Congress Debating If Putting A Fake Name On Facebook Should Be A Felony

from the how-to-turn-the-whole-world-into-felons dept

On Wednesday, George Washington Law professor and former federal prosecutor Orin Kerr authored an op-ed in The Wall Street Journal, posing the question "Should faking a name on Facebook be a felony?" He was, of course, talking about the infamous Computer Fraud and Abuse Act (CFAA), which Congress is preparing to update. The CFAA, as has been noted here many times, is a federal law passed in the '80s and initially designed to combat malicious computer hacking, but which has become bloated, stretched and over-applied in the years since.

At the root of many of the arguably overreaching applications of the CFAA is the prohibition on conduct which "exceeds authorized access" to a computer system. According to Kerr:
The problem is that a lot of routine computer use can exceed "authorized access." Courts are still struggling to interpret this language. But the Justice Department believes that it applies incredibly broadly to include "terms of use" violations and breaches of workplace computer-use policies.

Breaching an agreement or ignoring your boss might be bad. But should it be a federal crime just because it involves a computer? If interpreted this way, the law gives computer owners the power to criminalize any computer use they don't like.
And Professor Kerr should know, he was the attorney who defended Lori Drew when she was charged with a felony for making a fake MySpace profile. The Justice Department's position that a violation of a terms of service constitutes a federal crime basically makes the Federal government the enforcer of private contracts. Got an employee spending too much time on Facebook? Turn them in to the Feds. Someone posting comments you just don't like on your blog? Call the DOJ. Or threaten to. The chilling effect alone should be enough to keep your users in line.

Would you believe that some politicians are even thinking of making the bill even worse?

Professor Kerr's primary concern expressed in the op-ed was that the CFAA was going to be amended to make any violation of the CFAA a felony. Hopefully, this won't pan out. The original Administration proposal (pdf) did increase the baseline punishment for any violation of the CFAA (including exceeding authorized access) from a misdemeanor level offense (less than one year) to a felony. But, thankfully, the Judiciary Committee didn't take the Administration's suggestion. Lets hope it stays that way as this bill makes its epic journey through the Washington legislative sausage maker.

There is yet a glimmer of rational-thought hope. Senators Grassley and Franken have introduced an amendment (pdf) which would modify the definition of "exceeds authorized access" to exclude violations of a TOS, if that's the only basis for the charge of violating the CFAA, effectively improving the CFAA instead of making it worse. Fingers crossed that the amendment makes it in.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cfaa, felony, hacking, orin kerr, terms of service


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Dirtydeets, 22 Jul 2013 @ 12:01am

    BS

    what about making false birth certificates.....at hmm...
    so how fuck off with the bull shit and do something the way it should be done.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Essential Reading
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.