Spam King” I take on the question of whether criminal prosecutions will stop spam, or are even fair. This one has engendered a lot of hate mail. It seems the only thing people hate more than child porn is spam.

Next Page »