Law in the Internet Society
Electronic Monitoring in Domestic Situations: What Does This Mean For Parents in the Fight Against Cyberbullying?

Michigan Man Faces 5 Years in Prison for Checking Wife's E-mail

Leon Walker, a computer technician in Michigan, currently faces a jury trial in Michigan. Mr. Walker was arrested in February 2009 for accessing and distributing his ex-wife's emails. However, Mr. Walker claims "It was a family computer" and that he and his ex-wife both routinely used it. Furthermore, Mr. Walker maintains that his reason for peering into his ex-wife's email was in regards to a risk he perceived to his daughter. Despite this, Mr. Walker has been charged with a crime under Michigan Statute 752.795 which prohibits anyone from accessing a computer to "acquire" property or use the service of a computer program "without authorization." This prosecution raises serious issues regarding the use of computer technology to combat Cyberbullying since all 50 U.S. states have similar laws.

Unusual Application of Michigan "anti-hacking" Law

The relevant part of Michigan's Section 752.795 reads:

"A person shall not intentionally and without authorization or by exceeding valid authorization do any of the following:

(a)Access or cause access to be made to a computer program, computer, computer system, or computer network to acquire, alter, damage, delete, or destroy property or otherwise use the service of a computer program, computer, computer system, or computer network."

At face value the statute would appear to apply to the actions of Mr. Walker if in fact he acted "without authorization." However, should a criminal penalty be imposed in a situation where the alleged offender purchased the computer and used it frequently? How would Mr. Walker's situation differ from that of another parent checking their child's email? Domestic situations likely often make the question of who has "authorization" a difficult one, and further prosecutions such as this could potentially make parents think twice before using technological means of investigating Cyberbullying.

It seems to me that two questions are conflated here: (1) Is it appropriate under the circumstances to apply the statute in a domestic situation? and (2) is it appropriate to apply the statute to the unauthorized accessing of someone else's files on a multiuser computer when that computer is owned by the defendant, who regularly does computing of his own there? These questions do not seem to me to have similar analytic avenues associated with them, and I suspect they have generally diametrically opposed answers. It would be helpful to treat them separately.

However, it appears that Mr. Walker's situation is not a common occurrence. In a CNN.com article, a N.Y. criminal defense lawyer Paul Callan commented on the situation saying that this was "a highly unusual use of a criminal statute." Mr. Callan further commented that similar statutes are generally used to prosecute "some technological guy who's broken into a company's computer system and damaged it or stolen something."

The statement is helpful in establishing what you say and we already suspect: this is an unusual and marginal attempt to apply the statute by a prosecutor who may be: (1) exerting leverage by deliberate overcharging, (2) attempting to locate the limits of discretion with respect to the statute, (3) inclined to take a literal approach to recent legislative language the legislature can revisit, (4) stupid, (5) corrupt, (6) honestly overzealous, and many other possibles. (One might think (3) unlikely, by the way, but I have actually encountered many prosecutors working in this particular area who think this way, while stupid and corrupt ones are both reasonably uncommon.) But that doesn't take us far analytically, and if anything it causes us to think that this case is probably a sport, and not something we need to spend too much time worrying about.

The 2008 Michigan case People v. Brunk illustrates this point in regards to the Michigan statute. In Brunk, a Michigan appellate court reversed the jury trial conviction of a man for a violation of MCL 752.795. The defendant in Brunk was originally charged and convicted under the statute for his actions in accessing the computer network of the Michigan Public Safety Communication System (MPSCS). The defendant, a radio technician, downloaded MPSCS radio programming information and emailed it to a radio vendor. The situation in Brunk, where emergency service radio protocols were involved, is far from that of the domestic context of the situation entangling Mr. Walker.

As you say after marching us up the hill, there's really nothing much to do but march back done again, because the two situations are too far apparent for the decision, such as it is, to be relevant. Leaving this out would have no cost, and would give you more space for actual thinking in.

What is Authorized Access in Domestic Electronic Monitoring

In the context of parents using technology in anti-Cyberbullying efforts, the critical question for parents will be what constitutes sufficient "authorization."

Authorization to spy on one's children? The horrendous fact about the world we live in, which has no respect whatever for children's rights in almost any context, is that parents' right to spy on children is presumed. What prosecutor would ever attempt to convict a parent for spying on a child? No jury would convict. This whole part of the analysis strikes me as merely fanciful altogether.

People v. Brunk again may prove illustrative and interestingly may support the proposition that proving a "lack of authorization" will be highly difficult in domestic situations. As noted above, the defendant's conviction in Brunk was reversed in part on the grounds that the appellate court found insufficient evidence to support that the defendant lacked authority to access the MPSCS computer network. In reaching this conclusion the court noted that "Generally speaking, defendant, as a state radio technician, had authority to access the computer network." Furthermore, the court discussed the absence of written policies or procedures determining when access to the MPSCS computer network was appropriate and held in favor of the defendant likely because of the uncertainty of the apparent verbal policies. As the court said, "While there may have been a clear and absolute verbal policy, rule, or directive that only radio technicians or radio shops given work orders could access the network and download templates relative to a particular public safety department, and while perhaps defendant did not have authority to do so absent a work order, there was no evidence presented to support these propositions." On this reasoning from Brunk regarding lack of authority, it could be similarly said that a parent or spouse who owns and regularly uses a family computer "generally has the authority to access" that computer. Furthermore, again under Brunk, reliable evidence of fact regarding casual instances of where a spouse or child may give verbal permission or prohibition to access email or a social networking website may prove extremely difficult to establish. It thus may appear that criminal prosecution of electronic monitoring in the domestic setting under statutes similar to Michigan's MCL 752.795 will likely prove time consuming and perhaps problematic.

A New Trend?

The prosecution of Mr. Walker continues, however, prosecutors should consider that criminal prosecution of domestic electronic monitoring may have the unintended consequence of discouraging parents and perhaps educators from using electronic tools to protect children.

To protect children by spying on them? Can you give me any reason why I shouldn't find that justification every bit as nauseating in this context as it is when authorities use it as the excuse for spying in every other situation? Children can give or withhold knowing, informed, actual consent to being monitored from a very early age. And as their understanding of the boundary between self and other, including parents, is modified as they grow, it is reasonable and appropriate for the adults who monitor them to secure their renewed consent under the changing circumstances of their lives. Presuming an entitlement to monitor the thoughts, behavior, or communications of children, online as well as offline, is oppressive force. Securing actual informed consent to be watched and attended to by parents who love them is the easiest thing in the world to get from children. When they withhold that consent, it is more than appropriate, it is usually necessary, for parents to inquire immediately into the reasons for the child's change of mind. Truthfulness and trustworthiness are taught in families. But how can they be taught in families where people spy on one another?

The question should be asked in regards to Cyberbullying, how can it be adequately addressed when investigation must be done under the specter of criminal prosecutions? It should be noted that the U.S. Department of Health Resources and Services Administration, in listing suggestions to parents on how to prevent Cyberbullying, indicates, for parents to consider installing software monitoring programs. Should these suggestions carry the warning "beware of criminal prosecution" for the use of anti-Cyberbullying tools?

Even advising parents to install filtering software (which is not monitoring software) is an ethical lapse. Of course this advice is outrageous. But once again, given the society-wide determination to pay no heed whatever to children's privacy rights, who would for an instant worry about being convicted by a jury of one's neighbors for engaging in the one form of persistent child abuse that goes on in almost every home?

I would hope that this should not be the case given the difficulty parents and educators face in dealing with Cyberbullying and bullying of all kinds. In conclusion, parents and educators face tremendous challenges in dealing with bullying and should be able to enter the technological space and use technological tools in their important efforts to stop it without fear of criminal liability.

This is not the occasion on which to discuss whether there is such a problem as "cyberbullying," or whether this is another aspect of the exploitation of fear of change that the GWOT and the anti-piracy campaigning and Obama-the-Kenyan-Revolutionary memes are about. Let's assume for the moment that the denial of children's privacy rights has suddenly been made necessary by an overwhelming social problem so serious and harmful that we can't be bothered to talk to our own children about why we're spying on them so as to secure their consent. This seems to me inherently obvious nonsense, but let us for the sake of argument grant every questionable premise and overlook every salient flaw. One then seems to confront the question why, in the presence of this enormous terrible emergency that everybody knows about because it's so immensely serious, would jurors begin convicting their neighbors of using tools to protect their precious children, even if prosecutors—who are usually fully with the program when it comes to taking away peoples' freedom to protect them from harmful or even immoral mischief—suddenly lost their minds and started charging them with criminal computer intrusion and theft of digital services for doing so? Are we to believe that this is a serious possible problem in our confronting this immense societal emergency on the basis of a single untested prosecution brought by a guy who is doing, as any courthouse animal in NYC can and does tell you, some weird thing that doesn't happen because it's a really silly idea to do it?

Maybe it is possible to make this argument, although it seems to me that the prize is not worth the effort if you can only convince those people who are willing to grant all the premises it takes to get to the point where the argument itself begins. Maybe it would be sufficient to back up a step and explain why invading children's privacy is different from invading other peoples' privacy, from an ethical point of view. Granted that the law is probably not a form of social control that can be productively used to increase adults' respect for children's privacy, what justifies the form of argument you use here? When children are supposed in law to be incapable of giving their consent, their consent is always otherwise presumed not to be given. This is the rule with respect to everything from contracting to trustee conflicts of interest to marriage to sexual intercourse to participation in conspiracy. It's been that way throughout the history of the common law. Why should the law in this one area, against the weight of a thousand years of consistent outcomes the other way, consider that if children can't give actual consent to the invasion of their privacy rights by parents or others, that consent should be presumed?

Navigation

Webs Webs

r4 - 21 Jan 2012 - 19:13:27 - EbenMoglen
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM