Can a case be made against the Palin e-mail hacker?

Can a case be made against the Palin e-mail hacker?

Summary: It's probably only a matter of time before the feds arrest the kid who allegedly hacked into Sarah Palin's Yahoo e-mail account. If the news reports are true, it looks like fingers are pointing to the 20-year-old son of a Democratic state legislator in Tennessee.


It's probably only a matter of time before the feds arrest the kid who allegedly hacked into Sarah Palin's Yahoo e-mail account. If the news reports are true, it looks like fingers are pointing to the 20-year-old son of a Democratic state legislator in Tennessee.

But, here's the thing. What do you charge him with? That is - under what law? The Electronic Frontier Foundation, in its blog, found a little loophole that could impact the ability of the Department of Justice to charge this kid for a violation of the Stored Communications Act.

According to the site, the act defines "electronic storage" as "any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof," or in the alternative as "any storage of such communication by an electronic communication service for purposes of backup protection of such communication." The courts have interpreted the act to conclude that both received and unreceived e-mails fall under the umbrella of "electronic storage." From the EFF's blog:

This is because when the recipient accesses an email but does not delete it, it moves from storage incident to transmission to backup storage under the second part of the SCA's "electronic storage" definition. See Theofel v. Farey-Jones, 359 F.3d 1066, 1075 (9th Cir. 2003) (finding that “obvious purpose” for storing a message on the provider’s server after delivery is to provide a second copy of the message in the event it needs to be downloaded again). Thus, since Gov. Palin and Yahoo! are both in the Ninth Circuit (Alaska and California respectively), it would violate the SCA to obtain unauthorized access to her emails, whether opened or not.

Here's the twist: the DOJ has disagrees with that interpretation, the EFF said. The DOJ basically argues that an e-mail that's already been read but then is left on the mail servers is no longer "electronic storage" as defined by the act.

This would mean no SCA privacy protection for the majority, if not the entirety, of the Gov. Palin's email messages at issue. As the DOJ acknowledges, "[i]f Theofel's broad interpretation of 'electronic storage' were correct, prosecutions under section 2701 would be substantially less difficult..." On the flip side, if the DOJ were right and Theofel were wrong, any hacker responsible for obtaining access to those emails - or any other individual's opened messages - could not be prosecuted under the SCA.

It's quite the interesting little twist. Politically, there are plenty of folks who want this kid taken out to the wood shed for exposing the VP candidate's use of personal e-mail for doing state business. Those e-mails also show how closely connected her husband - Todd Palin - was when it came to correspondence about state business (relevant because he has been subpoenaed to testify in the troopergate matter.)

The EFF has done a good job of analyzing the legal arguments in this matter. If you're a legal buff, you'll find some interesting reading by clicking through some of the links on the EFF's blog post.

Topics: Security, Collaboration, Hardware, Storage

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • What was done was wrong. Period.

    Hacking is hacking. I sure hope a case can be made against this person(s).

    As much as I can't stand the thought of Sarah Palin being a heartbeat away from running this country, and no children...I'm NOT a Democrat or Republican...although there are plenty of them who feel likewise...whoever did this disserves to be punished.

    There can be no tolerance for hacking into computers, even if no harm is intended. Yea?yea?I know, whoever did this WAS hoping to do some harm, so don?t waste time picking that comment apart.

    This act transcends political leanings, it was meant to be purely malicious.
    • Well, I do not like Palin either, this will bring back the Dan Quayle

      type of jokes, especially if they are elected. But, this kid may have targeted here because she is Republican, and stupid.
      • Not intelligent like you, correct?

        But it is nice too see that you label all Rebublicans as stupid.

        And people wonder who is truely to blame for all the ills of this world: is it the intolerant governments, the intolerant people, or a mixture of both?
        • Well, Palin is Republican AND STUPID. Similar to a Dan Quayle type.

          But, there are actually some smart Republicans. McCain is one of the best Republicans in my opinion. But, for the life of me, I do not know why he would pick such a BIMBO.
    • I agree with ya IT_Guy_z ... but ...

      ... equally it should be treated in the same way a hack on anyone else's Yahoo! Mail account would be treated.
      Adrian Kingsley-Hughes
      • Absolutely. She's no more special than anyone else.

      • Treat it the same way

        So, the media has a lot of retraction to do. Because if Joe Schmoe's Yahoo mail account got hacked, it would be totally up to Yahoo whether or not to press charges. And nobody would be so up and arms, and you and I probably wouldn't have heard about it at all.

        So, agreed, let's treat it the same way, and ignore the whole damn thing.
  • The issue is not the hack itself

    ... the issue is the illegal publication of private email.

    Not only should the hacker be held responsible to the extend of the law, the owners of the website that freely published the emails should as well. They knew that this went beyond the scope of leaking evidence of a crime. They violated Palin's privacy just to get son hits.

    When you look at what they published, it is pretty clear that the emails are 100% private. It even has family photos. Nothing incriminating at all.

    This was just the same as somebody braking into her house and stealing her family pictures, then trying to sell them for a profit.
    • Absolutelly!

      [i]This was just the same as somebody braking into her house and stealing her family pictures, then trying to sell them for a profit.[/i]

      That is absolutelly correct.

      And if a week password was the culprit, it should be no diffenet then a week lock on a house: it should not be the owners blame.
  • Interesting Irony

    The same group filing a class action law suit regarding the interception of email advocates for a loophole for the hacker of an email account.

    That's about as good as the dolts hollering about stolen elections in one breath and shrieking about having to show a photo ID at a poling place in the next.
    • "advocates"?

      they are stating established legal opinions, not
  • RE: Can a case be made against the Palin e-mail hacker?

    "Politically, there are plenty of folks who want this kid taken out to the wood shed for exposing the VP candidate???s use of personal e-mail for doing state business."

    That kid isn't the one who exposed the fact that Palin had a Yahoo account.

    I subscribe to the They were yammering about the fact that she conducts Alaska State business on a private Yahoo account. And, that she campaigned on "transparency"; then, didn't want her emails to be archived by the state.

    What was she hiding? My guess is the reason those hackers didn't find anything notable is because she deleted them when the ADN article ran.

    What I've read, around the web, is that she has two accounts. The ADN article(s) is how the "anonymous" group members learned of it & decided to hack it.
    • TejasKat Bias

      Are you really in IT, are just trolling the web to speculate on Gov. Palin? First, you assume that she "didn't want her emails archived by the state" and then you "guess" that she "deleted them when the ADN article ran". Then you say "What I've read" etc.

      You are either an activist, ignorant or a pawn of the DNC.

      I am a conservative, a student of government for 45 of my seventy years and an admirer of the Bush administration. And I highly recommend the book "America's Secret War" to anyone who wants to gain some understanding of why we went into Iraq.
  • Not so fast....

    The only thing being confirmed by anybody is David Kernell is the person of interest in this case. I haven't heard any offer of proof yet or any direct statement from him. Doesn't this seem a little too easy? This kid all but gives himself up with the rubicon10 post, uses a password (popcorn) that's a parody of his own last name...

    Is his dad (state senator Mike Kernell, Memphis) up for re-election? Talk about misdirection. This could actually be about something else entirely, maybe even local/state politics.

    David Kernell is a chess player, having won the 2004 Tennessee Open Scholastic Chess Championship. I don't think his moves would be this transparent. He has a trail all over the internet. It would be as easy to spoof his ID as it was to guess Palin's security question answers.

    Now this is starting to make a little bit of sense, either way. But I still have a problem with the boy's motive if he is responsible. This could all be a smokescreen for a cover-up of the destruction of Palin's emails. Maybe the incriminating stuff was already culled. Wouldn't most if us delete something like that right away? I don't think she's a moron. She reads a teleprompter very well.
    • lets investigate then

      How funny is it going to be that the Democrats lose control of congress when they find evidence on the dudes system and his father loses the election due to it. And then the American public shift their vote because Obama has kept quiet about it in a sign that appears to be silent condone..\
    • Teleprompter?

      Sort of like, oh, I don't know, a major party candidate for president who is NOT Gov. Palin's running mate?
  • RE: Can a case be made against the Palin e-mail hacker?

    If this "college student" did this the only solution is execution. This was an act of treason and an act of war! What did Ombama know and when did he know it.
  • If I wanted to "hide" state business with another account...

    If the intention of Sarah Palin was to "hide" state business mail with another account, I wouldn't use my name in the e-mail, and I wouldn't use my birth-date and common knowledge data for the questions, and maybe wouldn't use a Yahoo account... because if I had the intention of wrong doing then I would be extra careful. Seems more that she is not a sophisticated techie (and why would she be...). More sophisticated pols maybe don't even e-mail themselves - they use their assistants. I am on the camp that this should be prosecuted, but that it should be equaly prosecuted as any other breach of e-mail...
    Roque Mocan
    • Have you actually looked at the article and documents??

      You must be the typical idiot who reads the title and assumes the content.

      If you had 1/2 of a neuron you would at least look at what was published before you wrote your "opinion" based on your own mental problems.

      There is nothing in the leaked documents but family photos, emails with friends, emails with the daughter, and family members. Nothing that could even be seen as "doing state business on private email", as idiots like you assumed.

      Take a little time to get your brain checked before you post stupid lies about a topic you have not even spent 3 seconds reading beyond the titles.
  • RE: Can a case be made against the Palin e-mail hacker?

    This smacks of the pretexting case against HP. The person knowingly accessed an account that he knew was not his. The website published that info knowing it was wrong - endangering the life even of the children since the site claimed to have called them based on the screen shots they received. If I leave my front door unlocked and subsequently get robbed - I might be stupid - but the robbers still broke the law even if they did not take anything, it is still tresspassing.

    It's not up to Hackers to solve the problem of using a personal account for public business - that is vigilantism.

    Whoever did this ought to be prosecuted to the furthest extent of the law. It was unethical and wrong.