defamation liability of computerized bulliten board operators.txt

1000 HOWTOs for various needs [WINDOWS]

             D E F A M A T I O N   L I A B I L I T Y 
                               O F 
                     C O M P U T E R I Z E D 
         B U L L E T I N   B O A R D   O P E R A T O R S 
            A N D   P R O B L E M S   O F   P R O O F 



                                       John R. Kahn
                                       CHTLJ Comment
                                       Computer Law Seminar
                                       Upper Division Writing
                                       February, 1989
                                       
                                       
---
             D E F A M A T I O N   L I A B I L I T Y 
                               O F 
                     C O M P U T E R I Z E D 
         B U L L E T I N   B O A R D   O P E R A T O R S 
            A N D   P R O B L E M S   O F   P R O O F 

John R. Kahn
CHTLJ Comment/Upper Division Writing/Computer Law Seminar

February, 1989

_________________________________________________________________

I.  INTRODUCTION
    
         A  computer  user  sits  down  at her personal computer, 
turns  it  on, and has it dial the number of a local computerized 
bulletin  board  service  (BBS)  where  she  has  been exchanging 
opinions,    information,    electronic    mail,   and   amicable 
conversation  with other users. Upon connecting with the BBS, she 
enters  a secret "password", presumably known only to herself and 
to  the  bulletin  board  operator,  so  as to gain access to the 
system.

         To  her  surprise,  she  finds herself deluged with lewd 
electronic  mail  from  complete  strangers  and hostile messages 
from  persons  with  whom she believed she was on friendly terms. 
The messages read: "Why did you call me a worthless son-of-a ----
-  yesterday? I really thought we could be friends, but I guess I 
was  wrong";  "Hey, baby, I liked your fetish you were telling me 
about  yesterday:  call  me at home, or I'll call YOU"; and, "Why 
didn't  you  get around to telling me about your venereal disease 
sooner?".  Yet  our user has not called this BBS in weeks and has 
never  made  any  of  these statements. Dismayed and angered, the 

---
Defamation Liability of Computerized BBS Operators
& Problems of Proof          (C) 1989 John R. Kahn              2
----------------------

user  comes  to  realize  that  she is the victim of computerized 
bulletin board abuse.

         A  personal  computer  hobbyist  (hereafter "SYSOP") who 
operates  a  computerized bulletin board system notices a rash of 
heated  arguments, profanity and complaints being reported to him 
by  users  on  what had been a forum for the peaceful exchange of 
ideas.   Investigating   the   complaints,   he   discovers  that 
previously     responsible     users     have     suddenly    and 
uncharacteristically  been  leaving  insulting,  rude  and  false 
messages  about other users on the bulletin board. One user is so 
enraged   about   a   public   message  accusing  her  of  sexual 
misadventures  that  she  is  threatening  to  sue  the  computer 
hobbyist  in  libel  for  having permitted the message to appear. 
The  SYSOP  realizes  that  both  he  and  his  subscribers  have 
suffered computerized bulletin board abuse.

         The  aggravating  force behind both the above situations 
is   most   likely   a   third  user  (known  hereafter  as  "the 
masquerader")   who   maliciously   exploits  both  his  computer 
knowledge  and  his  access  to  BBSes. Since the masquerader has 
discovered  the  password  and name of the regular user, and uses 
them  to  access  bulletin boards, he appears for all intents and 
purposes  to  be that regular user. The computer thus believes it 
has  admitted a legitimate subscriber to its database when it has 
in  fact  given  almost  free  reign  to  a  reckless hacker. The 
masquerader,  posing  as another legitimate user, is then free to 
portray  that  user  in  whatever  light  he  pleases and also to 
harass other users of the bulletin board.

---
Defamation Liability of Computerized BBS Operators
& Problems of Proof          (C) 1989 John R. Kahn              3
----------------------


         When  validated  users  later discover that someone else 
has   been  impersonating  them,  they  invariably  cancel  their 
subscriptions  to  that  BBS  and often bring a defamation action 
against   its  SYSOP  for  the  smearing  of  their  good  names. 
Conversely,   the   SYSOP,  in  an  effort  to  avoid  liability, 
reluctantly  engages  in  monitoring  each  and  every  piece  of 
information  posted  daily  by  hundreds  of  users. If the SYSOP 
chooses  instead  to  stop  running  his  BBS altogether, another 
efficient and valuable forum for ideas is lost.

         What  sort of defamation action may be maintained by the 
wrongfully  disparaged  user?  Is the computerized bulletin board 
offered  by  the  SYSOP  subject to the stricter self-scrutiny of 
newspapers,  or  does  it operate under some lesser standard? How 
may  the  initial  party  at  fault  -  the masquerader - be held 
accountable for his computerized torts?

         The  scope  of  this  Comment  will  be  to  examine the 
defamation   liability   of   computerized   BBS   operators  and 
evidentiary  proof  issues  that  arise  in  tracing computerized 
defamation  to  its  true  source.  Other possible Tort causes of 
action  -  intentional infliction of emotional distress, invasion 
of  privacy,  trespass  to  chattels  -  are not addressed. It is 
assumed  throughout  that  the  plaintiff is a private person and 
that  the issues involved are not matters of "public interest" as 
defined in Gertz v. Robert Welch, Inc.1


    A.   Background

         Computerized  BBSes exist as a quick, easy and efficient 
way   to  acquire  and  exchange  information  about  the  entire 

---
Defamation Liability of Computerized BBS Operators
& Problems of Proof          (C) 1989 John R. Kahn              4
----------------------

spectrum   of   interests.2   The  growing  popularity  of  these 
electronic  forums  was  demonstrated  in  a  recent  study which 
numbered  BBSes  at  more  than  3,500  nationwide.3 The size and 
complexity  of  computerized  BBSes  range from relatively simple 
programs,  run  on  privately-owned  microcomputers  with  a  few 
hundred  subscribers,  to vast, multi-topic database systems with 
nationwide lists of subscribers and operated for profit.4

         The  process  of  reaching,  or "accessing" one of these 
bulletin  boards  is  quite  simple:  all  that  is required is a 
computer,   a  computer  program  that  allows  the  computer  to 
communicate  over  the phone lines, and a "modem" (a device which 
converts   the   computer's   electrical  signals  into  acoustic 
impulses,  defined  infra).5  Once  she has accessed the BBS, the 
caller   is   free   to  trade  useful  non-copyrighted  computer 
programs,  exchange  ideas  on  a host of topics, post electronic 
mail  for  later reading by others, and much more.6 The ease with 
which  most  BBSes may be accessed and the wealth of interests to 
be  found  there  ensure  that they will continue to be important 
sources of information and discourse.

         However,  the speed and efficiency of computerized BBSes 
also  subject  them  to  serious, wide-ranging civil and criminal 
abuse.  Recently  a  young  computer user paralyzed several major 
computer  systems across the nation by sending a harmful computer 
program  (or  "worm")  to  them  over  telephone  lines. The worm 
quickly  replicated  itself  in  the computers' memories and thus 
decreased  their  output  capacities.7  Further, certain computer 
abusers  (known  as  "hackers") use the power of the computerized 

---
Defamation Liability of Computerized BBS Operators
& Problems of Proof          (C) 1989 John R. Kahn              5
----------------------

forum  to  ply  illegal  copies  of  copyrighted  programs,  bilk 
hundreds  of  millions  of  dollars annually from credit card and 
phone  companies, and to wrongfully access others' data files.8 A 
minority   of  other  BBSes  exist  mainly  to  circulate  racist 
ideologies.9

         What  is  more,  it now appears that the ancient tort of 
defamation  is  actively  being  practiced  through  the  use  of 
computerized   BBSes.10   Due   to   the   almost   ethereal  way 
computerized  BBSes  operate  - one person may conveniently leave 
an  electronic  message for others to respond to at their leisure 
and  there  is  no  need  for the parties to converse directly or 
even  to  know  each other11 - the risk of detection when the BBS 
is  abused  is  lower  than  that for defamation practiced in the 
print  media.12  Difficulties  arise  with  identifying  the true 
party  at  fault  and with authenticating the computer records as 
evidence  of  the  defamation.13  Adding  to  this  problem is an 
uncertainty  in  the laws concerning the appropriate liability of 
SYSOPs  for defamatory messages on their BBSes of which they were 
unaware.14


    B.   Definitions

         The  following  are  brief definitions of some important 
technical terms connected with electronic BBSes:

         SYSOP:  An  abbreviation  for "System Operator", this is 
the  individual  generally responsible for organizing information 
and  for  trouble-shooting  on  a computerized bulletin board. On 
larger  bulletin  boards  covering  hundreds  of  topics, several 
SYSOPS  may  be in charge of maintaining information contained in 

---
Defamation Liability of Computerized BBS Operators
& Problems of Proof          (C) 1989 John R. Kahn              6
----------------------

separate  discrete  fields.15 But when the BBS is privately owned 
and  operated,  a  single SYSOP may very well oversee all aspects 
of  the  board's  operations, in addition to being able to access 
all his users' passwords and personal information.16

         Modem:   An  abbreviation  for  "Modulator/Demodulator". 
This  is  a  device  which  links a computer to an ordinary phone 
line  and  converts computer signals to auditory phone signals. A 
computer  modem  on  the  other  end  of  the  transmission  then 
reverses  the  process.  Computers  using  modems  transfer  data 
rapidly across phone lines and thus share information.17

         Validation:  Basically  this is a set of procedures used 
by  responsible  SYSOPs  to  do everything reasonably possible to 
verify  that  the personal information supplied by a user is true 
and  correct.  Common  sense and emerging legal standards dictate 
that  the  SYSOP should not merely rely on the name provided by a 
potential  user  when  the  SYSOP  does  not personally know that 
individual.   The   SYSOP   may   be  required  to  independently 
corroborate  the  prospective  subscriber's  information by first 
asking  the  potential  user's name, address and phone number and 
then  by  checking  that information with directory assistance.18 
These  procedures  will hopefully aid the operator in identifying 
wrongdoers  if  misuse  occurs;19 however, as will be seen, these 
procedures are by no means foolproof.

         Database:  Any  collection  of  data  in  a computer for 
purposes  of  later  retrieval  and  use, i.e., names, addresses, 
phone numbers, membership codes, etc.

         User:  Anyone who accesses a computerized bulletin board 

---
Defamation Liability of Computerized BBS Operators
& Problems of Proof          (C) 1989 John R. Kahn              7
----------------------

system  and is exposed to the information stored there. Users may 
be  identified  by  their  true  names,  by an assigned numerical 
code, or by colorful "handles", or "usernames."20

         Operating  System:  This is a program which controls the 
computer's   basic  operations  and  which  recognizes  different 
computer  users  so  that their actions do not interfere with one 
another.21  For  example,  most multi-user operating systems will 
not  allow  one  user  to delete another's data unless the second 
user  gives  explicit  permission.22 BBS system software programs 
perform  this  function  through  their  use  of  "accounts"  and 
"passwords":23  private electronic mail sent to a particular user 
may  not  be read or deleted by others. The BBS' operating system 
is  also  designed  to  deny access to those attempting to log on 
under an unvalidated or unrecognized name.24

         Account/Username:   As   another   part  of  BBS  system 
security,   each   user  chooses  an  "account",  or  "username", 
consisting  of  one  to  eight  letters  or  numbers.25  The BBS' 
operating  system then will not allow commands issued by one user 
of  one  account to modify data created by another account;26 nor 
will  it  grant  access to an account that has been terminated or 
invalidated.

         Password:  Yet  another aspect of BBS system security is 
the  use  of  "passwords"  as  a  prerequisite  to  accessing the 
computer  system.  Most  operating  systems  require  the user to 
enter  both  her  account name and password to use the account.27 
Because  electronic  mail  cannot be sent without the username to 
which  it  is  being addressed, and because the account cannot be