E-Mail Hacking Case Could Redefine Online Privacy
By Ellen Nakashima
Washington Post Staff Writer
Wednesday, August 6, 2008; D01
A federal appeals court in California is reviewing a lower court’s definition of “interception” in the digital age, in a case that some legal experts say could weaken consumer privacy protections online.
The case, Bunnell v. Motion Picture Association of America, involves a hacker who in 2005 broke into a file-sharing company’s server and obtained copies of company e-mails as they were being transmitted. He then e-mailed 34 pages of the documents to an MPAA executive, who paid the hacker $15,000 for the job, according to court documents.
The issue boils down to the judicial definition of an intercept in the electronic age, in which packets of data move from server to server, alighting for milliseconds before speeding onward. . .
Judge Florence-Marie Cooper, in the Central District of California, ruled that the alleged hacker, Rob Anderson, had not intercepted the e-mails in violation of the 1968 Wiretap Act because they were technically in storage, if only for a few instants, instead of in transmission.
“Anderson did not stop or seize any of the messages that were forwarded to him,” Cooper said in her decision, which was appealed by Valence Media, a company incorporated in the Caribbean island of Nevis but whose officers live in California. “Anderson’s actions did not halt the transmission of the messages to their intended recipients. As such, under well-settled case law, as well as a reading of the statute and the ordinary meaning of the word ‘intercept,’ Anderson’s acquisitions of the e-mails did not violate the Wiretap Act.”
. . . “The case is alarming because its implications will reach far beyond a single civil case,” wrote Kevin Bankston, a senior attorney for the Electronic Frontier Foundation in a friend-of-the-court brief filed Friday. If upheld, the foundation argued, “law enforcement officers could engage in the contemporaneous acquisition of e-mails just as Anderson did, without having to comply with the Wiretap Act’s requirements.” Those requirements are strict, including a warrant based on probable cause as well as high-level government approvals and proof alternatives would not work.
At risk of being excoriated once again by The Barefoot Bum
, Judge Cooper seems to have swallowed a minnow of misconception rather than landing the big tuna represented by the Wiretap Act. We are not supposed to be peeked at behind the curtains of privacy. According to case law, “When the contents of a wire communication are captured or redirected in any way, an interception occurs at that time
Apparently (and because this is an opinion column, apparently suffices) the Motion Picture Association of America hired a hacker to peek. The ordinary definition of ‘hacker’ is: A programmer who breaks into computer systems in order to steal or change or destroy information as a form of cyber-terrorism.
That’s OK with Judge Cooper, because the information was technically in storage, if only for a few instants. How bizarre is that? Back in the days before Skype, I’ve had trans-Atlantic phone calls that lagged by considerably more than a millisecond. Does that mean it was perfectly all right to tap the transmission?
MPAA hires a hacker to surreptitiously change the ‘copy and forward‘ function of a server to which he has no legal access, pays the thief fifteen grand for the stolen information and then an MPAA spokeswoman claims “The information was obtained in a legal manner from a confidential informant who we believe obtained the information legally.”
Is that chilling?
The next time you send confidential financial information to your accountant by e-mail attachment, do you feel secure? Are e-mails to ex-wives, lovers, porn sites, congressmen (pardon the redundancy), bosses, clients, aunts, uncles and assorted second-cousins private? Or does Judge Cooper feel that because they are semi-instantaneously routed in their flight through cyber-space, they’re fair game for any punk who can pry open the blinds?
Judge Florence-Marie Cooper, of Pacific Palisades, California, has served as a Judge on the Los Angeles Superior Court since 1991. Prior to her appointment to the Superior Court, she served as a Los Angeles Municipal Court Judge from 1990 to 1991; a Los Angeles Superior Court Commissioner from 1983 to 1990; and a Deputy City Attorney for the City of Los Angeles in 1977. Judge Cooper attended City College of San Francisco and received her J.D., magna cum laude, in 1975 from Whittier College School of Law. Following law school she clerked for Judge Alarcon of the Los Angeles Superior Court from 1975 to 1977; for Justice Alarcon of the California Court of Appeal, Second Appellate District from 1978 to 1980; and for Justice Woods of the California Court of Appeal, Second Appellate District from 1980 to 1983.
Sounds like an unusually able judge.
But there is the law and there is interpretation of the law and, unless I’m missing something, allowing hackers into secure servers to re-route, simply because they did not ‘stop and seize’ makes not much sense.
Sorta like ‘stop and frisk‘ is OK as long as the police keep walking and merely drag the victim along by the shirt.