Security → Re: Is it legal to give fake information on the Internet?

Ahem. I remember this case well. There was outrage when cyberbullying led to a 13 year old's death. So they TRIED every way possible to charge her.

However, as I've already stated, unless they have a good REASON to go after you for faking your name (public outrage over a 13 year old's death is a good reason), merely faking a name is NOT a crime.

And what was the verdict?

"This case was heard by a jury, and the jury's verdict was announced on November 26, 2008.[1] The jury was deadlocked on Count One for Conspiracy, but unanimously found Drew not guilty of Counts Two through Four. The jury did, however, find Drew guilty of a misdemeanor violation of the CFAA.[4]

On November 23, 2008, Drew filed a motion for acquittal.[10] On Aug. 28, 2009, U.S. District Judge George H. Wu formally granted Drew's motion for acquittal, overturning the jury's guilty verdict.[10]" »en.wikipedia.org/wiki/Un ··· ori_Drew

So even when they tried to have the court INTERPRET that the violation of the TOS was a crime because of the cyberbullying of a 13 yr old, they could NOT make it stick.

You're right. The judge did acquit charges her of any CFAA misdemeanor, but the holding/reasoning is not binding in any way or fashion on any court (even the Central District of California). I'm pretty sure depending on the situation another district court would decide to hold differently.

Therefore legislation needs to make clear that a breach of contract (TOS) is not a violation of CFAA. In addition, as I have stated before there are STATE anti-hacking statutes as well as the federal anti-hacking statutes.

I seem to recall an Ohio case where a guy was using his work computer to solicit a dominatrix. If I remembered right no sex (or was it money) was involved, so they tried to charge him with hacking, basically by using the work computer to access craigslist, he was "overexceeding his authorization."

Found reference to the case. »www.geeksaresexy.net/200 ··· hacking/

There are two different issues at play here.

On the one hand, from a user and practical standpoint, faking your name, birthday, etc. to use a web service isn't inherently illegal. Just as you can decide to write a book under a pseudonym, I'd call this just a reasonable practice giving all the security risks that exist today.

On the other hand, if you do something that causes harm or damage to a government office, a large corporation or even a private individual, if it is worth their while, they will look at every possible statute and try to charge you with that crime, using any case that they find as a legal precedent. The "hacking" laws were not designed for this, and lets hope that these laws are clarified soon.

However, in many ways this is the same issue as what happens when you film a police officer not fulfilling his duties. In all likelihood he'll arrest you, and if there was audio recorded, depending on the state, he'll try to get the district attorney to charge you with violating the wiretapping law. Of course, that wasn't what that law was designed for.

The result is that nothing is 100% safe from prosecution, including many sexual acts between consenting adults in the privacy of their own home. That doesn't stop them from doing it or make me worry about them. Most of the laws just haven't caught up yet with the times we live in.