By far the most reported and commented-upon Michigan legal story over the holidays was Oakland County prosecutor Jessica Cooper's decision to charge a man who used his wife's password to read her email with a felony under the state's anti-hacking law, PA 53 of 1979. Here's the pertinent language of the act:
A person shall not intentionally and without authorization or by exceeding valid authorization do any of the following:
(a) Access or cause access to be made to a computer program, computer, computer system, or computer network to acquire, alter, damage, delete, or destroy property or otherwise use the service of a computer program, computer, computer system, or computer network.
(b) Insert or attach or knowingly create the opportunity for an unknowing and unwanted insertion or attachment of a set of instructions or a computer program into a computer program, computer, computer system, or computer network, that is intended to acquire, alter, damage, delete, disrupt, or destroy property or otherwise use the services of a computer program, computer, computer system, or computer network. This subdivision does not prohibit conduct protected under section 5 of article I of the state constitution of 1963 or under the first amendment of the constitution of the United States.
It's a popular layperson's story, but it has also garnered some interesting legal blog commentary. Here are two:
Eugene Volokh: The question is whether the wife had expressly or implicitly authorized the husband to access her e-mail. If she hadn’t, then I suspect the husband’s behavior would violate the statute, because it involves access to Google’s computers in a way that exceeds the husband’s authorization — we are all allowed to access Google’s computers through our Gmail accounts, through Google searches, and so on, but not through the Gmail account of another person without that person’s authorization. That result might not be completely obvious from the statutory text, partly because the statute speaks in terms of unauthorized access to computers (likely because it was enacted in 1979), and not unauthorized access to data; things would be clearer if the statute specifically barred access to data on a computer without the authorization of the person who is properly considered the owner of the data. But as I understand it statutes such as the Michigan one have generally been read to cover such unauthorized access to others’ e-mails on third-party computers.
Jonathan Turley: Putting aside the intent behind this law, the question is one of prosecutorial discretion and frankly over-reach. We have seen the gradual over-criminalization of America where every act — great or small — has been translated into some form of crime. For a previous column, click here. If this type of intrusion is criminal, millions of people would be felons. Without some evidence of a collateral crime such as identity theft, the prosecutors should have left this to the divorce courts. My assumption is that Ms. Cooper has other crimes to prosecute in Michigan.
