FC: More on anonymity without liability, OJR.org author replies

[Declan McCullagh <declan () well com>]

[The below is a response to my comments at 
http://www.politechbot.com/p-01631.html --Declan]

*********

Date: Fri, 12 Jan 2001 12:58:16 -0800 (PST)
From: "Joshua S. Fouts" <fouts () rcf-fs usc edu>
To: Declan McCullagh <declan () well com>
Subject: Overing's Response

Dear Declan,

I think forwarded your response to Michael Overing and am including his
response below.

Your comments do alot to round out a complicated subject.

Could I have your permission to reprint you comment on the OJR message
board?  I think it would be instructive and informative to our readers.

Best,

Josh

---------- Forwarded message ----------
Date: Fri, 12 Jan 2001 12:34:14 -0800
From: Michael Overing <movering () earthlink net>
To: fouts () usc edu
Subject: Re: End of online anonymity without liability, from OJR.org (fwd)

Thanks for the comments.  Declan's comments are absolutely accurate,
particularly his view that the 9th circuit may have gone too far.  But from
a litigator's perspective, I take issue with the idea that the column's
analysis is wrongheaded.  From a litigation perspective, I now have a new
cause of action which allows me to file a number of lawsuits as a site
operator that I probably didn't have before.

Consider this:  someone gains access to my site by entering a false credit
card number and placing orders.  Now, I can sue for false credit card debt.
But, I can make an argument that the false pretenses used to access the site
also violate the Wiretap statute.  I might choose not to file such a claim
for a variety of reasons, but a good lawyer will tell me I should consider
it.

A second example:  I want to know what kind of benefits a competitor is
offering its employees.  I login to their extranet under an employee's name
(with the employee's permission) and learn that the competitor offers a
401(k).  I am potentially liable because the site operator did not give me
permission to enter the site.

A third example:  I have an Internet account with earthlink for surfing and
for email.  I give my secretary my password so she can surf on her lunch
hour.  She does and now Earthlink could sue.

Declan is probably correct that truly anonymous surfing to a public site
isn't likely to be implicated.  For example, Joe Public who logs on to a XXX
site isn't going to be found out unless he gives the site information about
himself.  Cookies allow the site to track him (and his viewing habits), etc.
But, that isn't what the case or article is about.

The real issue is that users often surf under someone else's name,
potentially entering into websites that if their identity were known to the
owner, they wouldn't have been given access.  Anonymity isn't the only issue
considering all the sites that require registration information before
allowing access.  Those sites can now cry "foul".

This is truly sticky stuff, and it is the liability of the surfer to the
site-owner that has changed.  It used to be that liability to the person
impersonated (identity theft, defamation by impersonation, etc.) would be
the big liability risk, especially as sites get visited and inaccurate (or
harmful) information is disclosed by the impersonator.  Now, the site owner
has a hook to sue for the impersonation.  It adds an entire cause of action
to a lawsuit in business litigation.


----- Original Message -----
From: Joshua S. Fouts <fouts () rcf-fs usc edu>
To: MICHAEL S. OVERING <movering () earthlink net>
Cc: <ojr-l () almaak usc edu>
Sent: Friday, January 12, 2001 11:03 AM
Subject: FC: End of online anonymity without liability, from OJR.org (fwd)


>
> Michael,
>
> I passed your piece along to Wired columnist Declan McCullagh.  You might
> be interested in his comments.
>
> Best,
>
> Josh
> ---------- Forwarded message ----------
> Date: Fri, 12 Jan 2001 11:39:51 -0500
> From: Declan McCullagh <declan () well com>
> To: politech () politechbot com
> Subject: FC: End of online anonymity without liability, from OJR.org
>
> [With respect to the columnist, his view seems entirely wrongheaded.
First,
> the Ninth Circuit's ruling was not a final one; it merely said there was
> enough of a claim to go to trial. Second, the Ninth Circuit may have gone
a
> little too far, and the judges themselves note this area of the law is a
> thicket. Third, and most importantly, the case had nothing to do with
> anonymous web surfing and instead was about gaining access to a "secure
> website under false pretenses" by using someone else's name and info
> without clear permission. (If it were about anonymous web surfing, the
> owner of the website never would have learned who the snooper
was!) --Declan]
>




-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if it remains intact.
To subscribe, visit http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
-------------------------------------------------------------------------