back to article Supreme Court mulls whether a cop looking up a license plate for cash is equivalent to watching Instagram at work

There’s a growing problem with computer laws written in the late 1980s and early 1990s. They were produced just as PCs began entering widespread personal usage but they failed to account for what electronic devices would soon be used for most of the time: accessing information over the internet. Nowhere is that more clear than …

  1. Mike 137 Silver badge

    " led the case all the way up the Supremes"

    Yes, they do seem to making quite a song and dance about it.

    1. DJV Silver badge

      Re: " led the case all the way up the Supremes"

      Yep, all the way up the ladder to the roof...

      1. DJO Silver badge

        Re: " led the case all the way up the Supremes"

        There's no stopping us now.

  2. iron Silver badge

    > we think it's improper if not, at the very least, very dangerous to rely on legislative history to resolve ambiguity

    So a lawyer who doesn't believe in precedent? I wonder which other parts of the law he doesn't believe in?

    1. John Riddoch

      There's believing in precedence and there's allowing judges' interpretations of badly worded laws to fix issues (particularly ANYTHING related to technology). Putting bad laws in place and assuming the courts will fix it later is lazy and liable to abuse from both prosecutors and defences.

    2. find users who cut cat tail

      Declaring ‘things must/must not happen – let the courts find some such things later’ is not a reasonable legislative approach. This is exactly the statement expressed by the lawyer.

    3. Paul Johnson 1

      No, "legislative history" means what the lawmakers in Congress said about the law, what it meant and why they passed it. "Precedent" is what judges decided about it since then, which is completely different.

    4. Blazde Bronze badge

      I'd think there's a big difference between resolving an ambiguity in law by referring to what legislators intended to enact, and resolving an ambiguity in what legislators intended by somehow inferring what they might have intended under some alternate technological progress timeline. The first can often be pinned down firmly. The second is just an attempt to create law without any kind of scrutiny.

      1. Eclectic Man Silver badge

        Supreme Court

        Isn't that exactly what the US Supreme Court does? It interprets the constitution of the USA to decide what current US laws mean. The fact that the US constitution is hundreds of years old and was written by slave-owning rich white men is irrelevant.

        1. Jimmy2Cows Silver badge

          Re: irrelevant

          About as irrelevant and unnecessary as your final sentence. Seriously. What possible benefit does that statement bring to the conversation?

          1. Gordon 10 Silver badge

            Re: irrelevant

            The fact that context matters perhaps makes it entire relevant? Lets not get into the right to arm bears clause. (should be claws)

          2. Eclectic Man Silver badge

            Re: irrelevant

            @ Jimmy2Cows

            Well, it has prompted a thoughtful comment from Blazde below, so it waste completely pointless. I am sorry that feel aggrieved by what I posted, but interpretations of the Constitution of the USA are going to become quite interesting now there is a strong right wing majority on SCOTUS provided by Trump's three nominees, particularly Kavanaugh and Barrett.

        2. Blazde Bronze badge

          Re: Supreme Court

          "Isn't that exactly what the US Supreme Court does?"

          Ideally it does the first thing (interprets what the drafters of the constitution intended), doesn't it? So for example we get debates over what they meant by 'arms' and whether assault rifles are now necessary for a well functioning militia (being the stated intention of the right). It's fair to assume they could have expected some progress in firearms technology so this may well have been intended. That's not to say there isn't plenty of room for debate over what was intended. Clearly there is.

          An example of something we can't know is their hypothetical intention following the development of weapons of mass destruction and therefore any argument which claims the second amendment drafters would have intended to permit (or outlaw) the right to bear megaton thermonuclear devices, if only they'd known about them, is nonsense. They couldn't possibly have had that level of destruction in mind when using the word 'arms' and to pretend they did would be to abstract the literal words of the constitution away from any concept of intention.

          1. Anonymous Coward
            Anonymous Coward

            Re: Supreme Court

            "They couldn't possibly have had that level of destruction in mind when using the word 'arms' "

            Ha, I am sure there of plenty of gun nuts that would be comfortable with personal nuclear weapons, cause you know, if your neighbor has them, well then, you need them, other wise only criminals have nukes.

            1. Eclectic Man Silver badge

              Re: Supreme Court

              Re personal nukes. I suspect that the right of national government, i.e., the US President and the Houses of Congress to declare and make war would be interpreted as denying any citizen any weapon whose use on its own could be a de facto declaration of war. Consider the movie 'Billion dollar brain', where an anti-communist attempts to invade Russia during the Cold War. Clearly the Russians (in the movie) could take that as a declaration of war. Owning your own nuclear bomb, like Matthias Rust, you could pop it into an aeroplane, fly to Moscow, land in Red Square and detonate it.

              Also the USA has signed the Nuclear Non-Proliferation Treaty* so they are bound by international treaty to deny nuclear weapons to their private citizens.

              * https://en.wikipedia.org/wiki/List_of_parties_to_the_Treaty_on_the_Non-Proliferation_of_Nuclear_Weapons

              1. Eclectic Man Silver badge

                Re: Supreme Court

                I confess to being intrigued by the reason for the thumb down. The USA has signed the nuclear non-proliferation treaty, the US President and Congress do have the right to declare (whereas US private citizens do not), and launching a nuclear attack on a foreign state probably does constitute and act of war. Please let me know to what you object and why. (And yes, Mathias Rust dod fly his light aircraft from Germany to Moscow and landed it in red Square: https://en.wikipedia.org/wiki/Mathias_Rust)

            2. Anonymous Coward
              Anonymous Coward

              Re: gun nuts

              Why does my preferred sport make me a "nut"? I've found that it's the overwhelming choice of phrase of people that have never held a firearm, let alone fired a single round. It's also one of the few sports where the less-abled can compete on equal terms.

              1. Eclectic Man Silver badge

                Re: gun nuts (NOT)

                @ AC,

                Your preferred sport does not make you a 'nut'. There are perfectly responsible gun owners and users all over the place. Watch Olympic shooting events, the competitors' handling skills are exemplary (as they should be). Indeed, when the Ceausescu regime in Romania was falling, one of the people besieging the presidential palace complained that he preferred paper targets to live ones. He was the reigning Olympic small-bore pistol gold medalist.

                The term 'gun nuts' only applies to people who consider that they have an inalienable right to own and carry whatever weapon they choose in whatever circumstances they choose, and that everyone should have those rights. 'Gun nuts' are people who claim that the perpetrators of mass killings were suffering from mental health issues, but reject the idea that mental health issues should be considered when deciding whether to allow that person to own a firearm. They are people who object to laws on gun ownership applying to private sales of second hand weapons. (What is the point of denying a convicted murderer a firearms licence if (s)he can just buy one from someone else?). They claim that a 'good guy with a gun' is all that you need to protect against a 'bad guy with a gun', without considering that with that reasoning you only know who that 'bad guy' is after they have killed someone, and seem unconcerned about prevention of the initial murder.

                Just like with motorcars and motorbikes, there are responsible owners and users and irresponsible ones. The young man caught doing 180mph (yes, one hundred and eighty miles per hour) on his motorbike on a UK public road was clearly not being sensible.

                Like any derogatory term, 'gun nut', is often used improperly or to offend, but also occasionally accurately. If you are offended, I suggest you ignore it.

            3. Grinning Bandicoot

              Re: Supreme Court

              Was that not de Gaulle's argument for the Force de Frappe? And to place all gun owners as nuts, lunnies or crazy is an assumption that is equivalent to looking in binoculars backwards.

          2. GrumpyKiwi

            Re: Supreme Court

            The weapons of mass destruction of the day were canons. Many many of which were privately owned by ship owners and the like. And a great many of these privately owned canons had been donated to the cause of the revolution.

          3. Dave314159ggggdffsdds Silver badge

            Re: Supreme Court

            I think it's pretty clear what the writers of the Constitution meant in most cases. They meant stuff we no longer find acceptable. But in that case the Constitution needs amendment, in my view. Reinterpretation in the light of modern sensibilities is obviously wrong.

            1. Fluffy Cactus

              Re: Supreme Court

              No, it is not necessarily clear what the constitution meant in most or at least some cases. That's why jurisprudence at one point had something called "the prudent man standard". It asked: "Would a reasonably careful person under such and such circumstances find this or that conclusion reasonable and acceptable?" US law-making and law-interpretation did away with that standard long ago.

              Today, the law can mean whatever a Supreme Court decides it should mean. Thus, keep stuffing a Supreme Court with crazy people, and the whole thing will go off the rails, to the right or to the left.

              The judgments of German Courts between 1933 and 1945 is just one example. USSR courts, Chinese Communist Courts, Catholic Inquisition courts, are all examples of how wrong such systems can go.

              To me, the issue of the police man using his ability to look up a license plate for a quick cash deal is

              clear: You are allowed to use these official systems only for official purposes. The police guy did something wrong, overstepped the boundaries of what he was allowed to do. Should he be fired?

              Maybe not at the first offense. A warning might suffice. But if he keeps doing the same thing over and

              over and does not listen to reprimands, then eventually he's gonna get fired for a cause.

              Another example of this is: A person working for the US Internal Revenue Service, or the British Inland Revenue is not allowed to look up his neighbor's tax return, just because he can. Such a person is required to work only the cases he is assigned. That's because that information is supposed to be private, as much as possible. Same with any medical doctor: Is a doctor allowed to publish whether such and such famous actor, politician, etc has had treatment for sexually transmitted diseases, etc? NO, I don't think so. There is a presumption and or requirement of privacy.

              My sense of justice in these matters is merely based on the "Golden Rule", which says, more or less,

              "if you didn't want to be treated like that, you should not allow to have anyone else treated like that".

              So, would you want yourself, your wife, your children, your relatives be treated unfairly? Well then, stand up and say so. If your mindset is "Everyone else can be treated unfairly, except me", then you fail to understand what justice should be all about.

              Either one has a sense for these issues, or one doesn't. I don't need to refer to any other law to come to that conclusion: "Justice is fairness, and if it is not fair, it's crap!"

    5. Prst. V.Jeltz Silver badge

      "So a lawyer who doesn't believe in precedent?"

      I find the whole "precedent" idea pretty dumb.

      Its akin to "This is the way we've always done it" which is the excuse I am regularly given for a whole buch of pointless , unproductive and downright stupid I.T. working practices.

      One senuile old judge decides that murder is ok if its on a tuesday.

      Now a "Precedent" is set, and it shall be thus

      1. Dave314159ggggdffsdds Silver badge

        That isn't how precedent works.

        https://www.law.cornell.edu/wex/stare_decisis

  3. Santa from Exeter

    Ignorance or lack of it

    On the subject of accessing Facebook to quote "Except of course, it does. Especially if someone is using two-factor authentication for additional security."

    Unless things have changed radically, you don't actually have to log in to access Facebook.

    You do to post, etc, but whilst you might be nagged to log in to view content it isn't actually needed.

    So maybe not so ignorant after all

    1. overunder Silver badge

      Re: Ignorance or lack of it

      Not to mention Facebook, Google, Amazon etc. are using UNAUTHORIZED access to track you across the web. Of course, if this law changes all the MegaCorps. will have it re-written so there's never a doubt that you can be spied on. When it's re-written, MegaCorps will be allowed to log INTO YOU and "gather data for economic growth". Too paranoid... look around, what world do you live in?

      I went and read the law and I like it. It works for people and company, as seen with most computer laws before IT influence (a.k.a. greed). Stupidity is no excuse, why do people make it so? If you're an IRS tax agent, you can't look up the tax history of Netflix to pay your bill!! The cop is guilty by just about every case, read this link... https://www.law.cornell.edu/uscode/text/18/1030#

      (1) having knowingly accessed a computer without authorization or exceeding authorized access,

      (2) intentionally accesses a computer without authorization or exceeds authorized access,

      (3) intentionally, without authorization to access any nonpublic computer of a department or agency of the United States,

      (4) ... It just goes and on... guilty.

      1. Jimmy2Cows Silver badge

        Re: Ignorance or lack of it

        Authorisation for megacorps to do what they do is usually implicitly granted by using their services, or the services which use their services, etc.

        Usually buried on page 348 of impenetrable legalise that is the T's & C's or some such.

        But yes, the cop is clearly guilty of unauthorised misuse. He's just trying every possible angle to weasel out of it, no matter how absurd. His lawyer is probably paid by the hour so is happy to do so.

        1. FlamingDeath Silver badge

          Re: Ignorance or lack of it

          “His lawyer is probably paid by the hour so is happy to do so.”

          It’ll be his dumb fucking lawyer advising him

          I think they give these titles to anyone willing to “ave a go”

          In other news, judge wheeled into courtroom with oxygen tank attached

        2. Strahd Ivarius Bronze badge

          Re: Ignorance or lack of it

          that is the crux of the matter: the difference between "misuse" and "unauthorised access".

          Does "unauthorised access" covers "authorised access but for a wrongful use"?

          Just image what may happen if it so.

          You are requested by a person of authority to access a web site to retrieve some information that only you can access.

          Your provide the information to that person of authority.

          That person use it in a way that is latter deemed unlawful.

          Are you guilty?

          1. Prst. V.Jeltz Silver badge

            Re: Ignorance or lack of it

            No its plain as day

            He is authorised to use it for work related matters in a responsible way.

            He's authorised to carry a gun too , but that doesent mean he can take payments to use that equipment on people decided by the highest bidder

          2. Alan Brown Silver badge

            Re: Ignorance or lack of it

            > Does "unauthorised access" covers "authorised access but for a wrongful use"?

            No, this has already been covered in multiple courts in the USA and the miscreants spanked soundly (it's almost always been cops too)

          3. katrinab Silver badge
            Meh

            Re: Ignorance or lack of it

            He has been issued a password to access the system, but there are presumably rules about what he is allowed to do on the system. Anything else is not authorised.

            I don’t think the rules have to be coded into the system to be legally effective? If they were, any sort of hacking would be legal, because the system allows access in this manner.

  4. Boothy Silver badge
    WTF?

    Why case law?

    Case law always puzzled me as a concept. Wouldn't it be better to revise the law instead?

    Case law (Vast oversimplification I'm sure!):

    1. Create a new law

    2. Lawyers now need to learn the new law.

    3. Prosecute someone under that law, and notice some issue or ambiguity in the law. i.e. It's not been written well and is too open to interpretation, or the Worlds moved on, and things not envisioned at the time of writing, are now possible etc etc.

    4. Escalate this issue to some higher ranking judges, for them to interpret the law, make a decision.

    5. Create new case law based on the decision.

    6. Lawyers etc now need to learn the new case law, in addition to the original law.

    Move on a few years, and you potentially have many case laws for the original law, and a whole mess to sort out by lawyers and judges.

    Alternate:

    1. Create a new law

    2. Lawyers now need to learn the new law.

    3. Prosecute someone under that law, and notice some issue or ambiguity in the law. i.e. It's not been written well and is too open to interpretation, or the Worlds moved on, and things not envisioned at the time of writing, are now possible etc etc.

    4. Escalate this issue to some higher ranking judges, for them to interpret the law, make a decision.

    5. DIFF STARTS HERE: Update the original law based on the decision. i.e. we now have Law 'x' version 1.1

    6. Lawyers etc now need to learn the updated law.

    Move on a few years, and you still only have the one law to learn, you just need to keep pace with the revisions.

    This would also allow changes to the law, where it no longer makes sense, for example if something was specific to a tech that no one uses any more.

    Just a thought anyway!

    1. ciaran
      Boffin

      Re: Why case law?

      Certainly there are many things outside of software that would benefit from change control. Lets put all the laws in Git....

    2. dinsdale54

      Re: Why case law?

      While this is nice in theory, the turnaround for modifications to a law can be measured in decades. For a computer analogy, think of parliament writing the spec and the legal system doing the user acceptance testing and bug fixing.

      1. Anonymous Coward
        Anonymous Coward

        Re: Why case law?

        Decades? Hardly. It can sometimes be measured in days or weeks, and is frequently measured in months.

        It can also be measured in miles. There are MANY cases where a US federal law means five different things depending on what part of the country you're in, and unless the SCOTUS deigns to fix it another court can still find a sixth.

    3. osakajin Silver badge

      Re: Why case law?

      Interesting isn't it. There is now law in practice just rules mangled by prior decisions. A case is something brought out of thin air and proved in tenuous ways. Lame.

      1. Zippy´s Sausage Factory
        Headmaster

        Re: Why case law?

        "There is now law in practice just rules mangled by prior decisions."

        Indeed there is. It's called "common law", and dates back to the 1100s if I remember right.

    4. Blazde Bronze badge

      Re: Why case law?

      The 'Alternate' scenario here is kinda what happens because new texts get written which summarise case law and lawyers only need to read that for the most part, referring to the specific cases occasionally for further clarification.

      It's not like you go to law school and they show you a humongous library and say "Right, start at 1066. I hope you're a fast reader".

    5. Steve Todd Silver badge

      Re: Why case law?

      You need to remember that most lawmakers are lawyers. It’s a job creation process. They want the original language to be vague to catch as many cases as they can, and having to trawl through case law creates more work for their brethren.

    6. LDS Silver badge

      Re: Why case law?

      It's what is attempted in country not based on common law. The legislators attempts to identify all the possible situations, thereby the law is usually very complex. Usually they fail, and with time, more previously unknown situations piles up. So more and more loopholes are found. Instead of enacting a full new law, articles are continuously modified. Sometimes they are so extensive they make a different law, and tacking all the changes becomes a true pain anyway. Lawyers could have the required tools, "common people" less so.

      Legislators should stop aiming at grandstanding and need to return to be humble people writing needed laws.

      1. Alumoi Silver badge

        Re: Why case law?

        Amen to that, brother!

        As a lawyer in one such country I can tell you that sometimes it's a royal PITA to try and explain certain laws to people.

        One funny example (among many) comes to mind when the title of the new law was 'Government Decision xxx for the modification of the Goverment Decision yyy for the modification of the Government Decision zzz for the modification of Law xyz'.

        And now, during this pandemic, we have the Health Minister issuing orders (with the power of law) almost every week, changing a bit of this and a bit of that in many different laws that even lawyers have a hard time tracking all that.

  5. Andy The Hat

    So simple ...

    "And it needs to make clear that misuse of that information is the crime."

    As I understand it, that is one of the arguments againt the statute as it potentially means that anyone who signs or accepts a licence agreement would be liable to criminal prosecution not civil liability.

    Of course this means the 'simple' wording needs 'simply' extending to exclude private data ... but that would only refer to personal private data on a private machine not data hosted or belonging to a third party organisation ... unless of course you accepted a licence to access a private organisation's systems to look at data ... for instance a cloud database which happens to contain your personal data as part of a bigger system ... Oops it's suddenly complicated. I can see an email on the webmail server that says Malcom was sleeping with Justin's hamster - my data (addressed to me) but if I mention it to anyone am I dragged into the courts by Justin's jealous dog because that data was not on a personal, private system but held on a corporate email server that I was granted access to and which now makes it a criminal offence to 'use' under the CFAA ...

    The CFAA is clearly rubbish and needs fully rewriting ... carefully.

  6. heyrick Silver badge

    nothing that would get a cop convicted for looking up people's license plate numbers for cash

    There's the problem right there. Isn't there any concept of "corruption"?

    Or is that a can of worms that nobody is brave enough to touch?

    1. Paul Johnson 1

      Re: nothing that would get a cop convicted for looking up people's license plate numbers for cash

      The article here doesn't mention this, but the cop was also convicted of "honest services fraud", which covers that angle.

      1. Cliffwilliams44 Bronze badge

        Re: nothing that would get a cop convicted for looking up people's license plate numbers for cash

        Where it should have ended. Bringing in the EPIC was just prosecutorial overreach!

  7. Paul Johnson 1

    Background information

    The Electronic Privacy Information Center (EPIC) has more information here: https://epic.org/amicus/cfaa/van-buren/

    Quote -------------------------

    The FBI charged Van Buren with honest-services fraud and felony computer fraud. A jury convicted him on both counts. On appeal to the Eleventh Circuit, Van Buren argued, among other things, that the jury instructions were incorrect and that there was insufficient evidence to support his convictions. The Eleventh Circuit reversed and remanded the honest-services conviction because of an error in the jury instructions, but affirmed the computer-fraud conviction. The court determined that it was bound by its prior ruling in United States v. Rodriquez, where the court held that a Social Security Administration employee who accessed the personal information of seventeen individuals in an agency database for personal reasons “exceed[ed] authorized access” under the CFAA.

    Van Buren petitioned for review in the U.S. Supreme Court, arguing that the Eleventh Circuit’s decision deepens a circuit split over the interpretation of “exceeds authorized access.” The Court granted review on the question

    Whether a person who is authorized to access information on a computer for certain purposes violates Section 1030(a)(2) of the Computer Fraud and Abuse Act if he accesses the same information for an improper purpose.

    End quote --------------------

    Note that he was also convicted of "honest services fraud". The "reversed and remanded" means that it got sent back to the original court for a retrial. That retrial will probably also result in a conviction.

  8. DubyaG

    How about Bribery?

    It seems that this would have been better handled as using one's privileged position for monetary.

    Bribery refers to the offering, giving, soliciting, or receiving of any item of value as a means of influencing the actions of an individual holding a public or legal duty.

    So, cash offered, actions taken on the part of a person holding a legal duty, information transmitted, cash received.

    Looks like they picked the wrong law to enforce.

    Reference: https://www.law.cornell.edu/wex/bribery#:~:text=Bribery%20refers%20to%20the%20offering,a%20public%20or%20legal%20duty.&text=Solicitation%20of%20a%20bribe%20also,receipt%20of%20a%20valuable%20gift.

  9. Anonymous Coward
    Anonymous Coward

    No laws?

    "But seemingly nothing that would get a cop convicted for looking up people's license plate numbers for cash."

    What about bribery, misuse of authority in public office, gross misconduct, data protection?

    Set aside computers entirely. Does the law really say it is acceptable to pay a policeman to do things for you which are only possible due to a police officer's privileged position? Where those services take place in police time, in police offices, and using police resources?

    Could you equally pay a council worker or tax officer to give you photocopies of documents they hold about your neighbour?

    1. Alumoi Silver badge
      Facepalm

      Re: No laws?

      Could you equally pay a council worker or tax officer to give you photocopies of documents they hold about your neighbour?

      Of course you can, IF you find the right person

  10. Eclectic Man Silver badge

    Most common misuse of Police Computers

    Is, I believe, looking up the daughter's new boyfriend.

    1. larokus

      Re: Most common misuse of Police Computers

      I have had the privilege of being that boyfriend, true story!

      1. Eclectic Man Silver badge

        Re: Most common misuse of Police Computers

        'Those with nothing to hide have nothing to fear.'

        (Except misuse by unaccountable people, accidents, IT failures, hackers and probably lots of other things I haven't thought of.)

  11. macjules Silver badge

    They have far more important things to worry about here

    Is a Scotch Egg a "substantial" meal?

    1. heyrick Silver badge

      Re: They have far more important things to worry about here

      Perhaps if they didn't come up with such bloody stupid rules, they wouldn't have such bloody stupid outcomes.

      Next up - is a pack of prawn cocktail crisps a "substantial meal"? <sigh>

    2. EnviableOne Silver badge

      Re: They have far more important things to worry about here

      exactly, the government defined the requirement of a "substantial meal," without defining the term

      its up to the court to decide on the definition of substantial and meal should a case were somone is prosecuted under that statute appear before them and a hgiher court has yet to make that determination.

    3. katrinab Silver badge
      Coat

      Re: They have far more important things to worry about here

      Based on this, probably not - https://www.lawgazette.co.uk/obiter/a-substantial-meal-try-pickles-and-beetroot-to-stay-legal/5105974.article

      But if you add pickles and beetroot to the plate, or sausages on sticks, you will be fine.

    4. Eclectic Man Silver badge

      Re: They have far more important things to worry about here

      Surely a "substantial meal" includes three courses, a decent bottle of red wine, cheese and biscuits all rounded off with a liqueur coffee and a 'wafer thin mint'?*

      If you don't need to undo your belt a notch it ain't substantial in my book.

      *Not for breakfast of course, that would be porridge, a brace of kippers, kedgeree (or sausage, egg, mushrooms, fried bread, baked beans with tomato sauce, fried tomatoes and possibly black pudding) a pot of coffee and marmalade on toast. Also note that a gentleman serves himself at breakfast, the servants having swept the grates, set the fires, laid the table, cooked breakfast, and done all of that before you were awake, oh and then dressed you.

  12. FlamingDeath Silver badge

    Integrity, where the fuck is it?

    Anybody?

    I feel like that guy in RDR2 looking for his friend, Gavin

  13. Cynic_999 Silver badge

    I see no huge ambiguities in the law

    The current law hinges on whether you are or are not *authorised* to access a (particular part of a) computer system. What the argument being made in the article assumes is that authorisation is a binary condition - i.e. it must either be absent or it must be unconditional. But that is not the case. A person may have *conditional* authorisation to access a computer system or database etc. Authorisation can be implicit - e.g. yes you are authorised to access certain FaceBook databases - but only by going through FaceBook's normal front end. You are not authorised to access that same database by exploiting a vulnerability to tap into the raw database files.

    In the case in point, a police officer is authorised to access the PNC databases for the purpose of crime detection, prevention or enforcement. The officer is *not* authorised to access the PNC to see whether his daughter's new boyfriend has a criminal history. Or to sell licence plate information. Or to trace the whereabouts of his ex. Or to erase the criminal history of his brother.

    Just as a system administrator may be authorised to access a customer database in order to maintain & backup that database etc. Which does *not* mean that he is authorised to sell the CC details in that database on the dark web, or to list the contact details of customers and sell them to the competition.

    There may be a few grey areas where a person is uncertain of exactly what they are or are not authorised to do, but I suggest that there are not a huge number of such cases.

    1. Psmo Silver badge

      Re: I see no huge ambiguities in the law

      But what if your authorisation is based on your acceptance of overly-complex terms and conditions?

    2. heyrick Silver badge

      Re: I see no huge ambiguities in the law

      "What the argument being made in the article assumes is that authorisation is a binary condition - i.e. it must either be absent or it must be unconditional."

      Yeah, I was reading that and thought of Edward Snowden. I mean, the "you gave me access so I can do whatever the hell I like" angle really wouldn't fly, so why should it be any different just because the guy is a cop?

      He has been given access. Part of that is being trusted to use that access (and information) correctly within the necessary capacities of performing his job. Hawking off info for a bit of cash on the side is neither part of the job or making legitimate access to the information.

  14. gnasher729 Silver badge

    What’s the difference between looking up a license plate on a computer and looking it up in some paper files? I would think that looking up the information for money is a crime in either case. But with no computer involved, it’s obviously not computer fraud, and if the cop was authorised to lookup license plates, then it still isn’t.

    There was a case of a store employee whose job it was to use a computer to print and sell lottery tickets. She also printed out about $1,000 worth of tickets every week for herself without paying. She was charged with computer fraud and found not guilty because using that computer was her job. She was also charged with theft and found guilty.

    If that cop had no authorisation to lookup license plates and had to use a colleague’s login, that would be computer fraud.

  15. jason_derp Bronze badge

    This is dumb

    I'd rather let Van Buren go and send the message that the law needs to be turfed and rewritten. The CFAA is the nightmare that nightmares have, and people in countries with extradition treaties to the country that miscarried it into existence have to deal with it as well. Burn it down.

  16. DS999

    Even if they can't get him on that

    Surely they can get him for what is essentially bribery - if the plate database isn't public (and if it was I assume no one would be willing to pay him to look stuff up) then he's trading access his job allows for money. How is that any different than a tech company employee selling non-public information on future product plans?

    If nothing else, they can force all the cops to sign an agreement specifying how they will use information they have access to and the penalty for failure to do so. If they refuse to sign, fire them. Problem solved!

    1. keith_w Bronze badge

      Re: Even if they can't get him on that

      you don't have to fire them - something fraught with it's own court issues, you just don't give them authorization to access police computers.

  17. Anonymous Coward
    Anonymous Coward

    Is this article reporting or opinion?

    It's a terrible mess of some factual reporting with what appears to be the author's opinions thrown in for God knows what reason. If it was meant to be a commentary on a specific case, why isn't it labelled as such?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021