Scumbag Revenge Porn Site Operator Arrested... But Many Of The Charges Are Very Problematic
from the bad-cases-make-bad-laws dept
A fair amount of attention has been paid to the announcement from Kamala Harris, the attorney general for California, that Kevin Bollaert, the operator of a revenge porn site, and corresponding "pay me to take down the revenge porn" site, has been arrested and charged with a variety of crimes, including extortion. Make no mistake about it: Bollaert is a scumbag and these revenge porn sites -- especially those with the extortionate concept of "pay us to take down those nude photos you never wanted posted in the first place" -- are highly problematic. But... as with all kinds of "highly problematic" activities, it all too often happens that law enforcement's zeal to take down the bad guy means they twist laws in dangerous ways that could have significant consequences for plenty of good sites. That appears to be the case here.Again, Bollaert is a despicable person. A year ago, Adam Steinbaugh was one of the first to detail the nasty practices of "YouGotPosted" (or "UGotPosted") and the companion site "ChangeMyReputation." However, as Eric Goldman details, there are a bunch of dangerous problems with the charges that Harris filed against Bollaert, mainly in that many of them seem to blame him for the way users use the site -- something that the site is protected from under Section 230:
The other two asserted unlawful purposes are (1) online harassment per Penal Code 653m(b) (criminalizing “repeated contact by means of an electronic communication device”), and (2) the civil tort of public disclosure of private facts (citing a troubling precedent, In Re Rolando S.). Unlike the extortion claim, both allegations depend on the behavior of the website’s users. The complaint doesn’t allege that Bollaert himself made repeated contacts with victims using an electronic communication device, or that Bollaert himself disclosed anyone’s private facts. Instead, the complaint alleges that Bollaert ran a UGC website where users performed unlawful activities. But that’s exactly what UGC websites do: they let users publish content online for both good and evil. If we hold UGC website operators responsible for the fact that their users sometimes commit crimes, then all UGC website operators are criminals.It's no secret that the various state attorneys general, including Harris, would love to wipe out Section 230. So perhaps she sees this as a chance to take a case so emotionally charged that she can get a favorable ruling. That's dangerous, since as Goldman notes, this would effectively wipe out Section 230 for many, many sites that allow user contributed content.
Fortunately, that’s not the law. In 1996, in 47 USC 230 (Section 230), Congress said that websites aren’t liable for third party content, even if the third party violates state criminal law. From my perspective, based on the allegations in the complaint and arrest warrant, the identity theft charges predicated on harassment and privacy violations appear to be preempted by Section 230
A second problem with the complaint is that it relies on an identity theft law used against Bollaert. But anyone looking at the situation would know right away that this isn't any kind of identity theft. Again, Goldman explains:
The crime asserted here, Penal Code 530.5(a), has two elements. First, the defendant must willfully obtain personal identifying information. Second, the defendant must use that information for an unlawful purpose.The one area where the claim may actually make some sense is the extortion claim -- as that definitely seems questionable. However, once again, this can run into some problems. For example, you can see a perfectly legitimate service that charges some sort of processing fee to take down content that had been previously posted. Merely charging to remove content, by itself, shouldn't be seen as extortion. Hell, we've recently had comment spammers who apparently got punished by Google's search rankings email us about removing the comment spam they were able to sneak through our spam filters. When I mentioned how silly this was on Twitter, many people suggested that we should charge the spammers to remove their spam comments. That actually seems like a reasonable (if amusing) idea. But would that be extortion? Under the claims against Bollaert, it's possible that such an action would be considered the same thing -- but I doubt most people would think the request to spammers would be extortion (not that we've done it either way).
When applied to actual identity theft, these elements make sense. If I steal your social security number and use it to obtain a credit card that I use to run up fraudulent charges, the two elements are clearly satisfied.
As applied to Bollaert, in contrast, the elements are confusing. (The criminal complaint, as typical for the genre, doesn’t explain how the law applies to the facts). How did Bollaert willfully obtain personal identifying information? He allegedly ran a UGC website where users could submit photos and personal information structured into standardized categories. It seems like this allegation would equally describe how all UGC websites “willfully” obtain content from their users.
And that leaves this whole case in a tricky spot. Bollaert's site was a problem. What he was doing was despicable in so many ways it's almost difficult to keep track of them all. But, if the case is allowed against him, it's quite possible that very bad precedents will be set that lead to significant problems for tons of legitimate sites. As Goldman notes, however, there's a good chance it will never get this far. Bollaert almost certainly will take a plea deal, and Harris will get yet another headline about how she's protecting the citizens of California, even if her legal theories might undermine its economy -- and many of the sites that people around the globe enjoy.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: california, extortion, identity theft, kamala harris, kevin bollaert, liability, revenge porn, section 230
Companies: changemyreputation, yougotposted
Reader Comments
Subscribe: RSS
View by: Time | Thread
If you change it to "pay me or I will not give you this latte" or "pay me to take down something that I did not put up for the purpose of harming you until you pay to make it stop" (you know, like as a service) then it's not really extortion anymore.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Charging someone to remove content someone ELSE put up for revenge porn is definitely extortion. It's a service that only serves to embaress someone, they don't want to appear on it, but they get put up on it, and the only way to get themselves taken off is to pay.
[ link to this | view in chronology ]
That STILL doesn't necessarily describe identity theft. You have to use the information to IMPERSONATE the person for an unlawful purpose for it to be identity theft.
[ link to this | view in chronology ]
Re:
It may not describe identity theft in the popular imagination, but it describes it well under California statutory law: obtaining personal information and using it for an unlawful purpose.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Linked Court Document?
I believe the document you want is https://oag.ca.gov/system/files/attachments/press_releases/Complaint_3.pdf
[ link to this | view in chronology ]
Re: Linked Court Document?
[ link to this | view in chronology ]
Well there goes YouTube, Dropbox etc. so can understand that the MAFFIA should want to get rid of Section 230.
[ link to this | view in chronology ]
You know, Mike, one can get into "phony" trouble with real actions.
Let's just REVILE THE BAD ACTORS FOR MAKING US BEAR THE "very bad precedents"! Coming down hard on those few is the only way to stop them, and is entirely justified. -- And that's going with your notion that all the bad precedents are used without prosecutors ever exercising any common sense at all: in fact, most prosecutors remain surprisingly right-minded and ONLY apply extra on cases like this which are WAY beyond the pale.
Whenever restraints are taken off, people NEVER become better. Especially not The Rich.
04:09:59[f-82-5]
[ link to this | view in chronology ]
Re: You know, Mike, one can get into "phony" trouble with real actions.
Care to link to a citation from your distorted view of common law where society held the blacksmith accountable for the actions of the swordsman or anything similar?
Section 230 is about placing liability where it belongs - on the user who actually committed the act, not the tool used.
[ link to this | view in chronology ]
Re: Re: You know, Mike, one can get into "phony" trouble with real actions.
This is actually the best (and most original) analogy for this situation. I was going to make a comment about blaming the car manufacturer for the actions of a car's owner, but yours is much more appropriate for this scenario.
Let's just hope the US justice system doesn't screw up so much that we end up having to support this scumbag because his trial could set some really, really bad precedents.
Wait a second. A government lawyer blaming the site's owner for the actions of its users? I feel like I've heard this song and dance before...
[ link to this | view in chronology ]
Re: Re: Re: You know, Mike, one can get into "phony" trouble with real actions.
[ link to this | view in chronology ]
Re: Re: You know, Mike, one can get into "phony" trouble with real actions.
[ link to this | view in chronology ]
Re: Re: Re: You know, Mike, one can get into "phony" trouble with real actions.
Ok, I see your point in that, but your analogy is also off a bit. You might have a stronger point if the blacksmith was forcing the swordsman to participate in the death match. But that's not like what is happening here, the swordsman is participating of his own free will. (just to be clear - the person I am equating the swordsman to is the person who uploaded the images - not the subjects of the photos themselves - they were wronged and the uploaders are liable for that IMHO).
Also, like Mike, I believe that site operator is a total asshole and deserves punishment, just not at expense of all the other user-generated sites on the web. That type of collateral damage is way too much.
He profited from the website. Though I haven't seen it I'm sure there were adverts on it not to mention he charged to take the pictures down.
From the other exchanges we've had I can tell your a pretty intelligent person, but you do have a HUGE blindspot when it comes to liability and making money from something. Making a profit does not necessarily infer responsibility for another's actions.
For example, if someone commits suicide because they listened to one of your songs, are you liable because you sold that song for money?
[ link to this | view in chronology ]
Re: Re: Re: Re: You know, Mike, one can get into "phony" trouble with real actions.
absolutely not. However, I must say if the "blacksmith" is selling tickets to the death match (advertising profits) he is running a business. As a business owner, he can't say "I'm not responsible for what happens in the death match." Making money changes the equation. He is an active participant and there in lies the liability. He no longer can say I just made the sword. He made the sword, provided the venue and is getting paid from people buying tickets to the spectacle HE created. He becomes responsible because he facilitated and orchestrated the entire thing. It doesn't matter if the swordsman volunteered or not because, but not for the blacksmith, none of it would have happened.
[ link to this | view in chronology ]
Re: You know, Mike, one can get into "phony" trouble with real actions.
Yeah, fuck rights! Only innocent people deserve rights, and anyone accused by the state can't be innocent! If necessary, we should make up laws on the spot to punish the obviously guilty!
(Do you even read what you write before you post it, or does your inane babbling spew forth involuntarily, like explosive diarrhea?)
[ link to this | view in chronology ]
Re: You know, Mike, one can get into "phony" trouble with real actions.
[ link to this | view in chronology ]
Where?
With Techdirt, it would be quite simple, if someone posted something illegal in comments. Site operator isn't liable.
With a UGotPosted site, it's sole purpose for being is to allow and invite the illegal posts. The site operator might not make the posts himself, but it seems to me he's a clear participant of the posts since he not only invites only that type of post but it's the sites only reason for existence.
Same for a "reasonable" administrative cost charged by a site to remove any such post. $25-$50 nuisance fee to the person that posted it, like you mentioned about spam comments? Or charge several hundred dollars to somebody else who didn't post it? And again, that's the sites sole reason for existence.
[ link to this | view in chronology ]
Re: Where?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Not as problematic
[ link to this | view in chronology ]
I guess some politician's daughter got exposed for everyone to see, so now we see retardness happening. Let's go against the service providers and not the real scam artists that break the internet. Let's not even go against people uploading the said videos without authorization, just the provider.
Priorities. God bless 'murikah.
[ link to this | view in chronology ]
Re:
By contrast, it would not have been your action that got your images posted to this revenge-porn site, the site knows the person who did post it doesn't have the right to and actively solicits such postings and it isn't the person who made the posting who's being charged to remove it.
[ link to this | view in chronology ]
Re: Re:
I agree that for the end user, it's more disastrous to have their privates posted online... but again, service provider. They chose to have those pictures taken knowing full well of the possible consequences. Why not go after the ex'es that uploaded it? Because going after an ass hole gets more public empathy.
So back to the analogy:
- We have some asshole company that willfully makes it so you cannot communicate with other companies that aren't so tech-savvy.
- You have some asshole that allowed major assholes to upload asshole videos.
I rest my case.
[ link to this | view in chronology ]
Re: Re: Re:
That's the excuse the dirtbags who run these sites use.
They did not choose to have them posted publicly. Only the person they specifically sent them to had the right to view (not publish) them, unless explicit consent was given.
There's the consequence of having your phone conversations and private emails recorded by the people you converse with and they could be posted on a website somewhere. Does that make it your fault too? Should you just give up communicating?
[ link to this | view in chronology ]
Re:
Second, they're VERY conservative about what they list. Far too conservative in my opinion, but that's their choice.
Third, when the spam stops, they delist. (I disagree with that too, but again: their choice.)
Fourth, if what you're doing is so persistent and egregious that you come to Spamhaus's attention, then you deserve FAR worse punishment than merely being listed by them. In my opinion, you should be banished from the Internet for life. Unfortunately, that's not their policy nor is it possible.
Finally, if you don't grasp the difference between an innocent person's naughty bits being put on display to the world and a spammer's despicable abuse being cataloged, then you really need to adjust your perspective.
[ link to this | view in chronology ]
Re: Re:
I dare you to find a decent sysadmin that still uses those criminals.
[ link to this | view in chronology ]
In wisconsin - did you have premission to delete the google cookies?
943.70(2)
(2) Offenses against computer data and programs.
(a) Whoever willfully, knowingly and without authorization does any of the following may be penalized as provided in pars. (b) and (c):
1. Modifies data, computer programs or supporting documentation.
2. Destroys data, computer programs or supporting documentation.
3. Accesses computer programs or supporting documentation.
4. Takes possession of data, computer programs or supporting documentation.
5. Copies data, computer programs or supporting documentation.
6. Discloses restricted access codes or other restricted access information to unauthorized persons.
(am) Whoever intentionally causes an interruption in service by submitting a message, or multiple messages, to a computer, computer program, computer system, or computer network that exceeds the processing capacity of the computer, computer program, computer system, or computer network may be penalized as provided in pars. (b) and (c).
(b) Whoever violates par. (a) or (am) is guilty of:
1. A Class A misdemeanor unless any of subds. 2. to 4. applies.
2. A Class I felony if the offense is committed to defraud or to obtain property.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Contrast that to a site that actively markets itself as a place to post ads and solicitations for stolen car parts. The site has to know that the posts it's soliciting are illegal. When the users post exactly what the site asked for, the site can't hide behind "We don't control what they post." because it could have controlled it (eg. by not asking for posts offering stolen parts).
[ link to this | view in chronology ]
inducement
[ link to this | view in chronology ]
Re: inducement
[ link to this | view in chronology ]
Re: Re: inducement
MGM v. Grokster is based on copyright law which includes provisions for contributory infringement. This case is not about copyright law.
It's a fairly simple 3-prong test that determines if Section 230 immunity applies:
1) The defendant must be a "provider or user" of an "interactive computer service."
2) The cause of action asserted by the plaintiff must "treat" the defendant "as the publisher or speaker" of the harmful information at issue.
3) The information must be "provided by another information content provider," i.e., the defendant must not be the "information content provider" of the harmful information at issue.
There is nothing (afaik) concerning inducement of illegal actions that would limit the protection Section 230 provides.
[ link to this | view in chronology ]
Re: Re: Re: inducement
Long and short, you don't get to solicit blackmail material, use it to pry money out of people and then hide behind "Someone else gave me the stuff, I'm not responsible for having used it.".
[ link to this | view in chronology ]
Re: Re: Re: Re: inducement
I thought (I could be wrong, IANAL) the sticking point in the Roommates.com case was the illegal questionnaire they required their users to answer in order to use the site that caused the loss of Section 230 immunity, not the actual nature of the site itself or it's solicitation for any particular kind of content.
How is that applicable here? To be honest I've never visited this stupid revenge porn site, nor do I really want to, so I really don't not know how it's setup.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Available Law
Most people do not realize the people behind the Enron fraud were convicted on the basis of various fraud statutes on the books before the collapse of Enron.
[ link to this | view in chronology ]
SMMFH
There is only one goddamn reason for that and it's so make sure people find out. It would be pretty damn unlikely that anyone would actually find themself posted all over an informative murder porn site.
There will always be people that's going to push the limits of freedom, but we must remain vigilant. If not everything we stand for will become even more meaningless than it already is.
[ link to this | view in chronology ]
Aren't there enough laws?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
If I stay it will be double
[ link to this | view in chronology ]
Extortion
There was talk that the credit card companies were going to stop processing payments for them, but I don't think that happened except for American Express. I know that Google made a change so that when you search for a person's name the mugshot websites have been moved way down the list and off the first page of results.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
sumbag revenges video
[ link to this | view in chronology ]