Saturday, June 02, 2007

Assault with a Deadly Laptop

When you travel with your laptop and want to connect to the web, you look around for a wifi connection, right? In a coffee shop, or a mall, or a city park, or even pulled up alongside the curb on a suburban side street — you look for available service, and if there’s no password requirement or proprietary warning page, you’re in, ready to check your email, look at the news headlines, or even put up a post at Gates of Vienna. No harm in that, right?

Wrong.

Witness this news story from a couple of days ago:

The laptop copA Michigan man has been fined $400 and given 40 hours of community service for accessing an open wireless Internet connection outside a coffee shop.

Under a little known state law against computer hackers, Sam Peterson II, of Cedar Springs, Mich., faced a felony charge after cops found him on March 27 sitting in front of the Re-Union Street Café in Sparta, Mich., surfing the Web from his brand-new laptop.

Last week, Peterson chose to pay the fine instead as part of a jail-diversion program.

“I think a lot of people should be shocked, because quite honestly, I still don’t understand it myself,” Peterson told FOXNews.com “I do not understand how this is illegal.”

His troubles began in March, a couple of weeks after he had bought his first laptop computer.

Peterson, a 39-year-old toolmaker, volunteer firefighter and secretary of a bagpipe band, wanted to use his 30-minute lunch hour to check e-mails for his bagpipe group.

Mr. Peterson had made a habit of pulling up in his car alongside the coffee shop and connecting to the web. An alert barbershop employee across the street thought his behavior was suspicious, since he never got out of his car, and called the cops. A policeman came to talk to him, asked him what he was doing, and he explained. The cop went back to the station and filed a report, the word went up the chain to the prosecutor’s office, and the prosecutor discovered a handy Michigan state law that could be used to take this menace to society off the streets.

Mr. Peterson could have fought the law, but he was facing a felony conviction, with five years in the slammer and a $10,000 fine, if he lost that particular throw of the legal dice. He consulted two lawyers — neither of whom had ever heard of the law — and they advised him that the prudent course would be to plead to the lesser charge, so that’s what he did.

My good friend Wally Ballou had some choice words on the subject:

I think the prosecutor is full of s**t, and it could easily have been fought, but I understand why the fellow didn’t want to do it.

That law, as I understand it, only makes it illegal to use access to commit an illegal act; the access in itself is not illegal. This is the first time I have read that it wasn’t the coffee shop that complained; the barber was concerned about stalking. Once the cops determined that he was not stalking, they should have been done. Some cops are pigs.

In any case, it is outrageous behavior on the part of the cops and prosecutor.

This is a Michigan law. It was the Police Chief who made the arrest. The prosecutor’s argument that he had no discretion in the case is prima facie proof of incompetence.

With an unfathomable burden of countless laws, a prosecutor who can’t exercise common sense about things like intent (both the intent of the law and of the alleged perp) places an intolerable burden on citizens, and makes lawfulness impossible.

An unfathomable burden of countless laws… Makes me think of normal day-to-day life in the EU.

Orin Kerr at the Volokh Conspiracy has weighed in on the incident:
- - - - - - - - - -
But did Peterson actually commit a crime? The answer hinges on Michigan’s somewhat unique computer crime law, and in particular on its definition of the meaning of “authorization.” Like every state — and like the federal government — Michigan has an unauthorized access statute that serves as the basic computer crime law. (For my take on these statutes, see this article.) Here’s Michigan’s law, Section 752.795(a):

A person shall not intentionally and without authorization or by exceeding valid authorization . . . Access or cause access to be made to a computer program, computer, computer system, or computer network to acquire, alter, damage, delete, or destroy property or otherwise use the service of a computer program, computer, computer system, or computer network.

So far, this is a pretty standard unauthorized access statute. But Michigan does something that is pretty unique; it has a statutory presumption against access being authorized:

Go over to Volokh and read the details about Michigan’s presumption of guilt when it comes to computer criminals.

An MBA who volunteers at the Center for Vigilant Freedom had some ideas about how the whole affair could have been handled differently, with results that would benefit everybody — Mr. Peterson, the coffee shop, the criminal justice system, and society at large:

Clearly the restaurant was offering the wireless access as an amenity to draw in customers. There’s always an economic chance for positive externalities to bring in freeloaders.

But the likelihood of someone who doesn’t pay for the amenity (by buying coffee) eventually deciding he wants coffee is, after all, pretty high. The owner is hoping that he’ll come in and get a cup of joe and a bagel eventually.

The wireless access is a marketing device — to get people to buy refreshments. It’s like movies; the real cash comes in from the refreshments.

People go to coffee shops, bring their own entertainment in the form of computers, and the real cash comes in from the refreshments. It’s the same business model — In marketing, and specifically in advertising, the two parameters are reach and frequency. Frequency is how often you get hit with the marketing message, and reach is who gets hit.

Now if the wireless reach is beyond the restaurant, that is a benefit to the restaurant if it brings in people to buy the bagels. All they need to do is put in coupons, and make sure that when someone signs on, they have a special — for example, use this coupon in the next thirty minutes, and you’ll get a free coffee.

Michigan businesses would do well to talk to legislators to change the law. Both businesses and legislators can surely realize that this is not just outrageous, but stupid — the business argument is equally likely to get a better law passed.

The barbershop guy was right to call the police to report suspicious behavior. Peterson could have been a terrorist. When the police came, instead of shopping for a statute and charging him after the fact, they should have shopped for the statute (if this was important to them) and then given him a warning before charging him. A letter saying, “Hey — you were doing this, turns out it’s illegal and we didn’t even know that ourselves, but in the future don’t do it.” If they didn’t know it’s illegal, why should he?

Part of the job of community policing is communication. Getting people to talk to each other. Much of what foot patrols or car patrols do is mediate, not jump to prosecution or arrest.

The point is to solve problems, if possible without burdening the courts and prisons, which are already overtaxed. Why couldn’t the police say, “We’re going to ask the café owner how he feels about this — why don’t you go buy some coffee from the guy to pay him back for using his wireless? Be a mensch, buy a bagel.”

And if the café owner is upset, the police can say, “The guy doesn’t like you mooching off his wireless; cut it out, asshole! You come back tomorrow we’ll give you a parking ticket.”

Here’s the happy ending: the café owner hires the guy’s bagpipe group to entertain, for $400. And the bagpipe group agrees to have all meetings at the coffee shop in the future, and buy food and drink. The name of the café as a sponsor of the bagpipe band can go on their kilts and pipes, so he gets free advertising. Also on their website.

Everybody wins.

While he’s at it, the café owner needs to get a password protection even if it’s free wireless — he can use the access to the password as a way to push a coupon onto the user, time-defined to encourage usage.

Nice scenario. It’s too bad that people don’t usually have this much common sense. It’s not just a good business model; it’s a good way to run the country.

But for the time being, remember: a loaded laptop in the wrong hands can be dangerous.

6 comments:

History Snark said...

How many times have I mentioned what idiots the politicians in this State are? Given the current situation of a single-state depression, one might think that the elected officials would have better things to do, but clearly not.

The saddest thing is that Sparta is in the more conservative, western part of the State. Which is the only functional portion.

Ugh. Two more weeks, and I'm gone. With luck, for good.

Yankee Doodle said...

If the incident had occurred in a sitcom, it would have been hilarious. Keystone cops? Deputy Barney?

Anonymous said...

I usually agree with most things i read here but if someone parked outside my house or the place i worked to connect to an open wireless Internet connection, I would most definitely think that they deserved a ticket. Its just common decency, not to do stuff like that. This guy even made a habit out of it, what a jerk.

The very least he could have done was to buy a cup of coffee and ask, first. The way he behaved is just low and creepy.

Wally Ballou said...

phanarath - he didn't get a "ticket", he got a felony charge. I don't say his behavior was correct - I just think a warning was all it deserved. Especially since the coffee shop owner did not complain, and even now says she doesn't mind.

Anonymous said...

Wally Ballou - Ok, I agree that a felony charge is over the top.

Maybe a warning was all it deserved. But if more people do it, it has to be more then a warning.

My problem with this is that he did it without asking. And so he couldn't know if the coffee shop owner would mind or not. The fact that she doesn't mind, shouldn't really mean anything now, when judging his action.

I could easily forgive a teenager for something like this, like I could if a kid was picking apples in my front yard. But a 39 years old man should know better.

Also its a bit more serious then stealing apples. There is a matter of identity to consider, when using anothers IP address without them knowing about it.

But off course you, Americans are better judges on what should be done about these things, in America. Laws always work best when they reflect the local moral reality as closely as possible. I just thought I would add a different perspective, most people I know would not take kindly to people using their Internet connections and IP addresses, without them knowing about it. At the same time I think most would be happy to say yes, if asked.

History Snark said...

But again, is it really that bad? Okay, it seems he did it regularly, so he should have at least gone into the business- if only occasionally.

But still... if you put in a network, and leave it open, then you must be prepared for this. I have a network at home, and I've always protected it.

So I guess I'm in the "it's alright, as long as you don't do it regularly" category. But still, a felony charge is excessive. I think a firm "talking to" would have been the correct approach.