Did A Former National Parks Employee Violate The CFAA By Tweeting About Climate Change?
from the the-tweets-heard-round-the-world dept
As you may have heard, over the past few days, there's been a lot of talk about various US government Twitter feeds "going rogue" in what many believe is an attempt at a bit of civil disobedience following gag orders being sent from the White House to various federal departments and agencies, with a particular ban on social media. Soon after that came out, the Twitter feed of the famed Badlands National Park in South Dakota, started tweeting about climate change:
But, that alone doesn't necessarily make it worthy of a Techdirt post (yes, there's a possible Streisand Effect angle on all of this, but it remains to be seen how strong that really is). What caught my eye, however, was how the National Park Service eventually explained those original Badlands tweets, telling BuzzFeed that they were done by an ex-employee who had retained his password, but wasn't authorized to tweet from the account:
National Parks says the @BadlandsNPS climate tweets were deleted because a former employee "compromised" the accounthttps://t.co/4YF1sMJaYa pic.twitter.com/F3fl5f6gnP
— BuzzFeed News (@BuzzFeedNews) January 25, 2017
Now, the exact wording of that statement also made my ears perk up, because "not currently authorized to use the park's account" could have pretty serious legal consequences. As reporter Matt Pearce unfortunately, but correctly, points out, this could be interpreted, by some, to be a violation fo the CFAA.
Oy. Under CFAA, that could be interpreted as criminal hacking, yes? https://t.co/XwJa9B7MDP
— Matt Pearce (@mattdpearce) January 25, 2017
You remember the CFAA, of course. That's the "anti-hacking" Computer Fraud and Abuse Act, that has an unfortunately long history of being twisted and questionably interpreted to mean that just about anything people don't like that you do on a computer is potentially a violation. In particular, many cases have focused specifically on what constitutes "without authorization" or "exceeds authorized access" under the law. The fact that the NPS directly claims that this person was "not currently authorized" certainly could be seen to trip the "without authorization" or "exceeds authorized access" lines.
Of course, the CFAA has different sections -- and most of the cases we talk about tend to focus on 1030(a)(4) which covers accessing information whose value is over $5,000. It's difficult to see how one could twist the Badlands tweets as being about accessing information valued at more than $5,000, but there is also 1030(a)(3), which one would hope also would not apply... but where you could see an overzealous DOJ try to make it stick. That's the section that says it's a violation of the CFAA to access a computer that "is used by or for the Government of the United States and such conduct affects that use by or for the Government of the United States."
Now, it's pretty clear that the intent here is to go after someone who hacks into a system and somehow interferes with the government making use of that computer (and, remember, the entire reason we have a CFAA is because some clueless politicians -- including Ronald Reagan -- freaked out about the very, very fictional movie War Games). But, given how the DOJ has stretched the interpretation of the CFAA in the past, would it be possible for them to try to claim that by making unauthorized access to a Twitter account, and tweeting those tweets, it was using a computer that "is used by the Government" and the "conduct affects that use by or for the Government of the United States" and that the access was "without authorization"? It... seems unfortunately possible.
So far, the administration doesn't seem too concerned about this... but just the fact that this is even possible is yet another reminder of just how ridiculous the CFAA is, and how it is in desperate need of serious reform.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cfaa, climate change, donald trump, former employee, national park service, tweets, unauthorized access
Reader Comments
Subscribe: RSS
View by: Time | Thread
WarGames is not very, very fictional
Saying that WarGames is very, very fictional is a gross overstatement that obscures the fact that hacks similar to all of those shown in the movie had, in fact, already happened to a similar level (although nukes didn't almost get launched, someone did hack into a server that helped control nukes).
[ link to this | view in chronology ]
Re: WarGames is not very, very fictional
I think that step between getting into the server and almost launching the nukes, is a very wide, abyssal one, and that's what makes Wargames particularly fictional.
very, very maybe hyperbole, but very, very is very, very seldom not hyperbole.
[ link to this | view in chronology ]
Re: WarGames is not very, very fictional
While you should remain cautious of course, the lesson shouldn't be that there's a teenager ready to hack into you at a moment's notice. The lesson should be that in that story a teenager inadvertently accessed a backdoor that was left accessible from public phone lines. Therefore, it's a bad idea to have such accessibility, and even worse to be able to actually launch weapons from something the hacker will believe is simply a game with no real life consequences.
Instead, we seem to have people willing to leave wide open backdoors in case they need one, but strip rights away from everyone else in case they happen to access them.
[ link to this | view in chronology ]
it was using a computer that "is used by the Government"
Unless he still has his government issued computer, then all he did was access a (somewhat) random Twitter server. I actually want to see the government argue that every server accessed by the government falls under this statute. That would pretty clearly lead to about 80% of the internet by volume falling under this rule.
[ link to this | view in chronology ]
Fired
[ link to this | view in chronology ]
Sooner or later, the Trump administration is going to decide...
...that someone it dislikes used a computer, and that's grounds enough to imprison them for a long time via the CFAA.
Rarely-enforced oft-committed crimes are merely tools for current administrations to rid themselves of enemies with a sense of legitimacy.
[ link to this | view in chronology ]
"Hey, knock that off."
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Trump's straw-man reality is burning!
The worst (and most dangerous) case is people who are shallow thinkers, but who think they are deep thinkers, and #PresidentTweety is one of those people. Trump is not at war with the media. He is at war with reality. Trump wants to create belief in a straw-man fake reality of horror and collapse so he can then claim improvements by tweaking the fake beliefs back towards reality.
At least Duterte killed (alleged) evildoers and Mussolini made the trains run on time! That's not the reality of America. (Well, actually the American trains aren't so reliable, but Trump's supporters in flyover country are the least likely to use trains.)
My favorite sig should make it obvious, but I'm on the side of more deep thinking. You have to think deeply to understand your free choices in a meaningful way and to understand the constraints and their sources. (That's why "freedom of speech" is so confusing to many people, because the "speech" may be opinions or lies just as freely as it may be true.)
So far my best effort at a constructive "solution" is the design of the deep-thinking cap, but it's yet another "morally neutral" tool. While I think I would use the cap to support more deep thinking, maybe I would just use it to sleep a lot. Some people might use it to listen to more loud and mindless music while ignoring other people, even though the cap could be used as a better communication device, too.
--
#1 Freedom = (Meaningful - Coerced) Choice{5} ≠ (Beer^4 | Speech | Trade)
[ link to this | view in chronology ]
Re: Trump's straw-man reality is burning!
Some stuff at the beginning there sounded right but by the end I had no idea what you are on about.
There's deep thinking, and then there's deep up your own ass thinking...
[ link to this | view in chronology ]
Re: Trump's straw-man reality is burning!
Extending the typology, there are also super-shallow people who, having nothing to say, insist upon saying nothing. Usually ACs, but TechDirt doesn't seem to have any convenient way to render the ACs invisible.
[ link to this | view in chronology ]
Re: Re: Trump's straw-man reality is burning!
"
Thank god for that.
"TechDirt doesn't seem to have any convenient way to render the ACs invisible"
What else could we do to make your visit here more comforting? Sounds sorta like Trump complaining about the media not treating him fairly, he just might be able to have them "disappeared".
[ link to this | view in chronology ]
Re: Re: Re: Trump's straw-man reality is burning!
[ link to this | view in chronology ]
Re: Re: Trump's straw-man reality is burning!
Don't you sometimes wonder why the trolls? Not a lot of wonder. Not worth it.
[ link to this | view in chronology ]
Streisand Effect? Oh, Please!
Each of those posts will be traced back to an employee, and that employee will be FIRED FOR CAUSE.
It's a strategy designed to catch idiots - and it's extremely effective at doing so.
[ link to this | view in chronology ]
For me, the shoe fits...
[ link to this | view in chronology ]
Re: deep thinking cap
but how will you defeat the thought activated automated face smackers? *surely someone in the trump admin's working on those. probably 42 people.
[ link to this | view in chronology ]
I remember how the Prenda gang abused that statue when the Judges caught onto their trolling efforts and Steele & Hansmeier used the CFAA to sue BitTorrent down loaders by saying the down loaders hacked into Guava servers and thus Prenda could get the subscriber info from the ISP's to get the extorion -er-settlement letters out to the victims
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
Always have been - no?
Government organizations tent to be political, not really news is it? That is not a valid reason to eliminate the dept.
[ link to this | view in chronology ]
Re: Re: Re:
Those departments that have been politicized have been made that way the better to implement partisan policy. This is deliberate as the people who work for them — administrators like myself — can't be fired and replaced very easily, while the directors can. This means that, even in a Congress ruled by t'other side, the policies of the party favoured by the department will continue no matter what. For this reason, it ought to be illegal to politicize a department, the better to ensure government by the people for the people rather than government by the party for the party.
For the record I don't care which side does this, it's profoundly undemocratic and only tends to entrench the status quo, hence Trump. People get fed up of the party games after a while and demand change at any cost. I think we're at the "counting the cost" stage now. It'll get worse before it gets better but when the Great Overhaul finally happens, it needs to include the de-politicization of government departments.
[ link to this | view in chronology ]
I hope TD keeps an eye on the developments of this case.
[ link to this | view in chronology ]
Re:
https://www.techdirt.com/articles/201604 23/16370634255/rhode-island-attorney-general-pushing-state-level-cfaa-that-will-turn-researchers-whi stleblowers-into-criminals.shtml
Have a good look through these: https://www.techdirt.com/blog/?tag=cfaa&start=10
Bring a hankie, you'll need it.
[ link to this | view in chronology ]
Some one did something that upset someone else who happens to be in a position of power and influence ....
So they have someone else look into what laws could be used to go after those horrible horrible mouthy people for what they did. Sounds a bit juvenile doesn't it?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Doesn't Seem Too Ridiculous
[ link to this | view in chronology ]
Maybe not
The person was an employee (and authorized) when they tweeted. Then they got fired. And then the tweets were deleted. And then the Tweet which says they are an ex-employee who is not currently authorized.
Somehow, I don't think they would have included the "currently" in the Tweet if the person had never been authorized. So the question is what is the timing.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]