Skepticism

Skepchick Quickies, 10.25

Jen

Jen is a writer and web designer/developer in Columbus, Ohio. She spends too much time on Twitter at @antiheroine.

Related Articles

21 Comments

  1. So if women drink de-caf breasts will grow? And now Hooters/Starbucks will have to rename the coffee cup sizes – A, B, C, D….)

    As for the arrest, the charges were ‘illegal access to a computer and manipulation of data’. So a crime was committed, despite the unusual circumstances. But it does show some people really need to get a ‘first life’ before getting a seond one. :P

  2. @Lyc: Yeah, but it also says the woman was given the login info from her “husband” when they were still happily, virtually married. Is it a crime if the husband forgets to change his password after the divorce? Maybe it’s just the obsessive computer geek in me, but I have NEVER given online account info to an SO, and never had much sympathy for those who did and had cause to regret it later.

  3. @Jen: The crime happens when you log into someone else’s computer, even if they gave you the password. It might sound silly, but someone giving you their password isn’t the same thing as actually giving you permission to access their computer. It’s obviously implied, and usually nobody gets upset. But if you don’t have actual permission, and (like in this instance) you know you most likely don’t have permission, then using the previously acquired password is a crime.

  4. @LBB: I could see a physical computer, but what about an online account that can be accessed from any computer? I’ve known quite a few girls who still checked their exes’ email accounts months after the breakup to find out what they were up to. Regardless of legality, I still think it’s a stupid move to give anyone else your personal account info.

  5. @Jen: I agree, giving anyone your password is a grade-A bonehead move. Still, checking someone else’s email without permission would (in the U.S.) be a violation of 18 USC 2510, the Electronic Communications Privacy Act. Section 2511 provides criminal penalties, and Section 2520 creates a civil cause of action. If the hackee sues under Section 2520, the hacker can be on the hook for actual damages, punitive damages, and the hackee’s attorney’s fees.

    The Act criminalizes the interception, or the attempted interception, of “electronic communications.” I’m not an expert, but I suspect that logging into and making changes to an account like that would qualify.

    Consent of the person whose emails were read is a defense, but I doubt a court would buy the argument that someone accessing the email of an ex would reasonably believe that there was still consent. I don’t know about Japan, but I suspect that their laws are similar.

  6. @LBB: Do you know if the law also have something to do with proving how someone got the password vs. proving that they used the password? Like how they got he would be he said/she said, but you could show through IP logs who was accessing what and when. So rather than wasting time arguing about how someone got the password, they can argue based on the facts.

  7. @Kimbo Jones: I don’t know for sure, although the statute doesn’t mention passwords at all, just unauthorized access. My guess is that it would work like this.

    Since consent is a defense, the burden would be on the defendant to show that the plaintiff consented to the interception. If prior knowledge of the password was imparted by the plaintiff, that would be something that would tend to show consent.

    If there was a dispute over where the hacker got the password, then it would come down to whose evidence was more believable. If the jury decided that the plaintiff gave the defendant the password, then they would consider that an item in the defendant’s favor. Then they’d put that in context with all the other evidence of consent, and decide if the plaintiff really consented to the interception, of if the defendant should have reasonably believed that the consent was given.

    There’s a lot of that in the law. He says, she says, and then the jury decides whose story is more believable.

    The bottom line is, don’t read your ex’s email. If he or she finds out and decides to sue you, you could be in deep.

    BTW, I’m not a lawyer yet, so this isn’t legal advice, it’s just my MHO.

  8. How she obtained the password is irrelevant. He could have wore a pink tutu and danced down the street singing “My Password is…” into a megaphone. Incredibly stupid – yes, but consent – not really.

    For example, if I give my neighbours the house keys so they can feed my dog when I am away, I am not consenting for them to rob my house or smash up the funiture – and if they did, I doubt the police would have no problem in tossing them in the clink despite them having my house key.

    Ditto if someone cleans out their ex’s credit card account because at one point they knew the account numbers.

    Which is what I think the case comes down to – ‘did this person access the account and delete it without the owners consent (explicit or implied)’? Which is where it gets messy in defining wether ‘consent’ covered ‘deletion of the account’. And was consent removed after the ‘divorce’?

  9. Really, Jen. Isn’t saying that the husband was being stupid therefore it is crazy to arrest her a form of the “he was asking for it” defense?

    Granted, having a character in an online game deleted isn’t exactly the worst crime that can befall one, but even so…

  10. @TheCzech: I did not say it was crazy to arrest her – I said the whole situation was crazy, because this is an interesting new set of legal challenges we are just beginning to encounter. I don’t know the legal details about this type of thing, which was why I was honestly asking questions about it. But, as I said, regardless of the legal issues, yes, I think the husband in this case did something very stupid by not protecting his digital property. I never said that the woman didn’t deserve punishment, or that it’s all the man’s fault because he didn’t change his password. I’m saying it’s important to take responsibility for your own property, digital or otherwise, and that many people haven’t yet learned how to take care their online accounts as well as they should.

  11. @Jen: I have a computer science degree myself and do techie stuff for a living, so I understand.

    My graduate degree is in applied math, so I also can’t play the lottery for similar reasons. What would my stats professors think?

  12. I suspect that Mr “I ‘m to dumb to protect my password’ has voided any possible compensation claims or counter suits, as he didnt take “reasonable precautions” to prevent the intrusion.

    The lawyers could also have a field day with it as well – “Oh I didn’t mean to delete his account but accidently hit the wrong button” and similiar strategies.

    It all comes down to that the Terms of Use/EULA for Second Life are. I would bet theres a clause written in 1pt font hidden in there somewhere about giving out passwords.

  13. Hi there!

    Prostitutes, semi-legal Marijuana, and the Mythbusters? Man, I need to get myself to the greater San Francisco area. :(

    Of course, those are the same three reasons that my wifey would OPPOSE my going there. :(

    (Not that she’d have any opposition to me meeting Adam, Jamie, Grant, or Tory, just …)

Leave a Reply

You May Also Enjoy

Close
Close