Hard Cases and Bad Law in US v. Drew

I joined a group of law professors and public-interest groups that filed an amicus brief Friday in the case of United States v. Drew. That criminal case is a repercussion from the horrible and high-profile cyberbullying conducted through MySpace against a small-town Missouri teenager named Megan Meier, who committed suicide in response. Lori Drew, a 48-year-old neighborhood mother, had at least some role (details are contested) in the creation of a hoax profile of an imaginary boy who pretended he liked Meier and then abruptly turned on her. This nasty bullying is so pointlessly mean it gives you goose bumps. Drew was later indicted under the federal Computer Fraud and Abuse Act (CFAA).

The amicus brief, however, calls for the indictment to be dismissed.

Why? For that, I turn to that most wise and quotable of Supreme Court justices, Oliver Wendell Holmes:

Great cases, like hard cases, make bad law. For great cases are called great, not by reason of their real importance in shaping the law of the future, but because of some accident of immediate overwhelming interest which appeals to the feelings and distorts the judgment. These immediate interests exercise a kind of hydraulic pressure which makes what previously was clear seem doubtful, and before which even well settled principles of law will bend.

Northern Securities Co. v. United States, 193 U.S. 197 (1904) (Holmes, J., dissenting)

Megan Meier’s suicide is just such a hard case. I understand and share the desire to hold someone accountable for behavior toward her, especially an adult who participated. I can’t entirely believe I am aiding the defense, in however small a way. But in its efforts to satisfy the desire for accountability, the government proposes to distort the CFAA — to bend well settled principles, in Holmes’ phrase — in a way that could apply to future cases. In other words, to make bad law.

As the brief explains, Congress clearly enacted the CFAA to respond to black-hat hackers (really probably “crackers,” but never mind) who break in to computer systems for malicious purposes. The law imposes criminal penalties on anyone who “intentionally accesses a computer without authorization or exceeds authorized access.” The government’s case against Drew depends on the idea that creating the phony account and using it for bad ends might have violated MySpace’s terms of service. That’s the legalese attached to many web sites that purportedly defines the conditions for use of the site. Read them often? Me neither. Ever give false information to a web site to protect your privacy? Me too. If the government expands the CFAA as proposed here, any violation of terms of service could be a federal crime.

Maybe the Department of Justice would use its discretion and only prosecute bad actors who violate terms of service to do really horrible things like torment a teenage neighbor. But perhaps not. Which is why we define crimes very specifically in our country: exactly because we don’t want to trust in that discretion, and because no one should go to jail for violating an exceedingly vague law. Certainly we don’t want to outsource the definition of these crimes to the private-company lawyers who write terms of service.

We may need a stronger legal response to cyberbullying, though the area is fraught with complex implications for privacy, free speech, and protecting the intermediaries who provide open forums online. Turning every term of service into a criminal law is definitely the wrong response. I loathe what Lori Drew allegedly did, but loathing makes really bad law.

4 Responses to “Hard Cases and Bad Law in US v. Drew”

  1. […] like DOJ might be engaging in some of the same questionable tactics as in the Lori Drew case, which I’ve discussed before. Here, like there, the underlying behavior was wrong and should be criminal. But it matters how you […]

  2. Just the knowledge that the agressor Lori Drew knew her victim, since they only lived four doors apart from one another and were friends with her daughter says it all. Surely Lori Drew knew of her targets illness of depression, seems to lead one to believe that her target was deliberate and premeditated murder. And she should be tried for just that.

  3. […] the awful consequences of the nasty hoax against Meier, it is hard to exactly celebrate. But I did sign an amicus brief arguing that the prosecution stretched the Computer Fraud and Abuse Act well beyond acceptable […]

  4. […] isn’t exactly fast-breaking news, but since I wrote a long post last year about the Lori Drew case and then noted the judge’s decision to rescind her conviction, I […]