Lying on Facebook could become federal crime

Have you ever lied on Match.com? Or created an account on Facebook using a fake name?

Did I say I went to Harvard? I meant ABAC! (AP Photo)

Do you have a teenage child that uses Google?

These common online behaviors aren’t illegal, yet.

A representative from the U.S. Department of Justice appeared before Congress Tuesday asking that august body to strengthen laws to “[improve] cybersecurity [of] our nation’s critical infrastructure, and the federal government’s own networks and computers.”

Noble goals, surely.

But the changes requested by Richard Downing, deputy chief of the Computer Crime and Intellectual Property Section at the Department of Justice, would also broadly criminalize many things Americans currently do online, NPR reports.

The Justice Department, it seems, want to make it a crime to violate a website’s terms of service.

No one bothers to actually read those things, but it is a violation of Facebook’s terms of service to provide any false information on your profile (like your height), create an account for anyone other than yourself (including pseudonyms), create more than one account. Match.com and other sites have similar rules.

Downing told Congress the new law would merely be “the latest development in the steady stream of progress we are making in securing cyberspace.”

Downing seems to realize that criminalizing violations of website terms of service is taking it too far in his testimony:

Some have argued that this can lead to prosecutions based

upon “mere” violations of website terms of service or use policies.  As a result, some have

argued that the definition of “exceeds authorized access” in the CFAA should be restricted to

disallow prosecutions based upon a violation of contractual agreements with an employer or

service provider.  We appreciate this view, but we are concerned that that restricting the statute in

this way would make it difficult or impossible to deter and address serious insider threats through

prosecution.

Some have argued that this can lead to prosecutions based upon “mere” violations of website terms of service or use policies.  As a result, some have argued that the definition of “exceeds authorized access” in the [Computer Fraud and Abuse Act ] should be restricted to disallow prosecutions based upon a violation of contractual agreements with an employer or service provider [such as Facebook ].  We appreciate this view, but we are concerned that that restricting the statute in this way would make it difficult or impossible to deter and address serious insider threats through prosecution.

George Washington professor and attorney  Orin S. Kerr pointed out to Congress that the new law would expose millions of Americans to federal prosecution.

The current version of the Computer Fraud and Abuse Act (CFAA) poses a threat to the civil liberties of the millions of Americans who use computers and the Internet. As interpreted by the Justice Department, many if not most computer users violate the CFAA on a regular basis. Any of them could face arrest and criminal prosecution.

… The CFAA criminalizes conduct as innocuous as using a fake name on Facebook or lying about your weight in an online dating profile. That situation is intolerable. Routine computer use should not be a crime.

Kerr said the law is so broad it would make it a federal offense for a young teen to use Google, or to lie about how often you visit the gym on Match.com.

The Terms of Service of the popular Internet search engine Google.com says that “[y]ou may not use” Google if “you are not of legal age to form a binding contract with Google.”  The legal age of contract formation in most states is 18. As a result, a 17-year-old who conducts a Google search in the course of researching a term paper has likely violated Google’s Terms of Service. According to the Justice Department’s interpretation of the statute, he or she is a criminal.

Lying on a dating site?

The Terms of Use of the popular Internet dating site Match.com says that “You will not provide inaccurate, misleading or false information . . . to any other Member.” If a user writes in his profile that he goes to the gym every day – but in truth he goes only once a month – he has violated Match.com’s Terms of Use. Similarly, a man who claims to be 5 foot 10 inches tall, but is only 5 foot 9 inches tall, has violated the Terms. So has a woman who claims to 32 years old but really is 33 years old. One study has suggested that about 80% of Internet dating profiles contain false or misleading information about height, weight and age alone.

Kerr takes his argument to absurdist realms.

Terms of Use can be arbitrary and even nonsensical. Anyone can set up a website and announce whatever Terms of Use they like. Perhaps the Terms of Use will declare that only registered Democrats can visit the website; or only people who have been to Alaska; or only people named “Frank.” Under the Justice Department’s interpretation of the statute, all of these Terms of Use can be criminally enforced.

Maybe the Patriot Act isn’t so bad after all.