Leaks, geeks, & reporters

Leaks, geeks, & reporters

The recent spat of Washington D.C. leaks is “unusually active,” according to FBI Director Mr. James Comey. Even if the leaks are as normal as they are in an allergic nose dealing with New Orleans spring pollen, what are the legal and ethical issues in leaking such confidential information, unknowingly reverse engineering it, or in publishing the leaks?

Generally speaking, liability for the leaker inside the government is clear. Numerous federal laws apply to confidential information circulated within the labyrinth of the federal government, and they generally hold such leakers criminally liable for the willful, and sometimes even negligent, disclosure (or even handling) of such information, including the identity of a Central Intelligence Agency (“CIA”) “covert agent” or President Trump’s tax returns.

However, what about geeks who reverse engineer publicly available information and then end up discovering government secrets and/or strategies through such analysis?

Imagine a modern day Matthew Broderick from WarGames (1983) who correctly intuits a covert government strategy to liquidate foreign ambassadors or heads of state via proxies and then warns how such molehill practices have on prior occasions caused mountains of problems. In the 13 century, Iraqis killed Genghis Khan’s chief envoy and had the beards of the others burned so they could travel back to him humiliated. Thereafter, Mr. Khan massacred almost all of the 200,000 to 1,000,000 inhabitants of Baghdad in one week, at the time the “House of Wisdom” in Islam’s Golden Age. Or take the assassination of Archduke Franz Ferdinand of Austria and his wife in 1914. Many believe that this killing led to the start of World War I, in which nine million combatants and seven million civilians died.

In such instances of geeky reverse engineering of covert government strategies, criminal liability will generally be lacking because such a geek would have no contractual or statutory responsibility to keep quiet, and his speech about an issue of grave public concern – potentially preventing a global conflict — would be protected by the First Amendment. Even so, would be geeks are well advised to consider reprisals from said officials, whether via Nixon type IRS audits or otherwise, and how to protect themselves against them. (Genghis Khan 2.0 protection is one way.)

That’s the leaker and the geek. What about the reporter?

The law in this area is murkier. While there are federal statutes which some have argued would impose criminal liability on a reporter for publishing confidential information, such as a Department of Defense (“DOD”) plan to defeat ISIS, prosecutions have been rare. The First Amendment generally protects the publication of such intelligence. However, in a case where the reporter and leaker work in concert (think offer-acceptance) to violate federal law, a conspiracy case can be brought against the reporter. What is more, prosecutions have been brought against reporters to reveal their confidential sources, as happened with Ms. Judith Miller of The New York Times when she refused to identify the source of information leading to the unmasking of a CIA covert agent, as many say happened in the case of Mrs. Valeire Plame under President George H. Bush’s tenure.

But even if there is no legal liability for the media professional, there is also the question of unintended consequences. Take, for example, a DOD strategy to replace ISIS with “new sheriff in town” Eddie Murphy. Assume a person within President Trump’s DOD, or CIA, who dislikes the President, and/or his political agenda, leaks such the details about the “Murphy Plan” to an unwitting New York Times reporter. The reporter is likely protected in publishing the plan, but should it be published? Asymmetrical information is the key to effective conflict, whether you are in the courtroom, on the battlefield, or in a chess match. Disclosing such a plan, especially if it is already being carried out but even if it hasn’t, would risk the lives of military personnel and/or threaten the security of major cities like New York, Boston, Chicago, and Los Angeles.

Any professional working in media would be well served not only to consider the legalities of reporting leaked information, but also such unintended but foreseeable potential blow back.

Gossip can be fun, but also unlawful?

Gossip can be fun, but also unlawful?

Recently, New York Times reporter Mr. Jacob Bernstein was overheard at a party calling Mrs. Melania Trump a “hooker.” Although he subsequently apologized, the legal question is what legal liability, if any, does either he or The New York Timeshave for his statement? In these times of fast and loose media stories, the question is timely for media professionals and consumers of news.

The First Amendment does not protect all speech. One category of unprotected speech is defamation, an actionable tort. In order to prove defamation, a plaintiff must generally show that an untrue statement was communicated about him or her, that the statement was false, and that such statement injured their reputation in the community. Proof of damage can include, but is not limited to, lost sales for a business. In the case of defamation per se, however, a plaintiff need not show damage because the statement in question is considered harmful on it’s face. Examples of defamation per se generally include calling someone a “bank robber,” a “prostitute,” or both.

Of course, context matters. Where the statements are made under the guise of parody or the words, when read in context, do no mean what they would otherwise mean in isolation, then there may be a potential defense against liability. Barring such context, however, legal liability generally exists. This is true even if you republish the defamatory statement or if the statement was made by one of your employees during the course and scope of their duties to you.

That being said, it is harder to prove defamation if you are a pubic figure. In such a case, you must show that the allegedly false statement was made with actual malice, which means that the person knew the statement to be untrue, or that the person made the statement with reckless disregard of whether the statement was true or false.

Under these guidelines, Mr. Bernstein’s recent statement would be considered defamatory per se. Needless to say, truth is an absolute defense to a defamation claim, so if he could proffer admissible evidence showing his statement to be true, then there would be no liability. Whether his apology absolves him of liability is another question. Defamation law varies by state. In all likelihood, the apology wouldn’t absolve him of liability, but it would be an issue for the jury to consider in determining the amount of compensatory or punitive damages.

Whether The New York Times could be held liable for Mr. Bernstein’s statement is unclear. To be liable, Mrs. Trump would need to show that Mr. Bernstein made the statement within the course and scope of his employment. Courts use various factors to determine this question. One factual issue would be whether Mr. Bernstein was attending the party on behalf of The New York Times, or in his personal capacity. If the former, liability will be more likely. If the latter, less likely, for The New York Times.

Media professionals are under immense pressure to get views of their content, and the quick way to do that is to run salacious eye-grabbing headlines. At the same time, the First Amendment’s protections are not infinite for media professionals. Finding the right balance between offering tantalizing news and also respecting the lines of defamation is a prudent course, but one that may be at risk of attack in today’s fast food news environment.

The emperor still has no clothes!

The emperor still has no clothes!

Recently, a jury found Mr. Ross Ulbricht guilty of running the black market website Silk Road. Many observers claim that the government’s theory expanded liability for third parties like Mr. Ulbricht online. As I mention in a recent GizMoto interview, the government’s theory of liability wasn’t new, but “whether the government obtained the evidence that they wish to use to prove this narrative . . . in a lawful way consistent with the Fourth Amendment” is still up for debate.

On Silk Road, you could buy everything from cyanide, to marijuana, to, yes, some say hit men! The site was dubbed the Amazon of the black market. While diary entries from Mr. Ulbricht showed that he initially intended to launch the site so that he could sell mushrooms, the factual issue in the trial was whether he was the infamous Dread Pirate Roberts who continued to captain the site after it got up and running — and after Mr. Ulbricht supposedly bailed out.

Some have claimed that the government’s theory of liability “would expand legal liability for commerce in contraband online,” and that the outcome of the trial shows that “anonymity is dead.” Under this view, it is a slippery slope to hold Mr. Ulbricht liable for the conduct of people on Silk Road. That means all folks running websites have to be nannies who oversee all that is done on the site or risk criminal prosecution.

Maybe so. The Silk Road verdict makes it tougher to be a libertarian provider of a virtual platform where people can freely — and anonymously — transact. The freewheeling atmosphere on Silk Road was facilitated via the use of Bitcoin as the medium of payment. Some in the financial industry have sought similar anonymity with their “dark pool” methods of trading, where “the trading volume created by institutional orders . . . are unavailable to the public.” Dark pools, too, have come under legal scrutiny.

Contributory liability under copyright makes a third party — here Mr. Ulbricht — liable for infringements that occur under their control that they are aware of, or should be aware of. There is no intentional ostrich defense — “I chose not see or hear criminality!” — to such liability, nor is there such a defense to aiding and abetting violations of federal law. If Mr. Ulbricht was, in fact, Dread Pirate Roberts, then he intentionally facilitated the illegal transactions. In this respect, the case did not “expand legal liability for commerce in contraband online,” and so the emperor still has no clothes, contrary to what others say.

However, Silk Road did suggest new methods of potential government overreaching in the digital age. According to some pundits, the F.B.I. was mysteriously able to uncover the Silk Road servers supposedly via a software flaw on a site’s login page that, in turn, revealed an IP address. Supposedly, the IP address led the feds to an Iceland location where the server for Silk Road was located. Whether this cookie crumb trail created by the feds violated the Fourth Amendment is an issue that will likely be raised on appeal.

Regardless of the outcome of that appeal, Silk Road illustrates the tension between being able to conduct business in private online without the government unlawfully snooping, and society’s interest in regulating virtual transactions that have negative externalities — nasty effects — on all but the transacting parties.