It's probably only a matter of time before the feds arrest the kid who allegedly hacked into Sarah Palin's Yahoo e-mail account. If the news reports are true, it looks like fingers are pointing to the 20-year-old son of a Democratic state legislator in Tennessee.
But, here's the thing. What do you charge him with? That is - under what law? The Electronic Frontier Foundation, in its blog, found a little loophole that could impact the ability of the Department of Justice to charge this kid for a violation of the Stored Communications Act.
According to the site, the act defines "electronic storage" as "any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof," or in the alternative as "any storage of such communication by an electronic communication service for purposes of backup protection of such communication." The courts have interpreted the act to conclude that both received and unreceived e-mails fall under the umbrella of "electronic storage." From the EFF's blog:
This is because when the recipient accesses an email but does not delete it, it moves from storage incident to transmission to backup storage under the second part of the SCA's "electronic storage" definition. See Theofel v. Farey-Jones, 359 F.3d 1066, 1075 (9th Cir. 2003) (finding that “obvious purpose” for storing a message on the provider’s server after delivery is to provide a second copy of the message in the event it needs to be downloaded again). Thus, since Gov. Palin and Yahoo! are both in the Ninth Circuit (Alaska and California respectively), it would violate the SCA to obtain unauthorized access to her emails, whether opened or not.
Here's the twist: the DOJ has disagrees with that interpretation, the EFF said. The DOJ basically argues that an e-mail that's already been read but then is left on the mail servers is no longer "electronic storage" as defined by the act.
This would mean no SCA privacy protection for the majority, if not the entirety, of the Gov. Palin's email messages at issue. As the DOJ acknowledges, "[i]f Theofel's broad interpretation of 'electronic storage' were correct, prosecutions under section 2701 would be substantially less difficult..." On the flip side, if the DOJ were right and Theofel were wrong, any hacker responsible for obtaining access to those emails - or any other individual's opened messages - could not be prosecuted under the SCA.
It's quite the interesting little twist. Politically, there are plenty of folks who want this kid taken out to the wood shed for exposing the VP candidate's use of personal e-mail for doing state business. Those e-mails also show how closely connected her husband - Todd Palin - was when it came to correspondence about state business (relevant because he has been subpoenaed to testify in the troopergate matter.)
The EFF has done a good job of analyzing the legal arguments in this matter. If you're a legal buff, you'll find some interesting reading by clicking through some of the links on the EFF's blog post.