5 August 2008

Stretching the Computer, Fraud and Abuse Act to its limits.

A recent development has taken place in the case of United States of America v Lori Drew.

The factual matrix of the case has been widely publicised by the media around the world. In 2006, the Defendant allegedly created an account on the social networking site ,MySpace, under a male alias. She communicated with a 13 year old girl through that account on a regular basis. At some point during those communications, the Defendant, said hurtful things to the young girl. Shortly, after those communications, the young girl killed herself.

The Defendant in this case has been charged with infringement of the Computer Fraud and Abuse Act ('CFAA').The Prosection alleges that the use of a fictitious name, registration information and hurtful speech by the Defendant was in breach of the terms of service of MySpace. In particular, the Defendant has failed to provide truthful and accurate registration information, has used the information obtained from MySpace to 'harass, abuse, or harm other people', has solicited 'personal information' under 18s users, has promoted information that she knew was false or misleading, and has posted photographs of other people without their consent.

The case built by the Prosection has been heavily criticised by the EFF, in the United States, who has filed an amicus brief on Friday, arguing that the criminal charge for violation of the terms of service is a 'dramatic misapplication' of the CFAA with 'far-ranging consequences for American computer users.'

The aim of the CFAA is to sanction what are commonly known as computer hackers and it is, indeed, a stretch of legal interpretation as well as logic, to apply this act to the present case which concerns terms of use. It is, of course, undeniable that, if the Courts find that the Defendant`s actions have directly or indirectly led to the death of the young girl, then these actions need to receive an adequate penal sanction. However, stretching the current law so as to impose a criminal sanction under the CFAA for breach of the terms of use is not the right answer.

No comments: