I’ve spilled a lot of virtual ink about criminal charges arising from bad behavior on the Internet. Much of the time, these cases have involved conduct that should be criminalized, such as making threats or committing fraud. Essentially, these are things that have always been illegal in the “real” world, transferred onto the Internet, where they’re still illegal.
I’ve also written about crimes that can only be committed online, some of which clearly should be criminalized, such as breaking into computer systems to steal sensitive information. On the other hand, there have been several high-profile cases of criminal law being applied to online conduct in a way that seems to make little sense. For example, there have been cases of people being prosecuted for “unauthorized access” to a computer system for logging into their work computer after quitting or being fired, or setting up fake MySpace pages.
Last week brought another case of a person being prosecuted for setting up a fake online presence.
A woman set up a fake Facebook profile about her ex-boyfriend, and posted inflammatory statements under his name. She is now being prosecuted for identity theft.
Now, I’m not condoning this woman’s conduct. At the very least, I think she should be subject to civil liability for defamation and invasion of privacy. In this case, I’m pretty much on the fence about whether or not this type of conduct, deplorable as it may be, should expose a person to criminal charges.
On one hand, identity theft is a serious problem, and can ruin people’s lives. However, laws against identity theft are primarily meant to guard against the financial harm caused by fraudulent use of another’s identity. While it’s true that any identity theft can also damage its victim’s reputation, that doesn’t seem to be the main motivation for laws banning it. A couple states, including California and New York, do have laws specifically outlawing online impersonation. New Jersey, where this took place, does not.
So, could the state’s existing law against identity theft be stretched to cover the conduct at issue in this case? According to at least one judge, it can.
If New Jersey had a law specifically prohibiting online impersonation, this prosecution would probably be uncontroversial. But, as a matter of due process, I have a problem with prosecutors stretching criminal statutes to be applied to conduct that the actor may not have reasonably expected to be criminal in nature.
This is because due process of law requires that, among other things, that people have notice of what conduct is illegal. Obviously, if there were “secret” laws, it wouldn’t be fair to punish someone for breaking them, when they had no way of knowing that they existed in the first place.
The best way to mitigate the problem of extremely bad conduct which we haven’t thought to criminalize is, unfortunately, to simply learn from our mistakes. In this case, the proper response would be to lobby the state legislature to change the law, not to stretch existing law to accommodate it.
This is unfortunate because this approach generally requires that the first person to commit a bad act that we decide needs to be criminalized would have to go free, since criminal laws cannot be applied retroactively.
But, as I’ve said before, the price we pay for living in a free society with a fair criminal justice system is that some guilty people will go free.
What our clients think
At LegalMatch, we value our client’s opinion and make it a point to address their concerns. You can refer to our reviews page if you want to know what our clients have to say about us.