Category Archives: Law

Rosemond v. United States & technology providers

Yesterday, the Supreme Court issued its decision in Rosemond v. United States, which addresses the culpability of a man who was charged with aiding and abetting another person’s use of a gun in relation to a drug offense.  The court decided that he is liable if he knew ahead of time that one of the people he drove to a drug deal with had brought a gun.

In reaching that result, Justice Kagan, writing for the majority, re-addressed some fundamental principles of aiding and abetting law (Rory Little at SCOTUSblog calls the decision “a primer on aiding and abetting law”). Since I recently co-authored an article on the aiding and abetting liability of technology providers, this decision was of particular interest.

The article addresses the lingering confusion over whether the mens rea for aiding and abetting is “shared purpose” or “knowing assistance.” Justice Kagan serves up a sort of blending of the two ideas, which is common among appellate courts. Justice Alito, in dissent, writes that he wishes the court would have addressed the two differing standards, but instead “refers interchange­ably to both of these tests and thus leaves our case law in the same, somewhat conflicted state that previously existed.”  Justice Alito also says, however, that he thinks the difference between the tests is “slight.”

The point in our article is that this slight distinction can have important implications for technology providers who may be at risk of being considered accomplices of their users’ crimes. Rosemond certainly adds to the conversation about that topic, but doesn’t do much to answer the question. In fact, the Court, in footnote 8, expressly takes no view on “defendants who incidentally facilitate a criminal venture rather than actively participate in it,” as with “the owner of a gun store who sells a firearm to a criminal, knowing but not caring how the gun will be used.” This hypothetical strikes at the heart of the concerns faced by technology providers.

Interestingly, Justice Scalia joined the majority opinion except for footnotes 7 and 8. The Volokh Conspiracy has an interesting discussion about how, and why, that happened, as does DailyKos.)

In other news, our article, and its title, are featured on BookForum’s Omnivore blog today.

New Podcast on Criminal Liability of Tech Companies

There’s a new discussion up at “The Law Review,” a podcast run by legal research company Fastcase, discussing some of the ideas in my recent article, Technology and the Guilty Mind, about the potential criminal liability of technology providers for aiding and abetting their users. The guest for the conversation is Fastcase CEO Ed Walters.

The part that addresses the article starts around the 12-minute mark with a dialogue on Judge Posner’s hypothetical (discussed in the paper) about a dress seller who knows his client is using his dresses in her prostitution business. The  conversation then focuses on how doctrine about knowing assistance of criminals may apply to tech companies in the communications industry (like Fastcase).  Thanks to Fastcase for highlighting the article!

Update on Kim Dotcom Extradition

Kim Dotcom crowdThere’s been two significant developments this week in the ongoing effort to extradite Kim Dotcom (the CEO of the now-defunct Megaupload) from New Zealand to the United States to face criminal charges of copyright infringement. I’ve been following the proceedings since co-authoring Criminal Copyright Enforcement Against Filesharing Services, 15 North Carolina Journal of Law and Technology 101 (2013).

First, there is a development in regard to fallout from the January 2012 raid on Dotcom’s mansion conducted by New Zealand police, at the request of U.S. authorities.  Dotcom audaciously mocked the raid at the launch event for his new service “Mega” in January 2013 by staging “a raid re-enactment complete with helicopters marked ‘FBI,’ and dancing girls clad in military-style dress (but with miniskirts).”

Meanwhile, Dotcom has challenged the search warrant underlying the raid in New Zealand courts. This had some success. First, the Prime Minister apologized to Dotcom for the government spying on him. Then, in November 2013, a New Zealand High Court Judge ruled that the search warrants used in the raid were not proper because they were just “general warrants” and thus “did not adequately describe the offences to which they related.”

This week, however, Dotcom has faced a set back. On February 19, an appellate court issued a decision disagreeing with the High Court Judge’s analysis and concluding that the warrants were valid. You can read the appellate decision here.  Dotcom has vowed on Twitter to appeal to the New Zealand Supreme Court. But as noted by the Independent, “[t]he decision will benefit US prosecutors who say the Megaupload website has cost film studios and record companies more than $500 million (£300 million) and generated more than $175 million in criminal proceeds by letting users store and share copyrighted material, such as movies and TV shows.”

Second, the extradition hearing for Dotcom that was scheduled for April 2014 was delayed on February 25, with a new date yet to be set. It’s already been delayed before. The delay is probably meant to allow time for the proceedings about the search warrant to resolve. But Dotcom, in his standard provocative manner, has”accuse[d] the New Zealand government of interfering in the judicial process, to delay the hearings until after the country’s election, due in either October or November,” according to The Register.

Third, as a bonus, Dotcom gave an interview this week to Complex Tech in which he mouths off about the charges against him. He complains that Google has had many more takedown requests related to pirated links than Megaupload ever had, but yet is still in business. Of course, as my paper explains, Megaupload’s real problem wasn’t the number of takedown requests it received, it’s that prosecutors allege that the company either ignored those requests or helped facilitate the re-posting of pirated material.

Finally, Dotcom also mentions in the interview some sort of tripped-out new file service “called Meganet, which is basically kind of like a fluid ocean of data where whatever glass of water you dump into it you can never extract from it anymore, and you kind of just meet the water in the ocean somewhere.” We’ll see where that goes.

Technology and the Guilty Mind

Please check out my new article, “Technology and the Guilty Mind: When Do Technology Providers Become Criminal Accomplices?,” which was recently posted to SSRN. Here’s the abstract:

The creators of today’s most successful technologies share an important willingness to push the envelope — a drive that propels digital industry forward. This same drive, however, can lead some technology purveyors to push the limits of legality or even become scofflaws in their pursuant of innovation or (more often) profit. The United States must figure out how to harness the important creative force at the heart of the hacker ethic while still deterring destructive criminal wrongdoers. Because it is often courts that must answer this question, it is essential to examine the legal doctrines prosecutors use to sweep up technology providers.

This Article focuses on one type of criminal liability — accomplice liability — that can act as a dragnet on technology that lends itself to criminal use. In particular, a violation of the federal statute for aiding and abetting, 18 U.S.C. § 2, can be implied in every charge for a federal substantive offense, and there is a potentially troubling strain of cases holding that knowing assistance can be enough to deem someone an aider and abettor, even without stronger evidence of a shared criminal purpose.

This Article examines when proprietors of technology with both legal and illegal uses aid and abet their users’ crimes. The aim is to help courts, prosecutors, and technologists draw the line between joining a criminal enterprise and merely providing technology with criminal uses. The Article explains the legal doctrines underlying this type of liability and provides examples of at-risk technologies, including spam software, filesharing services, and anonymity networks like Tor. Ultimately the article concludes that the web of superficially conflicting rulings on the required mental state for aiding and abetting are best harmonized — and future rulings on liability for new technologies best predicted — by looking to the existence of “substantial unoffending uses” for the product or service provided by the technologist accused of aiding and abetting.

New Article in Santa Clara High Tech Law Journal Online

Kim Dotcom Pirate Megaupload

Sorry for the break in blogging; I’ve been focused on some other projects, including getting out the final versions of my article about criminal prosecution of filesharing services. A long-form version will appear in the North Carolina Journal of Law and Technology later this month, and a shorter discussion of the topic was published this week in the inaugural online edition of the Santa Clara Computer & High Technology Law Journal. Please feel free to check it out and leave comments.

Review: The Internet Police

Internet Police by Nate AndersonI recently finished “The Internet Police: How Crime Went Online, and the Cops Followed” by Nate Anderson, who writes for Ars Technica, and I loved it. I found his writing compelling and the stories fascinating. I’m sure that my being a lawyer influenced the book’s appeal for me, as Anderson has a particular focus on legal proceedings. In chapter 8, for example, he discusses being the only reporter to sit through the entire retrial of a lady sued for copyright infringement. Anderson’s familiarity with the law shows throughout the book. He was generally spot on in his discussion of legal topics, and I especially appreciated how he highlighted the important role for federal judges in shaping society’s approach to technology. In fact, federal legal proceedings or decisions take center stage in roughly half of the book’s chapters.

The chapters are helpfully broken down based on topics, and each one tracks a major story throughout the whole chapter.  I particularly enjoyed the discussion of the federal takedown of the child-pornography website “The Cache” (chapter 2), and the efforts to take out Sanford “Spamford” Wallace (chapter 7). Further, the story of “Sealand” and HavenCo, which I had not been familiar with, was very entertaining (chapter 1). The section on copyright infringement also interested me because it touched on many of the same issues discussed in my upcoming article about Megaupload.

As for general themes in the book, one consistent emphasis is how private parties often lobby the federal government to take over efforts to police online activity because of the government’s perceived greater resources. Another is how the tools developed by online criminals are the same tools (with the same threat to privacy) law enforcement uses to track criminals down.

Finally, I liked Anderson’s discussion of the balance of chaos versus regulation on the Internet, and the pros and cons of swinging too far in either direction (too much chaos=child porn, credit-card fraud; too much regulation=no innovation, no privacy). His summary of this balance near the end of the book nicely showcases what could be called the book’s thesis: “Life is messy business on the Internet as it is everywhere else, and we’re never going to engineer the mess out of it. That doesn’t mean we ever accept crime, piracy, or boorish behavior, but we tolerate them online just as we tolerate a certain amount of drunk driving, tax fraud, or jaywalking. Many such problems could be nearly eliminated if we just tried hard enough—required breath tests before every car start, conducted audits on every tax return, posted cops at every corner. But the cost of total order is totalitarianism; the real challenge is making prudential judgments about how we weigh risks and rewards, costs and benefits, order and chaos.”

Social media and Chicago gangs

Kids off the Block Stone Markers with names IMG 4815
Bricks with names of young victims
I want to draw attention to an excellent article in the October issue of Wired Magazine about how social media is amping up the gang wars in Chicago.  The article starts by discussing Chief Keef and Lil JoJo, two rival rappers who taunted each other through YouTube and Twitter. Keef got a million-dollar record deal; JoJo was shot and killed.

Ben Austen, who wrote the article, interviewed people on the ground in Chicago: community leaders, local rappers and gang members, and cops.  I’ll just flag a few tidbits I found interesting; I encourage you to check out the whole article.

First, Austen starkly describes the difficulties facing Chicago law enforcement:

Last year more than 500 people were murdered in Chicago, a greater number than in far more populous cities such as New York and Los Angeles. The prevalence of gun crimes in Chicago is due in large part to a fragmentation of the gangs on its streets: There are now an estimated 70,000 members in the city, spread out among a mind-boggling 850 cliques, with many of these groupings formed around a couple of street corners or a specific school or park.

Second, for fans of The Wire, the HBO crime drama that ran from 2002 to 2008, Austen explains how the show’s depiction of gang-life, praised at the time for its “realistic portrayal of urban life,” is already outdated:

Harold Pollack, codirector of the University of Chicago Crime Lab, says that in every talk he gives about gangs, someone inevitably asks him about The Wire—wanting to know who is, say, the Stringer Bell of Chicago. But The Wire, based in part on David Simon’s Baltimore crime reporting in the 1980s and ’90s, is now very dated in its depiction of gangs as organized crime syndicates. For one thing, Stringer Bell would never let his underlings advertise their criminal activities, as a Central Florida crew did this spring when it posted on its public Facebook page that two of its members had violated their parole and been arrested for posing with guns on their personal Facebook pages. Even a few years ago, a member of, say, the Disciples would have been “violated”—physically punished—for talking about killings or publicly outing a fellow member. But today most “gangs” are without much hierarchical structure, and many of the cliques are only nominally tied to larger organizations.

Third, in telling a story about how police warned the family of a 12-year-old that Keef’s crew was posting threatening comments on a video the boy had posted insulting Keef, Austen touches on how “predictive policing” is far less exotic than critics often allege:

For a long time, criminal-justice experts have talked about predictive policing—the idea that you can use big data to sniff out crimes before they happen, conjuring up an ethically troublesome future like the one depicted in Steven Spielberg’s Minority Report. But in Chicago and other big cities, police are finding it’s much easier than that. Give people social media and they’ll tell you what they’re about to do.

Finally, Austen observes that insulting a rival crew is “so much easier to do online than face-to-face.” This comment, interestly, echoes the heartbreaking-but-hilarious interview Louis C.K. did this week with Conan O’Brien about why he won’t let his kids have smart phones: “They look at a kid and they go, ‘you’re fat,’ and then they see the kid’s face scrunch up and they go, ‘oh, that doesn’t feel good to make a person do that.’ But they got to start with doing the mean thing. But when they write ‘you’re fat,’ then they just go, ‘mmm, that was fun, I like that.’”

Chicago proposes stronger maintenance requirements for vacant properties

Rahm EmanuelNews broke this week that Chicago is planning to amp up its vacant-property-maintenance requirements.

The new amendments were announced by Mayor Rahm Emanuel and Alderman Jo Ann Thompson after the city received a rash of calls about maintenance problems with vacant buildings. Most significantly, the changes would require lenders and owners to secure vacant property immediately, rather than the current allowance of 30 days. Also, the proposal would allow Chicago to issue fines after just one inspection, rather than two as current law provides. According to the Chicago Tribune, this amendment “is designed to trim to two months from three the process of citing a building owner and getting the case before a hearing officer, as well as to save manpower.”

Interestingly, this announcement comes on the heels of a ruling that the Federal Housing Finance Agency doesn’t have to comply with Chicago’s registry program for vacant buildings, exempting a large number of properties with mortgages owned by Freddie Mac or Fannie Mae.

States are enacting stronger privacy laws

Police_car_computer_USAAs we wait for Congress to revamp the Electronic Communications Privacy Act (of 1986!), a few states are taking the lead in setting privacy laws.

One of the recognized problems with the ECPA is that it does not require a warrant for law enforcement to search opened email, or unopened email that is more than 180 days old. This year, the Justice Department conceded that “there is no principled basis to treat e-mail less than 180 days old differently than e-mail more than 180 days old,” and that “it makes sense that the statute not accord lesser protection to opened e-mails than it gives to e-mails that are unopened.”

The first state to enact stronger protections has been Texas, which in June passed HB 2268, which requires warrants for state and local officials to access email.

Montana similarly enacted HB 603, which restricts the ability of law enforcement to access email or cellphone-location data without a warrant. Amusingly, according to Brian Fung in the Washington Post, “many Montanans had no idea they had become pioneers in privacy law,” likely because of their deep-seated views on the importance of privacy. Maine also enacted laws requiring warrants to access text messages and geolocation data (the latter even in spite of a veto from the governor).

Notably, as observed by Ryan Gallagher in Slate, both Maine and Montana rejected the Justice Department’s view that warrants should be required for tracking cellphone locations in real-time but not for accessing historic location data.

More state laws are in the works. Officials in New York and Florida will consider privacy bills this year, and the legislature of Massachusetts recently met to review a bill addressing email and geolocation privacy. Without a doubt, these state efforts are essential groundwork for the looming federal debate on this issue.


Judge says federal law preempts property registration ordinance

Old Lithuanian cinema in Bridgeport
Vacant Ramova Theater
As I’ve mentioned before, the Federal Housing Finance Agency filed a lawsuit against Chicago last year arguing that foreclosed properties with mortgages backed by Freddie Mac and Fannie Mae are exempt from the city’s vacant property registration requirement. By one count, there are nearly 200 such properties in Chicago.

Last week, a federal district judge decided against Chicago, relying on two alternative reasons.

First, the judge determined that Chicago’s ordinance was “preempted” by federal law. “Preemption” is legal doctrine, based on the Supremacy Clause, that allows Congress to displace state and local law, either explicitly or implicitly. FHFA argued that Chicago’s ordinance is preempted by the Housing and Economic Recovery Act of 2008, which gives FHFA, acting as conservator of Freddie Mac and Fannie Mae, freedom from “the direction or supervision of any other agency of the United States or any State.” 12 U.S.C. § 4617(a)(7). Because the Act doesn’t mention “local government,” the judge ruled that it does not expressly preempt Chicago’s ordinance. But the preemption is implicit, the judge reasoned, because “Congress could not have intended to preclude other federal agencies and states from regulating FHFA’s operations, but permit thousands of municipalities all over the country to impose varying ordinances and obligations on FHFA.” Moreover, the judge noted, Chicago’s ordinance conflicts with Congress’s clear intent “for FHFA to possess exclusive authority over Fannie Mae and Freddie Mac’s business operations—including their management of the homes in which they have a security interest.”

Alternatively, the judge concluded that Chicago’s ordinance impermissibly imposed a tax on FHFA, in violation of the “absolute federal immunity from state taxation.” United States v. New Mexico, 455 U.S 720, 730 (1982). The basic difference between taxes and fees is that fees are paid for services rendered and taxes aren’t, or a fee may be charged for costs incurred as part of regulating a core part of an entity’s industry. The judge thus decided that Chicago’s ordinance imposed a tax because “FHFA does not receive any service from the City in exchange for the registration fee, and . . . vacant property is not a necessary consequence of FHFA’s mortgage lending business.”

This ruling “has national implications,” notes Mary Ellen Podmolik in the Chicago Tribune, because of the many VPR ordinances nationwide, which the Tribune estimates at more than 1,000. An appeal seems likely: As one local attorney pointed out, the judge himself noted that “[t]his may not be the last court you’re in front of, once I rule.”