Did the Washington Post Violate the Electronic Communications Privacy Act? (MD4Bush)

NRO ^ | 11/10/05 | Stephen Spruiell

[Republican Red]

Did the Washington Post Violate the Electronic Communications Privacy Act? 11/10 05:24 PM For those of you who have been following the MD4Bush story (if not, click on the links at the bottom of this post to catch up), here's a little breaking news: Free Republic is looking into whether the Washington Post violated the Electronic Communications Privacy Act when Post reporter Matthew Mosk accessed the Free Republic account of MD4Bush.

According to the Post's statement on the matter, Mosk was given MD4Bush's sign-on information by "someone acting on MD4Bush’s behalf." He then used that screen name and password to log into MD4Bush's account and view private e-mails sent between MD4Bush and former Maryland state official Joseph Steffen.

According to the Electronic Communications Privacy Act, anyone who "intentionally accesses without authorization a facility through which an electronic communication service is provided; or... intentionally exceeds an authorization to access that facility" is committing a crime. In this case, the Post claims it had authorization to view the private e-mails because it was given the password by "someone acting on MD4Bush's behalf."

There are two problems with this defense. First, how could the Post have known that this "someone" was really "acting on MD4Bush's behalf"? Free Republic spokesman Kristinn Taylor gave me the following example:

Imagine if I gave you the keys to someone's house and I said, 'If you go in this house, you'll find something newsworthy. Oh and trust me, I know the guy whose house this is, and he wants you to go in there.' Regardless of the legal questions, that certainly wouldn't be ethical. Yet that's exactly what Mosk did when accessed a total stranger's Free Republic account and viewed that account holder's private correspondence. To compound that ethical lapse, Mosk did not report these actions in his stories about Joseph Steffen. He merely alluded to "private e-mails, which were given to The Washington Post."

Second, even if the Post could prove that Mosk had MD4Bush's consent to log into his private account, that wouldn't be enough to exempt the Post from the Electronic Communications Privacy Act. That's because each Free Republic user agrees to terms of use, one of which is that the user will not give out his password. In other words, MD4Bush was not authorized to give Mosk permission to use his password — as the other party to the user agreement, Free Republic's consent was required also.

Taylor told me that Free Republic is looking at its options and considering legal action against the Post. Up until now, Free Republic has not released much information about the identity of MD4Bush, other than to say that his account was associated with the mddems.org web domain (not an mddems.org e-mail address, as this otherwise informative Washington Times piece reported today). But since it's now clear that MD4Bush violated his user agreement, Free Republic is considering whether he forfeited his confidentiality.

That Free Republic might go public with the name has the state Democratic Party on the defensive. This week, WBAL in Baltimore reported that the co-chairman of the Maryland Democrats, Keiffer Mitchell, has called for an investigation into whether the state party was involved in the MD4Bush affair, calling MD4Bush's tricks, "despicable" and saying an investigation was needed to "clear the air."

Unfortunately, the Washington Post has not shown a similar desire to shed light on its own role in assisting MD4Bush in his political hit on the governor of Maryland. The Post maintains that it does not know the identity of MD4Bush, but it has refused to name the "someone" who gave Mosk MD4Bush's sign-on information. In the interest of avoiding a criminal investigation, it might behoove the Post to come clean.

[Nam Vet]

I love your tagline. I've been telling people this for ages.

Nam Vet

[cricket]

Bump for the truth here and soon. . .and thanks for updating what is going on here. . .

This is an incredible story; and a posturing media is becoming SOP. . .

That said; it will probably rise to 'gate' level; only with their help. MSM may not be as forthcoming as we would expect. . .to say the least.

[hoosiermama]

Apparently the MSM would RATHER not tell "the truth and nothing but the truth"......

[Mrs Zip]

ping

[Katya]

I think Mosk knows all these guys intimately. There was no "third" party...

[Sandy]

This sounds like a stretch if you ask me.

Here's the relevant provision:

[W]hoever
(1) intentionally accesses without authorization a facility through which an electronic communication service is provided; or
(2) intentionally exceeds an authorization to access that facility;

and thereby obtains...access to a wire or electronic communication while it is in electronic storage in such system shall be punished as provided in subsection (b) of this section.

Definitions:

Electronic Communication means any transfer of signs, signals, writing, images, sounds, data, or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectronic or photooptical system that affects interstate or foreign commerce

Electronic Communication Service means any service which provides to users thereof the ability to send or receive wire or electronic communications

Electronic storage means—
(A) any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof; and
(B) any storage of such communication by an electronic communication service for purposes of backup protection of such communication;

-------------------------------

Now, maybe Free Republic can be considered an "electronic communication service" and FR's database/server/whatever can be considered a "facility through which an electronic communication service is provided", but I don't see how Freepmail qualifies as being in "electronic storage" (as defined above).

[Mr. Rational]

What part of the freepmail was not electronically stored?

Do you think they were printed out in hard copy?

[Nomorjer Kinov]

Hey Norm, I have an extra copy of Matt Mosk's bank card and his pin number. He's okay with your taking the card and making a withdrawal, if you want to, that is.

Disclosure, this is hyperbole - I do not actually have any such property of Mr. Mosk's.

[Beagle8U]

You dont have it? I do.

His pin # is ****** / sarc.

[Sandy]

What part of the freepmail was not electronically stored?

I'm not sure, that's why I'm asking. The legal definition says, "temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof", meaning the communication gets stored in one location while en route to another location. I'm not certain, but I'm pretty sure that freepmail doesn't go anywhere beyond FR's server. It never gets downloaded from ISPs in the way that regular e-mail gets downloaded. It's just not the type of communication that ECPA was intended to protect. Besides that, I'm not sure that FR even qualifies as an Electronic Communication Service Provider within the meaning of the act at all.

And beyond all of those concerns, I fail to see how the communication itself had any affect whatsoever on interstate (or foreign) commerce, which is another ECPA requirement.

[conservative in nyc]

What do you think the comparison is to Gannon?

[conservative in nyc]

Thank you.

[rvoitier]

*IF* Jim decided to release all MD4Bush's info, as you say, I would only hope that Jim would, 1)Notify us FReepers, in advance (at what time/day), that he will do so, & 2) Then release that info in exclusive-like fashion for the members.

Of course, Jim is supported either way he decides.

[HiTech RedNeck]

He then used that screen name and password to log into MD4Bush's account and view private e-mails sent between MD4Bush and former Maryland state official Joseph Steffen.

Whoah...??? Is Steffen a freeper too? I wasn't aware that Free Republic provided a way of using freepmail to contact external email addresses. (Cool feature if so)

Also, does FR log invalid attempts at login? Would seem to me that MD4Bush got hacked into.

[rvoitier]

Enchante,

I'm replying to you on such a trival matter I'm hesitant to go through with it. Aw, what the heck, here it is; you mentioned that Steffen only responded to the rumors with a, "'yeah I heard that too'....."

Actually, if my memory serves me correctly, that was Libby's or Rove's utterance in the Plame setup. Steffen's was something to the effect of, "Don't go there."

[rvoitier]

Also, as you know, the left is 'going after' Delay, Bush, Frist and Rush over and above the normal stuff.

[SnuffaBolshevik]

Whoah...??? Is Steffen a freeper too?

Steffen is/was NCPAC.

[cricket]

Apparently the MSM would RATHER not tell "the truth and nothing but the truth"......

For sure. . .and they are totally committed to doing/not doing. . .and are no doubt, reassured as the lies/half-truths - distortions/convolutions of the truth. . .do take a toll. . .

[A message]

Borrowed conservative in nyc's ping list with his prior permission.

Good one Anti-Bubba.

The Enemedia will be destroyed by their own actions.

Take this one down Jim, all in good time.

[Woodstock]

Would seem to me that MD4Bush got hacked into.

WaPo admits to using MD4BUSH's screen name and password. They say they had permission from a third party who provided the infor. The problem is, the Post says they do not know the identity od MD4BUSH. So, how do they know they had MD4BUSH's permission to use the screen name and password?