Blown To Bits

The Frightening Prosecution of Lori Drew

Monday, November 24th, 2008 by Harry Lewis

Lori Drew is the Missouri woman implicated in the death of Megan Meier, who committed suicide after being jilted on MySpace by the fictitious boy allegedly created by Drew and a teenage accomplice. When we finished Blown to Bits, Drew had not been charged with any crime, because no statute seemed to cover what she had done, horrible though it was. We wondered in the book if she might simply have done something evil but lawful.

Drew is now being tried in California, not Missouri, on federal charges, of violating the Computer Fraud and Abuse Act. Interpreting this law to cover what Drew did is an overreach with scary implications. Let’s look at the language under which she is being charged, section a(2)(c):

whoever … intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains …  information from any protected computer if the conduct involved an interstate or foreign communication …

The government’s position is that by creating a hoax MySpace account, Drew violated this section because MySpace’s computers were in California, across state lines, and she obtained from that computer information about Megan Meier.

Now this is not what Congress had in mind when it wrote this language, and it is not the way it has ever been applied. This is a clause about computer break-ins (“hacking”). The “information” the law is talking about is information stored in the computer. It’s not a law about getting someone to tell you something using email or instant messaging. And the “unauthorized access” is also about breaking in to systems that are protected by passwords, for example, not about violating the terms of service of a service provider such as MySpace by misrepresenting who you are.

I understand the temptation to stretch to find a tool to throw at Lori Drew, but think of how many other situations would be covered if this clause were read that broadly. Fib about your age on a dating site? Jail time. Use Google or set up a Gmail account when you are only 17 years old? Jail time (2.3 of the TOS reads, “You may not use the Services and may not accept the Terms if you are not of legal age to form a binding contract with Google.”) Use different middle initials on different accounts so you can see who’s leaking your name to direct mailers? Jail time.

Would the Feds go after anyone for such minor offenses? If Lori Drew is convicted under this law, they will have carte blanche to do exactly that. That is precisely the point — they don’t really care if Lori Drew created a hoax MySpace account, they want to get her for causing Megan Meier’s death. But they can’t think of a way to do that, so they are turning MySpace hoaxing into a federal crime.

By that standard, if they can’t get you for what you’ve really done, they may settle for jailing you for failing to update your Facebook profile when you change jobs. After all, you agreed to do that when you signed up:

[Y]ou agree to ‚Ķ provide accurate, current and complete information about¬†you as may be prompted by any registration forms on the Site (“Registration¬†Data”) ‚Ķ [and] maintain and promptly update the Registration Data, and any¬†other information you provide to Company, to keep it accurate, current and¬†complete.

(Thanks to the amicus brief by Phil Malone of the Berkman Center, among others, for these hair-raising examples.)

I hope Lori Drew burns in hell, if there is one. But the federal government should not take us all down with her in its zeal to get her punished on earth as well.


2 Responses to “The Frightening Prosecution of Lori Drew”

  1. Vickie Pynchon Says:

    As they say, bad facts make bad law.

  2. Blown to Bits » Blog Archive » Lori Drew and Tom Paine Says:

    […] The Frightening Prosecution of Lori Drew […]